Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F3430204E711EFB8B8B85B017001B1.roa
File: D0F3430204E711EFB8B8B85B017001B1.roa (raw, json)
Hash identifier: QOWkV80lnhpGc2jzrRFLB0OxMLX9xM4xasGOCpid+Qc=
Subject key identifier: 34:8A:77:53:9A:10:D5:95:C7:1F:76:67:EC:32:6A:4D:B0:6E:91:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B1BE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F3430204E711EFB8B8B85B017001B1.roa
Signing time: Sat 27 Apr 2024 22:45:16 +0000
ROA not before: Sat 27 Apr 2024 22:45:10 +0000
ROA not after: Sat 25 May 2024 22:45:10 +0000
asID: 26617
IP address blocks: 154.202.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 May 2024 00:05:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45502 (0xb1be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 27 22:45:10 2024 GMT
Not After : May 25 22:45:10 2024 GMT
Subject: CN=662d7ffc-bf15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:66:71:5f:4f:77:45:88:ab:74:18:d0:98:63:
53:8f:45:41:d9:ae:48:88:90:0c:b2:14:5e:66:5c:
1b:5f:3c:1c:b7:75:43:00:b6:67:5e:fa:f3:f1:11:
c4:b8:d4:4f:7c:4d:8b:ab:38:44:01:b7:25:65:d2:
ff:c7:a6:6e:10:3e:1c:fe:8e:cb:d4:8f:14:e4:e7:
98:2a:3d:e8:85:06:6a:bb:a3:76:d2:eb:60:63:9b:
e3:a9:86:48:68:e1:25:1a:7a:86:39:38:30:76:79:
ab:f7:d9:58:ff:4e:86:5a:ad:06:a7:98:45:36:b5:
5f:e2:bf:75:cd:fb:12:d3:d8:5e:73:fd:93:41:d4:
16:f5:94:c1:63:3d:e2:43:b9:bf:d3:45:1a:05:bc:
f4:f6:93:d4:dd:e7:ad:b6:09:bd:aa:c5:e7:fc:c7:
d4:95:9f:8e:57:8d:96:df:a2:ec:4c:77:ff:78:bf:
54:46:6a:47:70:52:c3:74:1c:fd:51:2a:e3:b9:43:
f0:a7:d5:6b:56:ba:54:cb:f8:0e:66:71:eb:5c:ba:
7f:dd:97:ec:bc:d4:1f:cd:44:69:af:ca:36:8b:59:
83:44:19:d1:52:a5:6d:c9:d4:35:1b:90:1c:64:8d:
8c:e3:9e:70:a5:db:a8:4f:1b:0d:af:8b:91:37:62:
5a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8A:77:53:9A:10:D5:95:C7:1F:76:67:EC:32:6A:4D:B0:6E:91:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D0F3430204E711EFB8B8B85B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.6.0/24
Signature Algorithm: sha256WithRSAEncryption
00:5f:a0:1e:16:4d:c9:b7:70:53:d3:df:d7:48:61:46:98:ed:
32:ca:b0:f0:cd:15:b1:29:60:0d:8f:ff:b2:a0:66:7f:a1:3d:
e0:05:f6:d1:bf:9b:34:60:d9:7e:84:13:ff:6a:dc:b9:7d:cd:
2e:32:05:46:10:72:47:bc:c1:13:a1:d6:88:ab:7a:f6:d9:22:
b5:4c:24:67:31:80:46:6d:58:fb:1c:44:95:c4:10:1b:1a:0a:
6d:ca:62:57:6f:fa:80:fd:78:6e:4c:41:5d:2e:49:fb:70:af:
8e:8e:07:76:6e:17:dc:15:05:e1:85:8a:8c:1c:e0:9e:74:d4:
f6:b4:f4:c3:e0:68:9d:f0:7b:c5:99:7a:42:9b:a1:cb:8c:b1:
0f:db:54:de:18:15:59:ef:68:47:c1:18:ab:22:9d:79:a8:8f:
f0:75:d5:67:96:26:d3:55:ff:ae:6b:b6:fe:ac:2c:6b:a5:a5:
bf:cd:35:c3:8c:6b:39:98:f7:70:b5:30:f9:fc:39:5a:11:76:
56:24:d6:8d:e7:e8:70:a0:ac:75:60:40:68:5d:eb:45:7d:54:
d9:2f:9d:fb:86:5f:db:8e:69:bc:12:90:5b:1a:a9:c9:6c:da:
92:99:89:cc:7c:bd:d7:38:b1:96:46:c7:d0:00:11:7c:d9:96:
38:e3:07:de
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALG+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI3MjI0NTEwWhcNMjQwNTI1MjI0NTEwWjAYMRYw
FAYDVQQDEw02NjJkN2ZmYy1iZjE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvmZxX093RYirdBjQmGNTj0VB2a5IiJAMshReZlwbXzwct3VDALZnXvrz
8RHEuNRPfE2LqzhEAbclZdL/x6ZuED4c/o7L1I8U5OeYKj3ohQZqu6N20utgY5vj
qYZIaOElGnqGOTgwdnmr99lY/06GWq0Gp5hFNrVf4r91zfsS09hec/2TQdQW9ZTB
Yz3iQ7m/00UaBbz09pPU3eettgm9qsXn/MfUlZ+OV42W36LsTHf/eL9URmpHcFLD
dBz9USrjuUPwp9VrVrpUy/gOZnHrXLp/3ZfsvNQfzURpr8o2i1mDRBnRUqVtydQ1
G5AcZI2M455wpduoTxsNr4uRN2JaxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDSK
d1OaENWVxx92Z+wyak2wbpGPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMEYzNDMwMjA0RTcxMUVGQjhCOEI4NUIwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsoGMA0GCSqGSIb3DQEB
CwUAA4IBAQAAX6AeFk3Jt3BT09/XSGFGmO0yyrDwzRWxKWANj/+yoGZ/oT3gBfbR
v5s0YNl+hBP/aty5fc0uMgVGEHJHvMETodaIq3r22SK1TCRnMYBGbVj7HESVxBAb
GgptymJXb/qA/XhuTEFdLkn7cK+Ojgd2bhfcFQXhhYqMHOCedNT2tPTD4Gid8HvF
mXpCm6HLjLEP21TeGBVZ72hHwRirIp15qI/wddVnlibTVf+ua7b+rCxrpaW/zTXD
jGs5mPdwtTD5/DlaEXZWJNaN5+hwoKx1YEBoXetFfVTZL537hl/bjmm8EpBbGqnJ
bNqSmYnMfL3XOLGWRsfQABF82ZY44wfe
-----END CERTIFICATE-----
Generated at Mon May 20 03:18:24 2024 by rpki-client on console-fra.rpki-client.org