Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/04A72B7CF01211EEA4DC3D97775412E6.roa
File: 04A72B7CF01211EEA4DC3D97775412E6.roa (raw, json)
Hash identifier: 2lCuBW0hHgpqedlvrEdEiILrqJmvkLatvMoI9fi2ewk=
Subject key identifier: 2C:0A:FF:1A:13:FF:EC:81:6A:1B:96:46:D2:D8:55:82:94:F1:38:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A894
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/04A72B7CF01211EEA4DC3D97775412E6.roa
Signing time: Mon 01 Apr 2024 10:24:28 +0000
ROA not before: Mon 01 Apr 2024 10:24:24 +0000
ROA not after: Sat 11 May 2024 10:24:24 +0000
asID: 138915
IP address blocks: 154.203.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43156 (0xa894)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 1 10:24:24 2024 GMT
Not After : May 11 10:24:24 2024 GMT
Subject: CN=660a8b5b-16f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ee:fd:10:fd:62:fb:63:22:44:06:0b:d1:84:
35:4b:e0:2d:be:2b:98:f4:f9:d2:df:8a:5d:04:14:
8f:d7:0c:31:c0:f2:e1:e8:77:03:cf:61:43:03:9b:
e3:dc:85:78:ad:e9:36:34:ce:5a:64:8c:8c:b2:83:
aa:dd:a8:97:6e:cb:85:b8:65:ed:3e:22:00:2e:14:
4d:a0:cc:fb:31:9e:c3:da:1a:cc:91:cc:02:96:94:
d3:71:12:62:ab:4a:12:cd:37:28:93:2d:16:7b:fa:
6c:cd:63:30:51:1a:a4:af:a5:c0:cb:24:76:b9:fe:
4a:f9:be:f5:4b:83:51:77:3e:bf:f2:61:c8:f6:83:
99:43:2c:da:ca:09:e7:e4:8f:27:ac:b4:60:cc:b5:
45:96:25:bb:ee:14:b2:31:86:fe:d9:d2:53:46:f8:
bb:bd:86:0d:5a:a9:29:48:b3:e7:f6:92:1e:d6:46:
50:64:c0:5a:a9:ed:51:ee:b9:1c:82:7e:93:9d:87:
4a:37:62:7e:10:8e:88:ed:f5:ec:4f:7f:55:73:8f:
d0:03:26:7a:f8:32:4e:84:1c:5a:07:6a:83:8a:bb:
84:19:e9:6b:d2:fd:06:73:57:0a:99:df:c9:f7:dd:
98:59:e2:e1:5e:4e:11:77:61:ea:2a:f7:72:c8:ce:
58:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0A:FF:1A:13:FF:EC:81:6A:1B:96:46:D2:D8:55:82:94:F1:38:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/04A72B7CF01211EEA4DC3D97775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.140.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:f5:1a:3b:3c:95:6a:e1:0c:01:52:29:56:58:9e:93:2b:3d:
d9:f0:68:a4:b6:e4:b6:19:6f:de:c2:3a:90:6b:e7:cd:0e:3e:
c5:c2:08:3a:58:33:2d:77:36:a4:16:58:90:c3:82:f2:c1:d0:
76:16:5a:e4:47:e9:d6:87:4b:4b:b7:22:07:cb:21:5b:44:07:
2d:a1:85:12:c1:50:7a:99:a7:6c:26:a6:bb:48:43:1c:c8:c0:
b8:48:6f:fd:78:cb:5f:5f:03:93:fb:8a:2f:c3:03:0f:6c:73:
7e:f5:b8:67:2f:84:1a:89:f6:ec:1f:7d:30:70:36:54:4d:5d:
46:65:18:05:b2:9e:55:d7:44:4b:b7:bc:70:d6:3d:3c:1e:6b:
b2:f6:b5:83:19:4f:35:80:f0:d9:14:30:51:4e:9a:df:f5:d6:
79:67:a6:05:7e:a9:b7:0c:1e:13:88:4d:e2:f6:e2:88:7d:9d:
45:e4:fd:36:ab:28:d0:ff:32:5e:d2:c6:d0:4d:55:e2:6b:b0:
b3:8b:61:5b:8d:60:58:c0:7e:d4:7a:c5:7e:d3:99:85:61:cd:
af:ba:53:7d:82:c7:1d:53:6c:e0:e9:5c:c8:8a:be:58:d8:72:
49:94:5d:08:ad:01:e1:79:ca:e6:7f:dd:2b:4d:0e:72:c3:1a:
02:a0:97:1a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKiUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAxMTAyNDI0WhcNMjQwNTExMTAyNDI0WjAYMRYw
FAYDVQQDEw02NjBhOGI1Yi0xNmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0O79EP1i+2MiRAYL0YQ1S+AtviuY9PnS34pdBBSP1wwxwPLh6HcDz2FD
A5vj3IV4rek2NM5aZIyMsoOq3aiXbsuFuGXtPiIALhRNoMz7MZ7D2hrMkcwClpTT
cRJiq0oSzTcoky0We/pszWMwURqkr6XAyyR2uf5K+b71S4NRdz6/8mHI9oOZQyza
ygnn5I8nrLRgzLVFliW77hSyMYb+2dJTRvi7vYYNWqkpSLPn9pIe1kZQZMBaqe1R
7rkcgn6TnYdKN2J+EI6I7fXsT39Vc4/QAyZ6+DJOhBxaB2qDiruEGelr0v0Gc1cK
md/J992YWeLhXk4Rd2HqKvdyyM5YBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCwK
/xoT/+yBahuWRtLYVYKU8TgbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNEE3MkI3Q0YwMTIxMUVFQTREQzNEOTc3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuMMA0GCSqGSIb3DQEB
CwUAA4IBAQAs9Ro7PJVq4QwBUilWWJ6TKz3Z8GiktuS2GW/ewjqQa+fNDj7Fwgg6
WDMtdzakFliQw4LywdB2FlrkR+nWh0tLtyIHyyFbRActoYUSwVB6madsJqa7SEMc
yMC4SG/9eMtfXwOT+4ovwwMPbHN+9bhnL4QaifbsH30wcDZUTV1GZRgFsp5V10RL
t7xw1j08Hmuy9rWDGU81gPDZFDBRTprf9dZ5Z6YFfqm3DB4TiE3i9uKIfZ1F5P02
qyjQ/zJe0sbQTVXia7Czi2FbjWBYwH7UesV+05mFYc2vulN9gscdU2zg6VzIir5Y
2HJJlF0IrQHhecrmf90rTQ5ywxoCoJca
-----END CERTIFICATE-----
Generated at Fri May 3 04:36:01 2024 by rpki-client on console-ams.rpki-client.org