Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/003DC1A4014C11EFB96E80F4007001B1.roa
File: 003DC1A4014C11EFB96E80F4007001B1.roa (raw, json)
Hash identifier: mwogsblPQUnDEuhaBanCjerrcC3EiBTvV8Bav6m6zOY=
Subject key identifier: 09:5A:5A:F9:65:43:3B:B4:A5:CE:42:1E:25:08:12:86:21:D1:25:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AF11
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/003DC1A4014C11EFB96E80F4007001B1.roa
Signing time: Tue 23 Apr 2024 08:32:21 +0000
ROA not before: Tue 23 Apr 2024 08:32:17 +0000
ROA not after: Sat 11 May 2024 08:32:17 +0000
asID: 9009
IP address blocks: 154.95.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 08 May 2024 00:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44817 (0xaf11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 08:32:17 2024 GMT
Not After : May 11 08:32:17 2024 GMT
Subject: CN=66277214-289b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:23:13:6c:3c:24:51:61:cf:28:83:b9:a3:dc:
c2:04:76:5a:98:95:d1:b8:06:1c:87:ec:6e:a3:27:
5e:c2:1e:44:ee:ed:4b:e4:94:8e:68:3e:cd:2e:19:
ef:bd:bb:20:19:a3:d2:75:25:c7:13:f6:5c:7b:97:
cf:d5:c4:c5:34:24:8f:18:16:49:a6:96:e7:5d:d9:
81:aa:0f:3d:bd:5c:37:52:45:51:73:24:1a:18:7d:
ae:de:5e:96:eb:1c:c4:4e:d4:cf:1e:07:1c:b1:bb:
20:85:89:80:3b:75:07:15:ec:e0:51:16:85:1f:f2:
44:a3:50:7e:92:5b:16:06:b6:70:9c:2a:b0:98:60:
d5:85:f0:d7:1a:5c:6e:ea:06:da:d7:73:56:25:cf:
84:75:7c:a8:59:38:79:dd:d3:2a:d9:a6:4d:d4:df:
f5:a2:86:f7:82:41:26:6c:f7:1c:90:86:37:53:c0:
10:0e:21:20:ee:a5:3e:96:d3:38:02:24:99:04:10:
3e:2a:1b:35:a4:7b:23:26:2c:99:0f:22:fa:4e:60:
87:fe:83:4a:e9:88:c2:56:bb:3c:82:e6:7d:25:15:
e0:07:57:ad:93:11:1d:93:c6:80:7c:e0:0e:82:d5:
c7:ed:48:fe:8c:99:fe:13:4d:97:4c:19:80:b5:0e:
42:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:5A:5A:F9:65:43:3B:B4:A5:CE:42:1E:25:08:12:86:21:D1:25:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/003DC1A4014C11EFB96E80F4007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.32.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:bd:a3:33:2e:a6:60:43:73:db:c0:8a:6d:09:c2:e3:5a:f0:
ab:3b:4e:dc:69:b4:c2:39:a8:dc:32:0a:c5:9b:1e:92:ec:f6:
02:2c:9b:c1:4c:1c:b5:a3:c2:1c:2f:01:96:ed:da:f5:a5:30:
f3:63:5d:32:10:3a:6b:5a:e5:a8:ba:59:c4:43:ac:27:c2:5c:
f1:a0:57:fe:75:0e:f5:b1:fb:a3:24:fb:ee:2c:ae:36:e1:38:
6b:c2:df:64:5b:63:d8:1e:0d:ef:f4:68:9f:31:92:e6:72:0a:
de:bc:a5:3e:1b:e8:8c:7b:5d:6a:4f:d3:e7:31:12:7c:17:a0:
ec:62:84:9a:2c:31:8c:94:22:01:76:00:b9:dc:84:db:65:df:
10:2d:9c:d4:c8:51:5e:a0:b1:86:ba:3f:4b:6a:06:43:ea:69:
fe:09:cf:81:d1:25:ee:16:e6:9b:1b:b5:a4:e1:81:0a:6f:98:
86:89:81:68:b0:89:d7:02:01:cd:df:f3:c2:88:c3:2d:db:ff:
02:a3:9f:58:5f:3a:db:8d:bf:09:18:a6:3e:fa:3b:86:59:93:
bc:18:15:a9:2b:1e:b8:50:51:6e:59:12:e2:39:06:72:f7:17:
08:e9:62:a6:7a:2b:89:5e:b7:0e:77:9c:d5:ee:83:f4:91:8b:
d1:24:dc:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK8RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDIzMDgzMjE3WhcNMjQwNTExMDgzMjE3WjAYMRYw
FAYDVQQDEw02NjI3NzIxNC0yODliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoSMTbDwkUWHPKIO5o9zCBHZamJXRuAYch+xuoydewh5E7u1L5JSOaD7N
LhnvvbsgGaPSdSXHE/Zce5fP1cTFNCSPGBZJppbnXdmBqg89vVw3UkVRcyQaGH2u
3l6W6xzETtTPHgccsbsghYmAO3UHFezgURaFH/JEo1B+klsWBrZwnCqwmGDVhfDX
Glxu6gba13NWJc+EdXyoWTh53dMq2aZN1N/1oob3gkEmbPcckIY3U8AQDiEg7qU+
ltM4AiSZBBA+Khs1pHsjJiyZDyL6TmCH/oNK6YjCVrs8guZ9JRXgB1etkxEdk8aA
fOAOgtXH7Uj+jJn+E02XTBmAtQ5CeQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAla
WvllQzu0pc5CHiUIEoYh0SVNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMDNEQzFBNDAxNEMxMUVGQjk2RTgwRjQwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCml8gMA0GCSqGSIb3DQEB
CwUAA4IBAQCsvaMzLqZgQ3PbwIptCcLjWvCrO07cabTCOajcMgrFmx6S7PYCLJvB
TBy1o8IcLwGW7dr1pTDzY10yEDprWuWoulnEQ6wnwlzxoFf+dQ71sfujJPvuLK42
4Thrwt9kW2PYHg3v9GifMZLmcgrevKU+G+iMe11qT9PnMRJ8F6DsYoSaLDGMlCIB
dgC53ITbZd8QLZzUyFFeoLGGuj9LagZD6mn+Cc+B0SXuFuabG7Wk4YEKb5iGiYFo
sInXAgHN3/PCiMMt2/8Co59YXzrbjb8JGKY++juGWZO8GBWpKx64UFFuWRLiOQZy
9xcI6WKmeiuJXrcOd5zV7oP0kYvRJNyA
-----END CERTIFICATE-----
Generated at Mon May 6 08:04:27 2024 by rpki-client on console-ams.rpki-client.org