Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21591104E9A511EEA3343857775412E6.roa
File: 21591104E9A511EEA3343857775412E6.roa (raw, json)
Hash identifier: WsShDxMC4nc0b0vwdpieNM4CxvPx1Zgioq1GK9irSJc=
Subject key identifier: 82:48:24:9C:D1:B5:76:7C:98:A6:D8:0C:E6:F4:1F:59:74:4E:DB:AA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A644
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21591104E9A511EEA3343857775412E6.roa
Signing time: Sun 24 Mar 2024 06:09:53 +0000
ROA not before: Sun 24 Mar 2024 06:09:50 +0000
ROA not after: Fri 26 Apr 2024 06:09:50 +0000
asID: 395886
IP address blocks: 154.201.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 26 Apr 2024 06:09:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42564 (0xa644)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 24 06:09:50 2024 GMT
Not After : Apr 26 06:09:50 2024 GMT
Subject: CN=65ffc3b1-42d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:57:d5:52:7d:d6:c5:ed:3e:83:a0:8e:58:3e:
55:13:d6:ec:78:c7:35:fc:a7:7c:ec:28:ed:79:fc:
fb:b2:61:8b:2c:a9:81:92:23:cc:d9:5c:e4:9b:52:
b8:7c:ee:8b:43:d8:24:48:27:ac:89:4f:5b:b0:a5:
d2:7d:e5:f1:c1:74:7c:24:09:0d:f2:60:f5:4a:7d:
25:42:66:f8:2e:73:8d:1f:4d:b2:63:40:97:1f:84:
cd:8f:34:6b:07:10:3b:ab:c9:fb:5d:fc:2a:e0:00:
96:02:f1:20:f5:7e:c8:b1:1c:56:31:3b:9a:c2:5a:
ec:b8:2f:47:8f:41:f0:07:d1:88:18:06:dc:b5:3e:
75:d2:55:e4:56:5f:5b:fc:4f:05:e0:f9:9d:43:41:
a4:16:b5:1d:11:72:12:8d:49:15:26:a1:05:e5:5c:
64:18:40:0a:3b:a6:d2:a3:e3:be:6d:c0:df:fb:22:
32:99:d8:e8:0b:12:97:a0:db:d3:f7:a2:4d:cd:ab:
23:ec:d5:03:df:f0:ec:35:0d:08:b8:49:05:c0:0a:
04:23:e1:31:83:39:21:64:9e:39:3b:2f:27:fc:15:
be:fa:94:43:53:8a:06:c0:cc:50:e2:c6:dc:b3:58:
33:78:9e:69:38:8b:1b:c2:fb:fe:23:e1:60:cc:40:
6d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:48:24:9C:D1:B5:76:7C:98:A6:D8:0C:E6:F4:1F:59:74:4E:DB:AA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21591104E9A511EEA3343857775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.88.0/22
Signature Algorithm: sha256WithRSAEncryption
d1:6a:16:29:a6:01:84:60:b0:db:fc:27:f0:df:85:ae:b2:16:
14:9a:b1:47:36:bc:6f:08:34:68:c4:1c:c6:9f:39:00:73:e5:
7a:47:1c:16:70:a2:96:2d:cf:e1:b8:77:f4:56:3d:60:76:a8:
e8:2c:d8:76:3c:77:f9:5a:2c:30:3d:12:5e:88:f9:2d:1a:5a:
a0:d9:a6:4b:18:6f:f7:45:85:99:59:b8:0f:79:70:cd:b8:88:
72:ae:1d:17:1f:8d:13:f0:36:74:4c:d8:ae:e9:96:32:d1:12:
b7:49:89:df:97:24:63:24:38:d3:45:18:a6:51:7f:03:de:4e:
71:60:7e:ee:7c:65:0b:92:f9:2b:03:47:a8:04:ba:ac:27:ac:
72:82:b8:4e:e9:99:02:03:90:3c:b3:fc:74:32:5e:8d:c8:bb:
60:ca:17:60:0d:1e:12:02:91:6a:b0:40:24:f7:04:55:92:d1:
69:2c:fa:b3:b3:1a:1f:47:ec:11:d4:b0:10:4d:6b:be:f9:d8:
d5:e6:49:93:b7:aa:f8:79:a6:5d:f1:09:f9:e4:d2:cf:8a:f4:
da:c4:83:24:7f:6e:0c:c9:ff:8f:13:8b:77:62:d5:a6:5c:bc:
1a:98:a5:79:6d:2b:b1:59:f2:0f:a3:c5:d3:db:7f:f5:7b:92:
91:60:72:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKZEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzI0MDYwOTUwWhcNMjQwNDI2MDYwOTUwWjAYMRYw
FAYDVQQDEw02NWZmYzNiMS00MmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAolfVUn3Wxe0+g6COWD5VE9bseMc1/Kd87Cjtefz7smGLLKmBkiPM2Vzk
m1K4fO6LQ9gkSCesiU9bsKXSfeXxwXR8JAkN8mD1Sn0lQmb4LnONH02yY0CXH4TN
jzRrBxA7q8n7Xfwq4ACWAvEg9X7IsRxWMTuawlrsuC9Hj0HwB9GIGAbctT510lXk
Vl9b/E8F4PmdQ0GkFrUdEXISjUkVJqEF5VxkGEAKO6bSo+O+bcDf+yIymdjoCxKX
oNvT96JNzasj7NUD3/DsNQ0IuEkFwAoEI+ExgzkhZJ45Oy8n/BW++pRDU4oGwMxQ
4sbcs1gzeJ5pOIsbwvv+I+FgzEBtnQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIJI
JJzRtXZ8mKbYDOb0H1l0TtuqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMTU5MTEwNEU5QTUxMUVFQTMzNDM4NTc3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmslYMA0GCSqGSIb3DQEB
CwUAA4IBAQDRahYppgGEYLDb/Cfw34WushYUmrFHNrxvCDRoxBzGnzkAc+V6RxwW
cKKWLc/huHf0Vj1gdqjoLNh2PHf5WiwwPRJeiPktGlqg2aZLGG/3RYWZWbgPeXDN
uIhyrh0XH40T8DZ0TNiu6ZYy0RK3SYnflyRjJDjTRRimUX8D3k5xYH7ufGULkvkr
A0eoBLqsJ6xygrhO6ZkCA5A8s/x0Ml6NyLtgyhdgDR4SApFqsEAk9wRVktFpLPqz
sxofR+wR1LAQTWu++djV5kmTt6r4eaZd8Qn55NLPivTaxIMkf24Myf+PE4t3YtWm
XLwamKV5bSuxWfIPo8XT23/1e5KRYHIu
-----END CERTIFICATE-----
Generated at Fri Apr 26 06:08:36 2024 by rpki-client on console-ams.rpki-client.org