Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/552B0CB24E4A11EF9C1287A1762E951A.roa
File: 552B0CB24E4A11EF9C1287A1762E951A.roa (raw, json)
Hash identifier: ANGfbKWMdxkBVOEgTLWb8f2t0EncLXdTkOMLDF9fXTQ=
Subject key identifier: AA:9A:F4:40:AD:DD:78:B8:8F:50:24:7B:29:9B:97:E7:4E:E3:19:D4
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1767
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/552B0CB24E4A11EF9C1287A1762E951A.roa
Signing time: Tue 30 Jul 2024 08:04:24 +0000
ROA not before: Tue 30 Jul 2024 08:04:20 +0000
ROA not after: Thu 30 Jul 2026 08:04:20 +0000
asID: 14670
IP address blocks: 154.16.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5991 (0x1767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Jul 30 08:04:20 2024 GMT
Not After : Jul 30 08:04:20 2026 GMT
Subject: CN=66a89e87-9ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:19:b8:d0:49:83:b0:c8:b8:a8:2f:e6:2b:90:
45:0b:4e:1d:4b:d4:41:4b:39:69:e3:8e:0d:72:7d:
f0:cc:c4:bc:f3:7d:0c:9c:c6:be:ab:b5:08:49:7b:
81:76:4e:18:21:d1:a2:5e:45:a9:9a:72:90:2e:83:
ed:3b:5d:e6:81:fb:29:df:2f:d4:d5:21:c3:50:51:
42:4d:64:97:84:73:a5:53:8e:d6:6a:9c:d6:7c:11:
03:2f:a6:bd:3f:3a:33:28:06:c0:72:6c:38:d2:6d:
5b:3e:40:74:41:e9:d2:ce:27:d9:9f:ff:c5:55:ca:
f0:ba:48:d3:6b:8e:ba:2e:1b:99:bf:cc:2e:3f:bb:
d0:9d:88:c8:ff:a8:f4:fd:8c:77:ad:50:fb:fd:a7:
55:7f:36:59:c9:f7:03:03:ac:00:d6:93:e1:d4:f1:
e2:08:a2:bb:1a:6a:b4:f1:8a:8e:f3:e1:da:e8:09:
28:f7:61:e7:3e:34:df:7a:39:93:13:d7:80:92:8f:
24:e6:82:13:47:a2:33:9a:59:b7:86:2b:fe:8e:81:
95:d1:4a:f7:02:86:95:1c:98:01:e6:e2:c3:cc:5a:
76:08:d7:a4:8a:e0:d3:57:47:a2:58:7b:6b:07:ac:
7a:c3:e7:1a:57:95:29:f4:e2:87:bc:d1:1c:b7:87:
01:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9A:F4:40:AD:DD:78:B8:8F:50:24:7B:29:9B:97:E7:4E:E3:19:D4
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/552B0CB24E4A11EF9C1287A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.144.0/22
Signature Algorithm: sha256WithRSAEncryption
70:ca:94:04:b1:be:37:54:19:15:f5:c8:73:4a:c2:4c:40:e2:
ea:b7:52:c6:a0:13:1a:4c:5d:ec:e9:9c:60:11:d1:0b:2a:fc:
b2:33:c6:7e:e1:f6:82:5d:98:05:51:bb:24:a5:76:7e:6e:d7:
5b:c8:50:63:ce:b3:b7:46:cd:de:fb:23:21:dc:20:b2:bd:88:
50:23:e1:31:cf:2f:17:73:11:7f:16:e3:7e:de:72:ac:be:cd:
72:71:dd:94:a3:65:e9:5e:58:6e:2b:71:8b:4c:01:70:9b:c0:
c2:9a:31:80:1c:54:ab:d6:a6:cd:43:fa:46:fe:2d:06:9a:2a:
f2:94:d4:5f:ed:23:5e:a3:1b:b5:31:23:66:54:9e:f7:7a:cb:
1f:cd:61:15:05:c7:7b:ce:25:81:8e:3c:b4:6a:1d:1c:10:fa:
50:df:53:47:0e:b0:f5:78:f1:3c:5b:e8:a7:4c:36:a6:85:63:
7e:c7:c5:34:aa:45:e4:1f:6a:45:15:c6:97:05:ab:6d:24:34:
12:ec:25:a1:f9:a0:36:04:97:bd:c5:78:33:71:9e:c0:f3:3f:
4c:d3:d7:fc:20:ee:d2:db:b8:ac:c0:51:c0:28:f9:df:03:83:
9d:eb:96:6e:78:55:9c:69:62:15:3c:1c:90:cb:74:0a:07:50:
78:5c:34:0a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICF2cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA3MzAwODA0MjBaFw0yNjA3MzAwODA0MjBaMBgxFjAU
BgNVBAMTDTY2YTg5ZTg3LTliYTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCtGbjQSYOwyLioL+YrkEULTh1L1EFLOWnjjg1yffDMxLzzfQycxr6rtQhJ
e4F2Thgh0aJeRamacpAug+07XeaB+ynfL9TVIcNQUUJNZJeEc6VTjtZqnNZ8EQMv
pr0/OjMoBsBybDjSbVs+QHRB6dLOJ9mf/8VVyvC6SNNrjrouG5m/zC4/u9CdiMj/
qPT9jHetUPv9p1V/NlnJ9wMDrADWk+HU8eIIorsaarTxio7z4droCSj3Yec+NN96
OZMT14CSjyTmghNHojOaWbeGK/6OgZXRSvcChpUcmAHm4sPMWnYI16SK4NNXR6JY
e2sHrHrD5xpXlSn04oe80Ry3hwFTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUqpr0
QK3deLiPUCR7KZuX507jGdQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU1MkIwQ0IyNEU0QTExRUY5QzEyODdBMTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKaEJAwDQYJKoZIhvcNAQEL
BQADggEBAHDKlASxvjdUGRX1yHNKwkxA4uq3UsagExpMXezpnGAR0Qsq/LIzxn7h
9oJdmAVRuySldn5u11vIUGPOs7dGzd77IyHcILK9iFAj4THPLxdzEX8W437ecqy+
zXJx3ZSjZeleWG4rcYtMAXCbwMKaMYAcVKvWps1D+kb+LQaaKvKU1F/tI16jG7Ux
I2ZUnvd6yx/NYRUFx3vOJYGOPLRqHRwQ+lDfU0cOsPV48Txb6KdMNqaFY37HxTSq
ReQfakUVxpcFq20kNBLsJaH5oDYEl73FeDNxnsDzP0zT1/wg7tLbuKzAUcAo+d8D
g53rlm54VZxpYhU8HJDLdAoHUHhcNAo=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:22 2024 by rpki-client on console-ams.rpki-client.org