Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E52DA9C408FD11EF98FA0136017001B1.roa
File: E52DA9C408FD11EF98FA0136017001B1.roa (raw, json)
Hash identifier: XJrnuTKRY+Um7SAYkIuFBVF1umSofY14Q2VVNaLcMUw=
Subject key identifier: 6B:7D:94:7A:8F:FD:01:A7:3F:10:FC:C6:03:78:CA:64:8D:33:AF:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B411
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E52DA9C408FD11EF98FA0136017001B1.roa
Signing time: Fri 03 May 2024 03:33:24 +0000
ROA not before: Fri 03 May 2024 03:33:20 +0000
ROA not after: Thu 24 Oct 2024 03:33:20 +0000
asID: 140403
IP address blocks: 154.89.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 May 2024 00:05:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46097 (0xb411)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 3 03:33:20 2024 GMT
Not After : Oct 24 03:33:20 2024 GMT
Subject: CN=66345b04-ba7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:64:e6:db:7b:fb:a8:2c:a7:cb:bd:16:41:65:
14:3d:2b:62:a4:ee:46:ec:8a:e5:9a:3e:87:ea:89:
e8:22:c2:d1:6a:73:85:95:90:3b:7e:8c:18:32:0b:
2a:75:7c:54:82:85:bd:f0:aa:63:6d:7e:c0:9c:3a:
9d:16:2b:7b:1a:10:04:05:3d:ac:84:02:b4:c7:5d:
95:00:81:68:50:cd:c7:20:ec:9a:0c:c7:e3:c2:89:
05:09:fa:a2:69:c2:fc:cf:68:e3:53:fd:28:1f:1d:
e4:19:af:28:89:dd:bc:50:28:4c:fd:95:c4:d0:f4:
20:6a:11:6c:fc:05:9b:c9:55:5d:1a:e5:5e:53:fa:
cf:ec:76:24:40:d2:95:e1:50:c4:96:37:03:49:8d:
1b:c4:c5:22:68:43:86:a3:a3:17:26:3f:8d:30:ff:
fa:3f:6c:90:b7:42:e0:c3:77:bc:5b:a9:01:2b:29:
44:b9:a5:63:05:65:f7:db:35:cb:f9:b9:56:1a:7c:
77:c2:db:7b:a1:11:b1:c8:3c:76:83:e6:b1:bf:45:
7c:5a:cd:0b:b0:08:e1:65:27:2c:9b:81:7b:8e:8d:
e7:69:64:c7:46:fd:a8:37:b7:5c:b3:8e:94:d1:47:
21:2e:a3:32:ff:78:aa:e7:58:f1:4c:98:2d:13:83:
f1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:7D:94:7A:8F:FD:01:A7:3F:10:FC:C6:03:78:CA:64:8D:33:AF:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E52DA9C408FD11EF98FA0136017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:2e:72:a7:25:5e:2b:f6:73:9e:c0:13:d5:db:98:5f:9c:54:
d8:2e:4c:99:43:33:15:dd:46:1b:6d:37:bc:1b:ba:d2:46:68:
4f:e8:ec:1a:0f:b3:24:ab:67:11:ce:14:de:aa:38:54:e2:4f:
20:64:d5:93:88:fc:0a:06:4c:aa:31:8c:84:cd:12:d8:12:ae:
be:f1:3f:ec:c8:32:c7:d2:56:db:6b:d3:21:cc:c1:df:d3:00:
fe:04:1b:85:7e:55:bf:58:00:65:2d:a9:0c:43:b3:f7:3a:cd:
d9:45:43:f2:f2:bd:93:34:59:14:22:ff:49:01:a0:a7:4a:40:
b0:45:7a:a3:80:f1:a7:95:5a:64:12:a6:d3:4c:07:a7:df:00:
fc:37:59:c9:a3:c0:27:f2:bb:55:68:cc:39:40:fe:fd:d3:a6:
f4:44:33:55:69:12:5b:12:d2:47:bf:68:a6:c3:69:c8:6d:bc:
e0:70:62:a1:d0:a8:7e:c9:9e:58:f2:8a:b7:e5:c1:df:c6:3d:
e5:d5:4f:48:cd:1b:16:2e:06:85:f4:40:91:a2:66:b7:de:91:
95:8d:d0:5a:59:ff:c0:8d:11:92:84:ed:7a:27:34:dc:41:ca:
37:35:31:49:41:61:cc:03:6e:0e:dc:10:9b:80:e7:9e:68:d5:
65:e7:b8:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALQRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTAzMDMzMzIwWhcNMjQxMDI0MDMzMzIwWjAYMRYw
FAYDVQQDEw02NjM0NWIwNC1iYTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0WTm23v7qCyny70WQWUUPStipO5G7Irlmj6H6onoIsLRanOFlZA7fowY
MgsqdXxUgoW98KpjbX7AnDqdFit7GhAEBT2shAK0x12VAIFoUM3HIOyaDMfjwokF
CfqiacL8z2jjU/0oHx3kGa8oid28UChM/ZXE0PQgahFs/AWbyVVdGuVeU/rP7HYk
QNKV4VDEljcDSY0bxMUiaEOGo6MXJj+NMP/6P2yQt0Lgw3e8W6kBKylEuaVjBWX3
2zXL+blWGnx3wtt7oRGxyDx2g+axv0V8Ws0LsAjhZScsm4F7jo3naWTHRv2oN7dc
s46U0UchLqMy/3iq51jxTJgtE4PxEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGt9
lHqP/QGnPxD8xgN4ymSNM68wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNTJEQTlDNDA4RkQxMUVGOThGQTAxMzYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlkDMA0GCSqGSIb3DQEB
CwUAA4IBAQAPLnKnJV4r9nOewBPV25hfnFTYLkyZQzMV3UYbbTe8G7rSRmhP6Owa
D7Mkq2cRzhTeqjhU4k8gZNWTiPwKBkyqMYyEzRLYEq6+8T/syDLH0lbba9MhzMHf
0wD+BBuFflW/WABlLakMQ7P3Os3ZRUPy8r2TNFkUIv9JAaCnSkCwRXqjgPGnlVpk
EqbTTAen3wD8N1nJo8An8rtVaMw5QP7906b0RDNVaRJbEtJHv2imw2nIbbzgcGKh
0Kh+yZ5Y8oq35cHfxj3l1U9IzRsWLgaF9ECRoma33pGVjdBaWf/AjRGShO16JzTc
Qco3NTFJQWHMA24O3BCbgOeeaNVl57gj
-----END CERTIFICATE-----
Generated at Mon May 20 03:18:25 2024 by rpki-client on console-fra.rpki-client.org