Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D09844AE74811EE9E723950775412E6.roa
File: 0D09844AE74811EE9E723950775412E6.roa (raw, json)
Hash identifier: fjPsBdg66DdnphzLmhpyAYFublS9O3L6WhVjitFIeYI=
Subject key identifier: 87:7F:1D:A8:96:19:9D:F4:6C:F4:36:FF:1A:CB:38:7A:AD:FF:D1:02
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A417
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D09844AE74811EE9E723950775412E6.roa
Signing time: Thu 21 Mar 2024 05:58:34 +0000
ROA not before: Thu 21 Mar 2024 05:58:31 +0000
ROA not after: Tue 23 Apr 2024 05:58:31 +0000
asID: 44559
IP address blocks: 154.220.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 23 Apr 2024 00:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42007 (0xa417)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 05:58:31 2024 GMT
Not After : Apr 23 05:58:31 2024 GMT
Subject: CN=65fbcc8a-40a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6e:30:d0:ec:9a:b9:ca:97:f1:21:72:d6:b1:
d2:b9:9e:d1:b4:f0:39:14:e2:17:88:6e:ca:dd:29:
ba:a6:7e:2e:aa:ad:81:ab:2f:31:6f:71:bf:f2:43:
a3:0f:0a:bd:80:64:97:fd:4c:c6:f6:89:09:db:d4:
3b:49:53:2b:e6:22:aa:07:42:62:a6:02:5e:11:bc:
6d:b9:d8:cb:e8:09:51:9d:40:e5:5a:2d:eb:22:5c:
76:70:2a:5c:a4:c6:90:97:aa:aa:8c:73:e8:f3:f6:
76:bf:5a:c5:dd:c7:d4:f4:7a:8a:23:64:30:8f:dd:
bb:0d:7c:55:da:48:d0:53:85:29:27:5d:8e:67:b3:
09:47:6d:dd:6c:75:53:b6:4e:b5:ba:ea:8e:ed:8a:
01:74:fd:98:e0:50:0f:c3:35:a1:6f:c5:cd:d4:00:
aa:d6:50:31:62:7f:3b:3c:b4:e4:b1:0f:03:55:96:
db:d3:6c:71:5c:5d:5f:64:b6:75:61:31:88:10:bf:
6a:6f:14:48:e9:6a:54:a4:e4:3e:18:ac:9f:4b:68:
64:4f:f3:51:47:71:25:19:c6:87:79:c9:2c:4e:8d:
c3:50:2b:4f:20:24:94:12:b6:a1:15:27:75:70:b7:
ef:f3:10:0f:7f:f2:4b:80:5c:22:06:83:7e:8f:bb:
b6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7F:1D:A8:96:19:9D:F4:6C:F4:36:FF:1A:CB:38:7A:AD:FF:D1:02
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D09844AE74811EE9E723950775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.173.0/24
Signature Algorithm: sha256WithRSAEncryption
13:07:f0:2e:e9:05:53:bf:2b:b8:10:e9:1c:1e:13:b5:a2:42:
5f:0e:f5:73:82:48:ab:90:78:3d:e7:5a:3c:71:c4:94:3b:12:
0b:e7:84:62:5f:e2:04:b4:68:48:cb:fc:3c:12:b9:9d:4c:4f:
80:f3:d5:1a:03:66:5c:8c:12:66:08:88:fc:72:25:ec:2a:7b:
80:d2:cc:5f:3e:d4:15:f9:e4:bf:67:85:d2:44:58:13:12:24:
22:b4:73:a0:91:cd:0e:00:9b:0e:6a:ad:29:69:b2:66:be:48:
ad:4d:4c:57:0c:3f:c5:3a:59:94:cd:c0:f3:5b:6c:c2:ef:07:
f3:8b:0c:a5:c2:e7:d5:9f:83:79:c2:df:37:15:d6:c5:cf:b1:
21:f4:63:a6:19:3d:3d:3a:9c:c8:6d:f1:cb:b8:bc:18:ae:1b:
22:0a:c1:3b:6c:20:fd:12:18:25:06:21:d0:36:49:ec:d7:81:
ea:88:d8:e8:c7:37:7f:46:de:79:40:fa:bd:40:fb:1f:f6:23:
07:7c:17:59:01:5a:d2:1e:06:2b:0a:d1:d7:cc:5e:ed:a6:22:
7d:c4:95:3d:63:3f:e9:9d:3f:28:24:e3:4d:85:38:8b:49:b8:
de:81:26:ff:2d:ee:e7:22:fd:38:22:cf:45:37:fe:38:19:88:
b0:cd:49:7e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKQXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIxMDU1ODMxWhcNMjQwNDIzMDU1ODMxWjAYMRYw
FAYDVQQDEw02NWZiY2M4YS00MGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyW4w0OyaucqX8SFy1rHSuZ7RtPA5FOIXiG7K3Sm6pn4uqq2Bqy8xb3G/
8kOjDwq9gGSX/UzG9okJ29Q7SVMr5iKqB0JipgJeEbxtudjL6AlRnUDlWi3rIlx2
cCpcpMaQl6qqjHPo8/Z2v1rF3cfU9HqKI2Qwj927DXxV2kjQU4UpJ12OZ7MJR23d
bHVTtk61uuqO7YoBdP2Y4FAPwzWhb8XN1ACq1lAxYn87PLTksQ8DVZbb02xxXF1f
ZLZ1YTGIEL9qbxRI6WpUpOQ+GKyfS2hkT/NRR3ElGcaHecksTo3DUCtPICSUErah
FSd1cLfv8xAPf/JLgFwiBoN+j7u2gwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFId/
HaiWGZ30bPQ2/xrLOHqt/9ECMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRDA5ODQ0QUU3NDgxMUVFOUU3MjM5NTA3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtytMA0GCSqGSIb3DQEB
CwUAA4IBAQATB/Au6QVTvyu4EOkcHhO1okJfDvVzgkirkHg951o8ccSUOxIL54Ri
X+IEtGhIy/w8ErmdTE+A89UaA2ZcjBJmCIj8ciXsKnuA0sxfPtQV+eS/Z4XSRFgT
EiQitHOgkc0OAJsOaq0pabJmvkitTUxXDD/FOlmUzcDzW2zC7wfziwylwufVn4N5
wt83FdbFz7Eh9GOmGT09OpzIbfHLuLwYrhsiCsE7bCD9EhglBiHQNkns14HqiNjo
xzd/Rt55QPq9QPsf9iMHfBdZAVrSHgYrCtHXzF7tpiJ9xJU9Yz/pnT8oJONNhTiL
SbjegSb/Le7nIv04Is9FN/44GYiwzUl+
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:04:13 2024 by rpki-client on console-ams.rpki-client.org