Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/2A6C3F60C4CE11EEA3D4FA5E775412E6.roa
File: 2A6C3F60C4CE11EEA3D4FA5E775412E6.roa (raw, json)
Hash identifier: C+KA4N0o/N/27ljFsz4ZdSUMg3iOEQO8xBx9RPaXKNI=
Subject key identifier: 14:54:E7:97:F1:FE:A2:16:A7:21:22:7C:F9:D4:8C:58:8A:A0:80:80
Certificate issuer: /CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Certificate serial: 15
Authority key identifier: FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/2A6C3F60C4CE11EEA3D4FA5E775412E6.roa
Signing time: Tue 06 Feb 2024 09:00:25 +0000
ROA not before: Tue 06 Feb 2024 09:00:21 +0000
ROA not after: Sat 06 Feb 2027 09:00:21 +0000
asID: 36905
IP address blocks: 154.126.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.mft
rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21 (0x15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Validity
Not Before: Feb 6 09:00:21 2024 GMT
Not After : Feb 6 09:00:21 2027 GMT
Subject: CN=65c1f529-a4cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f1:d9:ab:6b:c9:c2:f6:c4:00:71:01:c4:82:
23:21:20:1a:c6:06:3d:94:51:a5:6b:58:bd:84:e9:
f9:9c:d8:2b:14:5c:7c:ce:3a:d3:7f:9a:5c:fe:25:
bb:2e:d8:05:60:ea:2f:b9:1c:73:34:e5:39:47:e6:
e9:65:30:57:a2:d2:a4:84:a9:9d:56:bf:49:83:89:
dc:0b:c8:86:90:64:0b:fa:0e:0d:1d:66:5f:07:79:
d1:e4:a6:a3:d7:10:5c:8d:7f:f4:42:ef:be:a0:d8:
a4:9a:dc:73:11:53:c0:db:0c:15:7b:78:e9:e9:a3:
6d:92:62:db:68:0b:8f:df:03:c3:c3:93:48:fc:b5:
72:66:7d:66:47:9b:84:12:2d:05:8a:0a:96:12:f6:
88:da:17:e3:c1:79:1a:f4:2e:85:ba:53:67:88:2e:
d7:fa:e8:13:00:c6:da:f0:6f:45:ee:ae:0f:2b:10:
4e:0d:11:a7:0a:6e:6e:15:fd:5e:60:be:ff:7f:87:
af:45:84:d1:ca:f6:2e:f7:2c:67:71:f5:1e:95:bf:
4f:19:14:eb:b7:b0:80:b6:23:49:22:de:0e:36:30:
bb:26:41:41:a5:ee:5c:cd:d8:2c:d9:6d:74:51:5a:
b7:dd:28:ea:7a:5f:db:5a:71:73:8f:29:39:40:9b:
3e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:54:E7:97:F1:FE:A2:16:A7:21:22:7C:F9:D4:8C:58:8A:A0:80:80
X509v3 Authority Key Identifier:
keyid:FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/2A6C3F60C4CE11EEA3D4FA5E775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.126.168.0/24
Signature Algorithm: sha256WithRSAEncryption
78:3c:0a:3b:63:9e:e1:1c:0e:83:3b:fd:7b:1c:41:a9:24:fa:
5b:25:d8:7e:1f:fb:de:a6:5a:62:e7:a3:7c:d8:5b:79:6c:83:
e4:1e:8f:b5:1a:7d:f8:d7:37:10:4b:90:7c:49:38:93:b3:56:
d9:29:d3:02:29:48:7a:a3:16:83:d7:c8:0e:bb:29:ff:7f:fc:
0c:7c:6a:63:c4:d4:d4:bd:3a:65:d8:e1:bc:63:29:56:16:03:
08:0f:f5:9e:fa:f4:bc:54:8e:31:2f:66:f7:d5:95:73:4b:39:
ac:3b:44:53:56:be:9d:40:c6:94:1e:32:65:ef:55:6c:b2:b6:
ae:c5:a1:ee:a4:ad:1e:55:78:71:d7:ef:53:09:a2:27:96:60:
fe:51:29:8c:f7:32:c0:d3:a3:12:86:13:45:ff:9b:c7:f4:71:
ff:03:96:5f:2b:6a:b2:16:81:b4:0f:6f:f5:5d:4c:c1:d1:de:
56:29:0c:2b:01:b4:16:1c:91:ee:09:34:14:96:56:3c:8b:0d:
b5:74:a5:c0:fa:99:66:d7:d6:01:08:c7:b6:8b:7c:39:a0:72:
88:04:66:5a:c8:ec:19:f3:ee:34:c3:49:dc:a2:8e:d8:e6:51:
b8:59:a3:1e:04:1b:cd:09:8e:ce:d2:26:d4:16:5b:cc:fe:69:
88:c9:b7:8d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NUQyQ0FGMTEwLwYDVQQFEyhGREY0QkYwMDEzQjFGMUFBQ0EzOTU1MUJBNjI2Q0Ey
NDY4M0RBRTY2MB4XDTI0MDIwNjA5MDAyMVoXDTI3MDIwNjA5MDAyMVowGDEWMBQG
A1UEAxMNNjVjMWY1MjktYTRjYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/x2atrycL2xABxAcSCIyEgGsYGPZRRpWtYvYTp+ZzYKxRcfM4603+aXP4l
uy7YBWDqL7kcczTlOUfm6WUwV6LSpISpnVa/SYOJ3AvIhpBkC/oODR1mXwd50eSm
o9cQXI1/9ELvvqDYpJrccxFTwNsMFXt46emjbZJi22gLj98Dw8OTSPy1cmZ9Zkeb
hBItBYoKlhL2iNoX48F5GvQuhbpTZ4gu1/roEwDG2vBvRe6uDysQTg0RpwpubhX9
XmC+/3+Hr0WE0cr2LvcsZ3H1HpW/TxkU67ewgLYjSSLeDjYwuyZBQaXuXM3YLNlt
dFFat90o6npf21pxc48pOUCbPrECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQUVOeX
8f6iFqchInz51IxYiqCAgDAfBgNVHSMEGDAWgBT99L8AE7Hxqso5VRumJsokaD2u
ZjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1NDEyRTYvX2ZTX0FC
T3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX2ZTX0FCT3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1
NDEyRTYvMkE2QzNGNjBDNENFMTFFRUEzRDRGQTVFNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJp+qDANBgkqhkiG9w0BAQsF
AAOCAQEAeDwKO2Oe4RwOgzv9exxBqST6WyXYfh/73qZaYuejfNhbeWyD5B6PtRp9
+Nc3EEuQfEk4k7NW2SnTAilIeqMWg9fIDrsp/3/8DHxqY8TU1L06ZdjhvGMpVhYD
CA/1nvr0vFSOMS9m99WVc0s5rDtEU1a+nUDGlB4yZe9VbLK2rsWh7qStHlV4cdfv
UwmiJ5Zg/lEpjPcywNOjEoYTRf+bx/Rx/wOWXytqshaBtA9v9V1MwdHeVikMKwG0
FhyR7gk0FJZWPIsNtXSlwPqZZtfWAQjHtot8OaByiARmWsjsGfPuNMNJ3KKO2OZR
uFmjHgQbzQmOztIm1BZbzP5piMm3jQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org