Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E205FCE05F311EF84B0C46B017001B1.roa
File: 5E205FCE05F311EF84B0C46B017001B1.roa (raw, json)
Hash identifier: 0NacKJGyusa05Nky914hx4UXkAp0p9en5Jnm6BHQR+g=
Subject key identifier: 54:E7:15:67:74:F6:B2:60:AD:17:90:B3:42:60:BD:87:2E:87:B6:D3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B1F2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E205FCE05F311EF84B0C46B017001B1.roa
Signing time: Mon 29 Apr 2024 06:40:29 +0000
ROA not before: Mon 29 Apr 2024 06:40:25 +0000
ROA not after: Tue 04 Jun 2024 06:40:25 +0000
asID: 32558
IP address blocks: 154.205.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 May 2024 00:05:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45554 (0xb1f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 29 06:40:25 2024 GMT
Not After : Jun 4 06:40:25 2024 GMT
Subject: CN=662f40dc-8b1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:83:aa:b2:cb:38:07:65:e4:80:df:a9:a7:
c2:d5:14:ba:b6:6e:bc:df:7c:a7:8c:29:ac:2a:ab:
96:d5:84:7b:d7:c1:9a:3a:69:70:0a:98:10:0b:6d:
f3:c2:36:d6:04:30:84:b9:cd:b5:b0:85:1c:5b:75:
02:60:92:a3:9b:2c:e9:0b:1a:52:b7:fe:d2:86:ef:
1e:44:d8:c9:04:bb:23:8b:36:ef:ab:49:17:39:b3:
f5:d6:13:06:ea:9c:a5:75:37:90:d1:1a:1d:f5:1c:
77:c1:0e:75:73:fe:aa:50:fa:0c:61:30:80:49:bf:
64:aa:69:15:8a:80:9e:31:6b:43:53:bd:88:13:d2:
ce:2d:cc:87:22:d1:f2:77:5b:8a:6b:0e:db:4c:b0:
44:c8:3b:d9:9c:2b:b7:84:1a:c5:bc:9e:a7:79:37:
b5:39:fe:31:07:7d:2f:e6:d1:74:b1:58:e2:e9:75:
ee:f8:66:e3:f6:04:94:02:fe:11:01:77:9b:01:54:
af:e3:f2:0f:3a:c6:7c:18:c4:3b:6f:f5:fc:75:2b:
2a:3e:a2:38:86:d8:64:6c:f4:dd:73:79:58:cb:04:
f9:8d:3c:c5:62:ef:de:3f:5a:41:aa:8c:a9:41:3c:
b2:e6:d1:85:e4:d0:66:0d:96:be:1c:4b:89:d8:0a:
fd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E7:15:67:74:F6:B2:60:AD:17:90:B3:42:60:BD:87:2E:87:B6:D3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5E205FCE05F311EF84B0C46B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.64.0/18
Signature Algorithm: sha256WithRSAEncryption
83:4c:ad:81:90:90:b2:c7:68:de:94:92:ad:18:6e:41:95:0e:
ef:43:bc:60:61:46:2a:56:05:00:f9:a2:d1:b2:5f:4d:8a:82:
92:b2:dc:71:72:4e:e7:6b:39:52:5f:6f:29:bf:9d:6d:73:10:
10:9f:c2:1d:7c:13:e6:66:c8:32:ae:52:55:28:9e:fb:cd:25:
87:36:74:07:62:e2:a6:2d:b9:63:e5:90:0e:b4:61:23:d2:28:
3b:0c:6b:27:29:4b:0b:93:b3:bd:d5:07:51:77:b2:56:c3:bb:
90:55:fa:d1:3f:54:99:24:74:5c:2b:09:f3:58:a8:b9:72:f6:
1d:d1:d9:cf:21:0d:51:62:3d:65:f6:63:5d:87:53:00:36:ce:
7d:b6:cc:1f:91:90:ab:db:e7:e4:ee:10:2f:3a:68:63:48:c5:
d1:f1:7f:05:db:f7:91:f3:72:e4:b9:7c:85:84:ae:53:9b:2f:
bb:6c:3c:d0:3e:e2:7a:09:43:fe:47:3e:d3:02:45:4e:66:0e:
f9:0a:90:14:d3:f6:b8:04:f1:2e:3b:84:5c:d7:e3:ca:93:c9:
d0:14:d5:d0:35:cb:6f:1d:3a:1c:a1:e0:d3:07:35:da:29:bd:
c5:15:68:71:68:55:88:50:71:e8:28:bf:5e:2c:54:5b:65:e9:
f6:71:f3:27
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALHyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI5MDY0MDI1WhcNMjQwNjA0MDY0MDI1WjAYMRYw
FAYDVQQDEw02NjJmNDBkYy04YjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp0KDqrLLOAdl5IDfqafC1RS6tm6833ynjCmsKquW1YR718GaOmlwCpgQ
C23zwjbWBDCEuc21sIUcW3UCYJKjmyzpCxpSt/7Shu8eRNjJBLsjizbvq0kXObP1
1hMG6pyldTeQ0Rod9Rx3wQ51c/6qUPoMYTCASb9kqmkVioCeMWtDU72IE9LOLcyH
ItHyd1uKaw7bTLBEyDvZnCu3hBrFvJ6neTe1Of4xB30v5tF0sVji6XXu+Gbj9gSU
Av4RAXebAVSv4/IPOsZ8GMQ7b/X8dSsqPqI4hthkbPTdc3lYywT5jTzFYu/eP1pB
qoypQTyy5tGF5NBmDZa+HEuJ2Ar9kQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFTn
FWd09rJgrReQs0JgvYcuh7bTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RTIwNUZDRTA1RjMxMUVGODRCMEM0NkIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGms1AMA0GCSqGSIb3DQEB
CwUAA4IBAQCDTK2BkJCyx2jelJKtGG5BlQ7vQ7xgYUYqVgUA+aLRsl9NioKSstxx
ck7nazlSX28pv51tcxAQn8IdfBPmZsgyrlJVKJ77zSWHNnQHYuKmLblj5ZAOtGEj
0ig7DGsnKUsLk7O91QdRd7JWw7uQVfrRP1SZJHRcKwnzWKi5cvYd0dnPIQ1RYj1l
9mNdh1MANs59tswfkZCr2+fk7hAvOmhjSMXR8X8F2/eR83LkuXyFhK5Tmy+7bDzQ
PuJ6CUP+Rz7TAkVOZg75CpAU0/a4BPEuO4Rc1+PKk8nQFNXQNctvHTocoeDTBzXa
Kb3FFWhxaFWIUHHoKL9eLFRbZen2cfMn
-----END CERTIFICATE-----
Generated at Mon May 20 03:18:16 2024 by rpki-client on console-fra.rpki-client.org