Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40F932180B5C11EFB8307BFA007001B1.roa
File: 40F932180B5C11EFB8307BFA007001B1.roa (raw, json)
Hash identifier: UsAcsV39sPjoeUL/oTI7KAIHYSCawwd/+inMNi0jv6Y=
Subject key identifier: B7:8B:78:8C:03:05:7E:70:7E:4C:AE:5D:16:CB:9F:BD:3A:8F:80:C1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B4EC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40F932180B5C11EFB8307BFA007001B1.roa
Signing time: Mon 06 May 2024 03:53:53 +0000
ROA not before: Mon 06 May 2024 03:53:49 +0000
ROA not after: Tue 11 Jun 2024 03:53:49 +0000
asID: 138915
IP address blocks: 154.203.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 May 2024 00:05:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46316 (0xb4ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 6 03:53:49 2024 GMT
Not After : Jun 11 03:53:49 2024 GMT
Subject: CN=66385451-040e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:95:db:75:b1:84:e5:e1:c5:b5:07:86:f8:ef:
d6:1c:bd:d3:2f:06:bc:a1:4d:41:db:56:f6:35:5e:
e9:9f:40:d9:ef:bc:f7:4a:c5:99:0c:88:9e:53:81:
bb:d1:80:ef:9a:94:20:1b:20:ec:a2:21:3e:cc:89:
5a:5e:a0:f9:fa:5d:95:24:46:bb:33:59:e6:ec:a4:
5e:03:bb:96:e8:b6:3c:2b:e1:22:1e:47:1c:0e:10:
30:e5:13:61:c0:40:b7:dd:06:83:38:4d:5b:3e:6a:
54:28:33:30:82:e8:6d:c4:05:1b:54:8e:9f:a3:81:
67:89:f8:9f:4b:a1:69:0c:9a:7a:80:2c:55:59:5e:
bc:17:34:3a:50:53:81:fd:5a:71:78:2c:7f:76:2f:
40:3b:7a:b0:7e:f2:34:9a:8e:65:6f:24:da:ce:d9:
bb:34:72:c7:b5:ea:63:d3:43:aa:ad:dc:99:48:e1:
51:f1:57:59:aa:89:04:54:53:6b:58:c9:51:2d:09:
1e:d0:cd:a2:36:88:db:75:a7:f0:c1:34:bf:0d:32:
47:57:39:72:ac:cc:0d:da:bc:d3:8f:f6:ed:a9:67:
b1:f0:57:1a:6e:10:dd:d8:f3:b5:61:54:00:3d:08:
19:83:d7:e1:55:c8:0a:6e:b7:6b:64:51:69:5f:46:
f3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:8B:78:8C:03:05:7E:70:7E:4C:AE:5D:16:CB:9F:BD:3A:8F:80:C1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40F932180B5C11EFB8307BFA007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.138.0/24
Signature Algorithm: sha256WithRSAEncryption
96:da:1c:35:0a:99:6b:9c:ab:64:7c:d2:fb:09:d0:68:d1:34:
29:f1:19:dd:af:12:53:cc:d7:d0:72:09:7e:59:63:81:35:30:
7e:eb:b3:f0:3c:08:b6:fb:27:30:d4:e9:04:35:73:ba:30:cc:
ef:73:4d:72:7e:84:75:65:ec:40:4d:be:4b:fb:b6:2c:af:8d:
e2:b6:a9:b9:74:be:b8:da:2e:9f:ae:f7:6a:6e:dd:6e:b7:59:
16:07:f8:32:aa:0d:ff:0f:02:8c:ae:57:3f:e1:da:e6:70:d7:
60:df:36:fa:64:88:cf:49:67:27:1a:4b:39:1c:3b:4d:20:2a:
45:c2:b6:fe:b4:41:b8:c4:fc:57:05:c5:16:8b:46:58:94:9c:
2c:b1:16:4a:b7:ca:88:7e:bd:47:58:5d:2b:ef:27:25:1f:20:
cb:f8:24:f1:c8:c4:c1:6a:7a:22:e4:50:46:00:c8:65:ac:f8:
f6:a7:eb:02:34:c4:6b:ba:cc:e3:e1:fe:bf:08:42:5c:4b:20:
63:6a:a2:f6:31:bc:fd:c7:87:c9:3a:14:d4:47:97:bd:4b:93:
63:b6:9f:2e:67:0f:d7:41:e4:03:7e:90:dd:d0:3f:12:63:d4:
44:f2:30:1f:8f:2b:2d:b2:3b:f6:08:e4:52:01:47:77:1f:8a:
18:48:b7:11
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALTsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTA2MDM1MzQ5WhcNMjQwNjExMDM1MzQ5WjAYMRYw
FAYDVQQDEw02NjM4NTQ1MS0wNDBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxpXbdbGE5eHFtQeG+O/WHL3TLwa8oU1B21b2NV7pn0DZ77z3SsWZDIie
U4G70YDvmpQgGyDsoiE+zIlaXqD5+l2VJEa7M1nm7KReA7uW6LY8K+EiHkccDhAw
5RNhwEC33QaDOE1bPmpUKDMwguhtxAUbVI6fo4FnififS6FpDJp6gCxVWV68FzQ6
UFOB/VpxeCx/di9AO3qwfvI0mo5lbyTaztm7NHLHtepj00OqrdyZSOFR8VdZqokE
VFNrWMlRLQke0M2iNojbdafwwTS/DTJHVzlyrMwN2rzTj/btqWex8FcabhDd2PO1
YVQAPQgZg9fhVcgKbrdrZFFpX0bzkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLeL
eIwDBX5wfkyuXRbLn706j4DBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MEY5MzIxODBCNUMxMUVGQjgzMDdCRkEwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuKMA0GCSqGSIb3DQEB
CwUAA4IBAQCW2hw1CplrnKtkfNL7CdBo0TQp8RndrxJTzNfQcgl+WWOBNTB+67Pw
PAi2+ycw1OkENXO6MMzvc01yfoR1ZexATb5L+7Ysr43itqm5dL642i6frvdqbt1u
t1kWB/gyqg3/DwKMrlc/4drmcNdg3zb6ZIjPSWcnGks5HDtNICpFwrb+tEG4xPxX
BcUWi0ZYlJwssRZKt8qIfr1HWF0r7yclHyDL+CTxyMTBanoi5FBGAMhlrPj2p+sC
NMRruszj4f6/CEJcSyBjaqL2Mbz9x4fJOhTUR5e9S5Njtp8uZw/XQeQDfpDd0D8S
Y9RE8jAfjystsjv2CORSAUd3H4oYSLcR
-----END CERTIFICATE-----
Generated at Mon May 20 03:18:14 2024 by rpki-client on console-fra.rpki-client.org