Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CEAE846E4F411EE837090BB775412E6.roa
File: 1CEAE846E4F411EE837090BB775412E6.roa (raw, json)
Hash identifier: d3QIM1O64QTZmjszh1ainHQMSN83kYmjNl9qQnLvEJM=
Subject key identifier: 4D:BA:81:CF:18:8F:80:CD:AC:60:1C:A1:D0:4F:27:C8:6C:81:1B:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A2A9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CEAE846E4F411EE837090BB775412E6.roa
Signing time: Mon 18 Mar 2024 06:52:40 +0000
ROA not before: Mon 18 Mar 2024 06:52:37 +0000
ROA not after: Sat 20 Apr 2024 06:52:37 +0000
asID: 39600
IP address blocks: 154.95.56.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Apr 2024 06:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41641 (0xa2a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 18 06:52:37 2024 GMT
Not After : Apr 20 06:52:37 2024 GMT
Subject: CN=65f7e4b8-efb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:27:b4:c7:1d:e9:36:3e:96:45:db:c7:34:93:
b2:81:00:37:25:24:72:59:36:2b:73:62:47:79:63:
9f:c8:82:07:14:a1:af:98:3f:67:6e:f6:21:6a:f2:
ca:de:81:e5:3e:12:d6:2b:f3:41:de:24:7a:7b:34:
0d:10:10:ce:92:89:a5:79:58:5f:19:8a:06:3e:69:
f9:f4:e5:15:5a:43:c8:e0:ca:d1:8c:38:36:c3:bd:
86:8b:3a:a6:e9:ad:72:03:e6:5f:43:07:49:68:d2:
f8:a5:3f:ec:b4:26:c3:f6:5e:1e:19:cc:22:d0:96:
62:6c:30:6c:db:85:66:9e:0a:e4:45:0e:cd:4b:63:
72:c4:8e:5f:65:d8:d1:4c:97:53:86:3b:bc:12:57:
79:58:cb:41:b3:58:c3:ae:92:02:22:4e:18:17:b1:
93:c2:bc:5d:4f:02:b7:c3:26:88:fd:cb:22:ab:71:
74:6a:80:aa:5b:00:27:c9:6a:81:d9:10:d5:d9:e0:
e4:b9:8d:f9:44:6f:84:3b:60:0d:3f:eb:45:ab:ae:
54:2e:49:ca:5a:cc:ad:8a:71:d0:d0:e8:b5:57:f2:
69:55:35:1a:87:55:f4:87:03:a8:f5:0b:f9:d7:e9:
9c:35:c6:87:50:28:ee:1a:c9:2a:fd:f2:60:f6:9d:
23:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BA:81:CF:18:8F:80:CD:AC:60:1C:A1:D0:4F:27:C8:6C:81:1B:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1CEAE846E4F411EE837090BB775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.56.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:f4:cf:2e:b8:82:cb:57:c5:fa:3b:f1:56:eb:ef:ba:8e:87:
36:cf:7c:df:f4:04:15:d6:39:6a:83:ba:92:8c:39:6e:e9:33:
3a:eb:2c:55:03:2b:21:c1:c5:f1:fb:63:a0:67:63:f9:2c:9b:
1f:bd:11:39:20:78:b9:53:28:f1:6b:94:2d:56:96:77:2e:42:
33:e7:5c:13:77:a0:28:ec:29:97:79:4a:1d:09:3a:70:2c:a8:
4b:db:ba:f7:4b:6d:66:55:6c:f0:a4:aa:92:6a:b8:84:1a:4d:
2a:55:7d:48:f6:8b:4c:d2:b1:ef:11:05:f2:40:6d:b2:be:e5:
80:0a:2a:95:fa:25:f8:8c:aa:f3:2b:20:a8:3f:c4:1e:87:37:
9a:81:52:6b:1d:62:1f:e5:cb:be:22:10:8f:01:54:62:b2:a0:
16:36:f9:82:0a:1b:77:26:b6:21:f1:2b:de:e4:3a:3d:9f:36:
d0:a2:af:10:e9:03:0f:ae:7b:7c:c2:8e:28:86:35:e0:20:e2:
01:47:29:50:93:5d:9c:2c:ed:28:a9:bc:9d:24:4f:75:bd:b0:
2d:74:9c:c8:ef:14:cd:4f:be:6e:eb:f6:ea:03:32:59:f9:e7:
69:95:d0:f9:4d:04:ca:bc:c8:f4:bc:35:d8:b2:8f:a4:10:5f:
0b:37:a9:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKKpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE4MDY1MjM3WhcNMjQwNDIwMDY1MjM3WjAYMRYw
FAYDVQQDEw02NWY3ZTRiOC1lZmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvie0xx3pNj6WRdvHNJOygQA3JSRyWTYrc2JHeWOfyIIHFKGvmD9nbvYh
avLK3oHlPhLWK/NB3iR6ezQNEBDOkomleVhfGYoGPmn59OUVWkPI4MrRjDg2w72G
izqm6a1yA+ZfQwdJaNL4pT/stCbD9l4eGcwi0JZibDBs24VmngrkRQ7NS2NyxI5f
ZdjRTJdThju8Eld5WMtBs1jDrpICIk4YF7GTwrxdTwK3wyaI/csiq3F0aoCqWwAn
yWqB2RDV2eDkuY35RG+EO2ANP+tFq65ULknKWsytinHQ0Oi1V/JpVTUah1X0hwOo
9Qv51+mcNcaHUCjuGskq/fJg9p0jNwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE26
gc8Yj4DNrGAcodBPJ8hsgRvoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQ0VBRTg0NkU0RjQxMUVFODM3MDkwQkI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDml84MA0GCSqGSIb3DQEB
CwUAA4IBAQAe9M8uuILLV8X6O/FW6++6joc2z3zf9AQV1jlqg7qSjDlu6TM66yxV
AyshwcXx+2OgZ2P5LJsfvRE5IHi5Uyjxa5QtVpZ3LkIz51wTd6Ao7CmXeUodCTpw
LKhL27r3S21mVWzwpKqSariEGk0qVX1I9otM0rHvEQXyQG2yvuWACiqV+iX4jKrz
KyCoP8QehzeagVJrHWIf5cu+IhCPAVRisqAWNvmCCht3JrYh8Sve5Do9nzbQoq8Q
6QMPrnt8wo4ohjXgIOIBRylQk12cLO0oqbydJE91vbAtdJzI7xTNT75u6/bqAzJZ
+edpldD5TQTKvMj0vDXYso+kEF8LN6lz
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:38:56 2024 by rpki-client on console-ams.rpki-client.org