Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/5DCB92C6C4D211EE8BD1A065775412E6.roa
File: 5DCB92C6C4D211EE8BD1A065775412E6.roa (raw, json)
Hash identifier: PsrWGlKMnmYkcFOTAbq8GoiP2U6q8o3llEg2ATal3EM=
Subject key identifier: 8D:9D:5C:81:45:CE:22:CF:72:75:A5:8F:80:81:C7:FB:E8:2B:EA:51
Certificate issuer: /CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Certificate serial: 29
Authority key identifier: FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/5DCB92C6C4D211EE8BD1A065775412E6.roa
Signing time: Tue 06 Feb 2024 09:30:29 +0000
ROA not before: Tue 06 Feb 2024 09:30:26 +0000
ROA not after: Sat 06 Feb 2027 09:30:26 +0000
asID: 36905
IP address blocks: 154.126.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.mft
rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41 (0x29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Validity
Not Before: Feb 6 09:30:26 2024 GMT
Not After : Feb 6 09:30:26 2027 GMT
Subject: CN=65c1fc35-864a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d0:10:57:ad:c1:8f:4d:b4:1e:a0:7c:00:19:
be:75:bb:4b:75:f5:27:9f:b9:d5:bc:09:44:23:8c:
c1:4a:67:6b:12:41:a5:a6:ee:51:38:52:e0:ae:b1:
69:77:f0:be:f5:2c:17:71:68:1d:9f:39:c8:c4:14:
8e:d6:ad:6d:93:b4:3d:02:4b:fa:88:7c:21:3b:4c:
31:e2:cf:ca:f7:a4:94:50:2e:a9:6b:21:e9:02:1d:
7d:bf:c8:3f:45:4b:21:4f:f2:bc:67:ce:d0:64:a1:
9b:6d:e1:80:13:75:85:57:89:5f:36:ad:ed:15:58:
45:fc:32:39:75:96:86:b7:d9:61:d3:b0:f6:cf:52:
53:a8:1c:11:9e:0c:45:35:db:1e:fa:4e:d3:b0:57:
8a:fe:0a:10:61:80:44:64:5c:77:72:aa:59:22:3c:
59:4c:39:c7:70:aa:70:4e:9e:8a:c2:cd:05:c4:bc:
a4:3b:76:8b:ea:03:38:70:a3:90:58:2d:73:1f:de:
3f:4a:a0:13:71:4c:b3:86:df:63:bb:75:03:d3:4a:
9e:5e:5c:c6:fa:be:54:3b:ce:74:31:e3:c1:ea:db:
12:bd:b9:3b:3f:e9:71:14:76:db:f7:e9:6f:11:c4:
19:e1:9a:2d:51:68:05:db:a5:9b:0d:27:5c:a3:5b:
6e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9D:5C:81:45:CE:22:CF:72:75:A5:8F:80:81:C7:FB:E8:2B:EA:51
X509v3 Authority Key Identifier:
keyid:FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/5DCB92C6C4D211EE8BD1A065775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.126.178.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d9:72:94:9c:87:ce:4e:66:68:da:43:e0:1f:0f:2e:8c:54:
88:74:a9:c5:d3:c1:fe:8b:05:27:43:de:53:ca:38:11:d7:3a:
01:f1:30:49:bb:5d:2f:22:c8:9f:55:67:db:9c:8e:17:d6:7d:
6d:34:6b:c3:12:ca:b9:e7:7c:d8:76:82:91:c6:b4:5f:be:89:
71:46:6d:5d:ae:39:64:b7:92:4a:72:72:f2:cc:34:89:4d:61:
95:43:e8:1f:da:3c:6c:fd:ac:0e:ae:da:0a:63:ed:ae:3f:e8:
e2:b1:35:1e:77:7d:04:8d:7e:ec:2a:fb:c3:85:5b:41:b6:3e:
5b:16:97:80:38:ad:10:2c:88:8e:3a:b5:62:2f:01:aa:ed:92:
45:bb:47:0c:f4:72:93:71:31:f2:f3:d2:a3:2e:b3:8b:7c:41:
e2:6b:ff:04:f4:ea:2f:b9:30:8d:55:8a:90:67:52:08:3a:e5:
f4:06:fc:2d:93:4a:37:83:d4:be:2a:9a:79:3b:0a:9f:27:b7:
f2:a6:83:af:0c:83:56:5c:5a:65:0e:0c:e4:8e:7f:99:41:ec:
37:66:57:bd:da:6b:69:77:ca:42:d8:c9:46:11:82:02:56:48:
ae:5b:fe:e9:39:d8:9b:de:da:e4:22:af:14:9e:14:8d:cb:bc:
a0:5d:18:f3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBKTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NUQyQ0FGMTEwLwYDVQQFEyhGREY0QkYwMDEzQjFGMUFBQ0EzOTU1MUJBNjI2Q0Ey
NDY4M0RBRTY2MB4XDTI0MDIwNjA5MzAyNloXDTI3MDIwNjA5MzAyNlowGDEWMBQG
A1UEAxMNNjVjMWZjMzUtODY0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTQEFetwY9NtB6gfAAZvnW7S3X1J5+51bwJRCOMwUpnaxJBpabuUThS4K6x
aXfwvvUsF3FoHZ85yMQUjtatbZO0PQJL+oh8ITtMMeLPyveklFAuqWsh6QIdfb/I
P0VLIU/yvGfO0GShm23hgBN1hVeJXzat7RVYRfwyOXWWhrfZYdOw9s9SU6gcEZ4M
RTXbHvpO07BXiv4KEGGARGRcd3KqWSI8WUw5x3CqcE6eisLNBcS8pDt2i+oDOHCj
kFgtcx/eP0qgE3FMs4bfY7t1A9NKnl5cxvq+VDvOdDHjwerbEr25Oz/pcRR22/fp
bxHEGeGaLVFoBdulmw0nXKNbbrMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSNnVyB
Rc4iz3J1pY+Agcf76CvqUTAfBgNVHSMEGDAWgBT99L8AE7Hxqso5VRumJsokaD2u
ZjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1NDEyRTYvX2ZTX0FC
T3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX2ZTX0FCT3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1
NDEyRTYvNURDQjkyQzZDNEQyMTFFRThCRDFBMDY1Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJp+sjANBgkqhkiG9w0BAQsF
AAOCAQEALdlylJyHzk5maNpD4B8PLoxUiHSpxdPB/osFJ0PeU8o4Edc6AfEwSbtd
LyLIn1Vn25yOF9Z9bTRrwxLKued82HaCkca0X76JcUZtXa45ZLeSSnJy8sw0iU1h
lUPoH9o8bP2sDq7aCmPtrj/o4rE1Hnd9BI1+7Cr7w4VbQbY+WxaXgDitECyIjjq1
Yi8Bqu2SRbtHDPRyk3Ex8vPSoy6zi3xB4mv/BPTqL7kwjVWKkGdSCDrl9Ab8LZNK
N4PUviqaeTsKnye38qaDrwyDVlxaZQ4M5I5/mUHsN2ZXvdpraXfKQtjJRhGCAlZI
rlv+6TnYm97a5CKvFJ4Ujcu8oF0Y8w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org