Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D0C7E26141A11EF85B2283A017001B1.roa
File: 0D0C7E26141A11EF85B2283A017001B1.roa (raw, json)
Hash identifier: 5fN2mHfUqA6tA0TXBtHasFy7ssUT/32xNwuSP3kGm1g=
Subject key identifier: B3:9A:FD:91:82:24:14:18:03:46:2D:AF:92:43:83:46:5C:FE:19:10
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B827
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D0C7E26141A11EF85B2283A017001B1.roa
Signing time: Fri 17 May 2024 06:52:39 +0000
ROA not before: Fri 17 May 2024 06:52:36 +0000
ROA not after: Thu 04 Jul 2024 06:52:36 +0000
asID: 44559
IP address blocks: 154.209.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47143 (0xb827)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 17 06:52:36 2024 GMT
Not After : Jul 4 06:52:36 2024 GMT
Subject: CN=6646feb7-79aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e5:87:f0:27:71:e4:33:b1:69:6c:70:32:12:
29:cf:ff:d6:09:3f:49:4f:79:00:2f:aa:5b:9e:61:
5f:f9:59:0b:ac:be:f9:8d:46:0f:0e:23:de:99:6c:
20:79:41:49:a3:de:cf:6f:dd:22:b4:c3:96:3a:3e:
a4:c8:52:2c:29:e5:ff:36:6d:2f:b6:8c:be:36:e7:
93:d0:12:c1:38:55:2c:81:9c:9a:c8:bb:88:9f:1f:
9a:b6:4a:36:20:9f:c6:f2:cf:66:5a:84:32:04:4f:
e4:c3:b9:19:88:a3:8d:80:92:f4:91:d2:ca:21:19:
aa:dd:8b:41:a7:51:d3:b9:38:9a:57:69:12:f9:b7:
c8:0e:77:bf:15:79:46:3b:45:f3:81:45:22:0c:5c:
39:15:30:b0:f8:00:60:fe:a8:ff:3b:07:b8:7b:24:
64:53:fe:ae:46:df:a4:ef:30:0f:73:8c:87:fc:6a:
53:1b:64:a6:a0:61:31:ac:37:d3:30:f5:01:5a:2b:
6b:10:9e:d2:9a:a7:f2:bf:bb:b1:e3:38:f2:f6:87:
1e:af:a9:31:83:b7:ef:bc:8a:94:18:4f:1e:06:ad:
68:c4:46:14:53:a2:99:45:72:3b:e5:51:d7:35:e9:
c1:18:7d:d7:52:b2:db:da:fe:fe:9f:44:f0:8a:ef:
ea:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9A:FD:91:82:24:14:18:03:46:2D:AF:92:43:83:46:5C:FE:19:10
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D0C7E26141A11EF85B2283A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.88.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:16:59:63:7f:f9:c2:5b:41:27:91:85:5f:5e:a7:a1:be:f9:
be:0b:01:6b:02:82:9d:9d:0d:60:c4:5d:62:c1:c7:3c:18:5f:
cc:27:ab:60:3d:2f:5b:c9:19:62:6e:a1:10:9e:62:a8:c6:2a:
c8:cc:b3:27:8e:66:6e:74:25:47:83:87:96:01:9a:8d:e8:50:
40:16:dc:ea:f9:d5:81:dd:dc:61:82:ff:76:53:d8:0b:f4:8c:
87:0a:32:f9:b3:46:7c:db:f6:68:ff:9b:e4:a4:a7:99:68:8a:
c1:e8:30:97:30:46:ed:eb:5f:47:1b:7d:0a:7b:9a:13:f0:23:
a9:80:48:22:d7:ff:92:71:40:a6:fa:bc:02:6a:f2:c9:96:a0:
60:3f:c2:0e:01:7e:01:c8:25:55:c4:16:3d:60:88:e6:eb:f3:
6e:63:b5:26:47:67:55:84:08:06:e2:34:31:d2:88:b4:94:53:
1d:fa:f8:b9:d7:ac:51:53:0b:e8:67:e0:8a:b2:93:bc:28:d2:
10:b5:8d:95:bd:00:68:5a:8b:98:d8:2b:28:25:1a:15:6a:32:
9b:05:55:ff:04:8b:81:55:fd:ea:31:96:56:d6:25:24:93:18:
78:50:0f:4a:db:41:8c:6e:c3:46:a1:20:ce:92:1e:1c:aa:d8:
9c:b8:e4:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALgnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTE3MDY1MjM2WhcNMjQwNzA0MDY1MjM2WjAYMRYw
FAYDVQQDEw02NjQ2ZmViNy03OWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+WH8Cdx5DOxaWxwMhIpz//WCT9JT3kAL6pbnmFf+VkLrL75jUYPDiPe
mWwgeUFJo97Pb90itMOWOj6kyFIsKeX/Nm0vtoy+NueT0BLBOFUsgZyayLuInx+a
tko2IJ/G8s9mWoQyBE/kw7kZiKONgJL0kdLKIRmq3YtBp1HTuTiaV2kS+bfIDne/
FXlGO0XzgUUiDFw5FTCw+ABg/qj/Owe4eyRkU/6uRt+k7zAPc4yH/GpTG2SmoGEx
rDfTMPUBWitrEJ7Smqfyv7ux4zjy9ocer6kxg7fvvIqUGE8eBq1oxEYUU6KZRXI7
5VHXNenBGH3XUrLb2v7+n0Twiu/qwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLOa
/ZGCJBQYA0Ytr5JDg0Zc/hkQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRDBDN0UyNjE0MUExMUVGODVCMjI4M0EwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtFYMA0GCSqGSIb3DQEB
CwUAA4IBAQAeFlljf/nCW0EnkYVfXqehvvm+CwFrAoKdnQ1gxF1iwcc8GF/MJ6tg
PS9byRlibqEQnmKoxirIzLMnjmZudCVHg4eWAZqN6FBAFtzq+dWB3dxhgv92U9gL
9IyHCjL5s0Z82/Zo/5vkpKeZaIrB6DCXMEbt619HG30Ke5oT8COpgEgi1/+ScUCm
+rwCavLJlqBgP8IOAX4ByCVVxBY9YIjm6/NuY7UmR2dVhAgG4jQx0oi0lFMd+vi5
16xRUwvoZ+CKspO8KNIQtY2VvQBoWouY2CsoJRoVajKbBVX/BIuBVf3qMZZW1iUk
kxh4UA9K20GMbsNGoSDOkh4cqticuOQA
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:09:59 2024 by rpki-client on console-fra.rpki-client.org