Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/D4A143FEC4D311EE8C6C1968775412E6.roa
File: D4A143FEC4D311EE8C6C1968775412E6.roa (raw, json)
Hash identifier: AgQ0WKMr6LdRsNIoXgyHASIpWGf5jCQAlVVsb6zmYZ8=
Subject key identifier: E7:96:81:28:53:F9:FB:1B:12:85:8B:57:95:28:65:63:2A:2D:E5:39
Certificate issuer: /CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Certificate serial: 3D
Authority key identifier: FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/D4A143FEC4D311EE8C6C1968775412E6.roa
Signing time: Tue 06 Feb 2024 09:40:58 +0000
ROA not before: Tue 06 Feb 2024 09:40:55 +0000
ROA not after: Sat 06 Feb 2027 09:40:55 +0000
asID: 36905
IP address blocks: 154.126.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.mft
rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61 (0x3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Validity
Not Before: Feb 6 09:40:55 2024 GMT
Not After : Feb 6 09:40:55 2027 GMT
Subject: CN=65c1feaa-6141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:f8:89:4e:c5:f0:1c:55:e0:33:45:96:c6:66:
c0:65:d7:50:a5:2c:16:24:f3:2d:b4:3a:f4:03:d1:
04:70:b9:64:95:8b:2b:28:c0:ec:e5:77:76:ba:33:
b1:dc:67:ce:11:29:e9:0c:48:a3:44:f9:b2:8b:8c:
4f:bd:20:de:b2:5d:26:04:be:2d:07:d9:a8:9c:5c:
9c:74:d7:0a:16:04:1a:1e:f0:34:50:be:be:54:29:
09:30:20:6c:23:f7:90:31:60:b9:5d:51:86:68:55:
cf:90:f0:c4:51:56:0a:62:53:0e:2b:72:c3:33:3e:
cc:9d:60:56:6d:39:3e:37:18:ff:49:0a:2b:c2:2e:
d7:38:5b:90:3b:cb:0a:5f:66:c4:0e:53:5f:a6:f7:
cd:28:5b:c3:0c:16:83:5b:df:46:57:e2:1e:a7:53:
b8:c7:00:40:16:d4:b2:5a:cc:1c:fd:82:e7:da:3c:
09:bc:b1:41:85:74:b2:1f:53:28:94:0e:43:df:29:
d8:7b:de:c7:32:ec:b6:72:21:b4:7f:8d:d3:e9:a2:
81:3d:49:8b:3e:b6:7d:72:0c:37:3a:81:20:cc:1d:
3e:ed:ce:be:cc:ea:ab:20:1a:88:3f:73:23:8c:81:
28:da:88:94:4d:09:e4:42:47:70:ae:a3:46:8f:0a:
dc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:96:81:28:53:F9:FB:1B:12:85:8B:57:95:28:65:63:2A:2D:E5:39
X509v3 Authority Key Identifier:
keyid:FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/D4A143FEC4D311EE8C6C1968775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.126.186.0/24
Signature Algorithm: sha256WithRSAEncryption
be:ff:d2:5d:81:c7:cb:cb:7e:bb:18:48:a7:b7:fd:0d:96:61:
b8:25:80:15:67:d5:37:d3:08:53:ee:b7:7c:f2:b9:42:74:24:
06:8e:36:21:29:20:89:7e:71:c2:be:f9:95:26:54:7b:0d:6f:
08:b8:0c:65:ac:f9:3b:03:65:6a:08:d0:02:db:3c:ed:0d:de:
a2:a2:a1:b8:a9:d7:5e:ba:f5:1b:27:49:a7:fb:36:19:a7:f9:
b7:43:6b:26:c9:d5:27:f5:1c:cd:89:f0:24:98:38:a8:63:6c:
c4:f3:b5:d9:5f:33:c3:97:19:bf:3a:45:98:ba:ce:eb:e0:7a:
3f:b6:17:b2:7e:f6:57:d9:3b:f2:9d:b8:4d:0b:20:ab:c0:ad:
b7:f9:63:bd:2c:4a:f4:08:67:35:1a:f4:49:93:b2:42:dd:75:
5c:73:12:ab:c0:53:18:9d:cb:d1:4d:ba:16:71:93:f2:7b:49:
b2:43:4f:5e:91:86:14:92:7d:b2:f8:e2:3e:19:a6:61:e5:1e:
47:00:51:81:a5:a5:6e:49:c5:8e:f6:e6:29:00:5d:e7:f3:94:
71:ff:2e:f3:d9:82:07:23:9d:9c:da:95:8d:2e:84:f2:3d:39:
ca:4f:45:f9:da:80:ac:ad:58:70:0d:b5:c4:b6:d7:14:fc:89:
cf:64:4b:9c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBPTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NUQyQ0FGMTEwLwYDVQQFEyhGREY0QkYwMDEzQjFGMUFBQ0EzOTU1MUJBNjI2Q0Ey
NDY4M0RBRTY2MB4XDTI0MDIwNjA5NDA1NVoXDTI3MDIwNjA5NDA1NVowGDEWMBQG
A1UEAxMNNjVjMWZlYWEtNjE0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAP74iU7F8BxV4DNFlsZmwGXXUKUsFiTzLbQ69APRBHC5ZJWLKyjA7OV3droz
sdxnzhEp6QxIo0T5souMT70g3rJdJgS+LQfZqJxcnHTXChYEGh7wNFC+vlQpCTAg
bCP3kDFguV1RhmhVz5DwxFFWCmJTDitywzM+zJ1gVm05PjcY/0kKK8Iu1zhbkDvL
Cl9mxA5TX6b3zShbwwwWg1vfRlfiHqdTuMcAQBbUslrMHP2C59o8CbyxQYV0sh9T
KJQOQ98p2HvexzLstnIhtH+N0+migT1Jiz62fXIMNzqBIMwdPu3OvszqqyAaiD9z
I4yBKNqIlE0J5EJHcK6jRo8K3AsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTnloEo
U/n7GxKFi1eVKGVjKi3lOTAfBgNVHSMEGDAWgBT99L8AE7Hxqso5VRumJsokaD2u
ZjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1NDEyRTYvX2ZTX0FC
T3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX2ZTX0FCT3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1
NDEyRTYvRDRBMTQzRkVDNEQzMTFFRThDNkMxOTY4Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJp+ujANBgkqhkiG9w0BAQsF
AAOCAQEAvv/SXYHHy8t+uxhIp7f9DZZhuCWAFWfVN9MIU+63fPK5QnQkBo42ISkg
iX5xwr75lSZUew1vCLgMZaz5OwNlagjQAts87Q3eoqKhuKnXXrr1GydJp/s2Gaf5
t0NrJsnVJ/UczYnwJJg4qGNsxPO12V8zw5cZvzpFmLrO6+B6P7YXsn72V9k78p24
TQsgq8Ctt/ljvSxK9AhnNRr0SZOyQt11XHMSq8BTGJ3L0U26FnGT8ntJskNPXpGG
FJJ9svjiPhmmYeUeRwBRgaWlbknFjvbmKQBd5/OUcf8u89mCByOdnNqVjS6E8j05
yk9F+dqArK1YcA21xLbXFPyJz2RLnA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:35 2024 by rpki-client on console-ams.rpki-client.org