Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0357D876E77911EEB027124F775412E6.roa
File: 0357D876E77911EEB027124F775412E6.roa (raw, json)
Hash identifier: I1YhG87mE/Ad3ge00oqg1fFcp0YqM9COoV36Ivh6rDY=
Subject key identifier: CD:13:7F:14:1D:19:21:54:68:81:70:79:BB:5E:7F:F7:C6:DE:32:55
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A533
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0357D876E77911EEB027124F775412E6.roa
Signing time: Thu 21 Mar 2024 11:49:03 +0000
ROA not before: Thu 21 Mar 2024 11:48:59 +0000
ROA not after: Tue 23 Apr 2024 11:48:59 +0000
asID: 44559
IP address blocks: 154.198.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 23 Apr 2024 00:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42291 (0xa533)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 11:48:59 2024 GMT
Not After : Apr 23 11:48:59 2024 GMT
Subject: CN=65fc1eaf-2c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:91:8e:44:f8:e3:33:f8:19:b2:9d:e7:f3:04:
d1:e9:8f:43:d2:67:58:e3:d2:d5:ad:2b:1b:bb:f7:
d0:39:78:b5:83:c1:ac:fb:f6:fc:a1:da:f1:1e:43:
5f:7b:4b:c2:47:ed:17:a0:0e:0a:aa:3e:dc:8c:91:
88:55:3a:2f:0e:73:d6:14:1d:d6:41:9c:55:48:ef:
6b:4c:76:e9:8b:38:45:fb:bd:a6:9a:e4:66:da:5c:
0e:61:ff:56:3c:2f:f0:d9:84:4d:a1:97:df:01:24:
e2:a8:a1:a0:c6:67:c3:1b:9b:df:22:bb:4f:95:d7:
48:9a:56:f9:b3:f1:9e:e2:8d:6b:ce:47:f8:a3:5a:
47:56:8c:f9:b4:32:92:1c:e4:da:a1:00:8f:f6:f9:
3a:e2:ab:4a:71:87:40:20:5b:21:b0:4c:39:ba:89:
56:cb:45:e7:d4:cf:ed:86:1c:54:92:92:a4:99:f1:
d7:5a:89:f2:ae:5c:5d:ef:9f:da:f8:06:4a:de:54:
74:48:5f:a6:8f:27:e9:89:7d:d6:b9:09:38:b4:84:
5c:49:c6:b2:90:59:19:a2:17:1e:12:ba:d5:d7:8d:
8f:68:64:18:d7:58:18:70:eb:03:e7:26:6f:9e:67:
ff:82:be:71:6f:db:9b:71:0c:a8:02:24:f2:71:51:
53:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:13:7F:14:1D:19:21:54:68:81:70:79:BB:5E:7F:F7:C6:DE:32:55
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0357D876E77911EEB027124F775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.163.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:0c:0e:78:21:18:35:a7:d7:90:4c:99:2a:5d:68:55:45:50:
f9:41:42:d6:fd:22:88:6a:53:10:6f:a7:ad:5c:0b:03:03:15:
1d:d4:36:ca:f7:8d:64:da:51:15:a1:ff:18:1f:9a:18:38:a0:
de:ea:12:2f:e7:83:9f:0b:0c:56:ad:2d:ca:84:30:66:30:da:
26:90:13:97:23:61:d5:61:25:d9:96:79:c5:33:8f:be:34:6c:
2d:d6:37:4d:da:85:3b:f6:75:7d:08:ec:c1:9b:ab:93:6e:a9:
da:65:ab:1d:13:dc:04:3e:b2:eb:1c:d7:39:16:44:f3:7c:fc:
ef:45:58:6b:b2:29:b3:10:3a:83:92:ba:cf:87:41:7e:66:dd:
c7:9f:3e:83:59:36:16:cf:c2:29:48:dd:8c:b5:3b:5e:0e:71:
3f:8d:30:81:cd:fb:09:ff:c0:ae:ed:66:5f:fc:05:33:65:b6:
fa:fb:2d:73:6e:fe:5b:d1:0a:f0:d1:91:eb:85:5a:26:bf:51:
ea:70:f1:67:7d:05:f2:53:6d:05:89:b2:a2:1b:5a:0b:15:f6:
b6:5a:46:ca:c9:03:66:45:69:41:3f:21:15:d1:2c:41:e9:92:
a9:84:f8:c2:be:4d:97:9e:45:db:6e:8b:8a:70:11:f1:15:ba:
18:b6:c9:e6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKUzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIxMTE0ODU5WhcNMjQwNDIzMTE0ODU5WjAYMRYw
FAYDVQQDEw02NWZjMWVhZi0yYzIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7JGORPjjM/gZsp3n8wTR6Y9D0mdY49LVrSsbu/fQOXi1g8Gs+/b8odrx
HkNfe0vCR+0XoA4Kqj7cjJGIVTovDnPWFB3WQZxVSO9rTHbpizhF+72mmuRm2lwO
Yf9WPC/w2YRNoZffASTiqKGgxmfDG5vfIrtPlddImlb5s/Ge4o1rzkf4o1pHVoz5
tDKSHOTaoQCP9vk64qtKcYdAIFshsEw5uolWy0Xn1M/thhxUkpKkmfHXWonyrlxd
75/a+AZK3lR0SF+mjyfpiX3WuQk4tIRcScaykFkZohceErrV142PaGQY11gYcOsD
5yZvnmf/gr5xb9ubcQyoAiTycVFTVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM0T
fxQdGSFUaIFwebtef/fG3jJVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMzU3RDg3NkU3NzkxMUVFQjAyNzEyNEY3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsajMA0GCSqGSIb3DQEB
CwUAA4IBAQClDA54IRg1p9eQTJkqXWhVRVD5QULW/SKIalMQb6etXAsDAxUd1DbK
941k2lEVof8YH5oYOKDe6hIv54OfCwxWrS3KhDBmMNomkBOXI2HVYSXZlnnFM4++
NGwt1jdN2oU79nV9COzBm6uTbqnaZasdE9wEPrLrHNc5FkTzfPzvRVhrsimzEDqD
krrPh0F+Zt3Hnz6DWTYWz8IpSN2MtTteDnE/jTCBzfsJ/8Cu7WZf/AUzZbb6+y1z
bv5b0Qrw0ZHrhVomv1HqcPFnfQXyU20FibKiG1oLFfa2WkbKyQNmRWlBPyEV0SxB
6ZKphPjCvk2XnkXbbouKcBHxFboYtsnm
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:04:12 2024 by rpki-client on console-ams.rpki-client.org