Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B3A11D6F86A11EEB19B9C05017001B1.roa
File: 2B3A11D6F86A11EEB19B9C05017001B1.roa (raw, json)
Hash identifier: 0deL3O344ifXJIEaWmP4Dk93XUeY+rM2RmwGmgdgUjQ=
Subject key identifier: 56:53:31:20:A3:AF:A5:9C:20:2F:77:72:F1:37:F8:30:6F:D0:83:EB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AB6C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B3A11D6F86A11EEB19B9C05017001B1.roa
Signing time: Fri 12 Apr 2024 01:15:37 +0000
ROA not before: Fri 12 Apr 2024 01:15:34 +0000
ROA not after: Sun 19 May 2024 01:15:34 +0000
asID: 138915
IP address blocks: 154.93.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43884 (0xab6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 01:15:34 2024 GMT
Not After : May 19 01:15:34 2024 GMT
Subject: CN=66188b39-3494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0e:5e:ee:eb:77:d1:0a:2a:31:86:b0:f0:7f:
99:4e:5c:00:59:7d:d0:27:ce:9d:7a:de:10:2e:2e:
1c:b9:60:f7:b4:2c:df:2f:1e:07:91:49:3b:17:c2:
db:50:8e:f8:55:9c:d7:4e:2f:a0:a8:78:ba:c5:f3:
c2:e2:c6:1e:1e:43:dd:7e:b4:84:92:2d:e9:51:92:
c3:71:04:e3:f9:89:49:ad:0f:5a:89:7b:00:b1:34:
08:38:12:a3:b2:1c:ba:05:7a:0a:24:b1:75:01:ac:
4e:5e:6d:16:ea:27:c5:bc:05:8a:28:97:db:90:ba:
be:ff:b6:26:90:52:a0:3d:2e:7a:cd:e6:8b:07:4f:
3f:6a:64:b2:01:7d:29:16:20:05:e7:ad:d9:0b:95:
e2:c4:ab:99:cb:29:bf:2f:7d:2c:29:00:21:13:0f:
6f:0d:d3:81:1b:d6:1d:34:6e:df:e2:07:4d:e7:5f:
a9:57:97:c8:3a:8f:6a:47:62:2a:4e:6e:9d:c8:cf:
49:72:d9:e3:3e:14:fc:4a:42:de:7a:8c:ab:95:66:
6d:a7:5c:8f:4e:fb:8a:8b:1d:cd:ab:69:36:3a:d0:
fc:70:f1:95:e1:49:05:f0:38:d7:14:db:ef:44:73:
c9:2e:ed:af:b0:39:c3:1f:dd:b8:8f:ac:04:cb:dd:
f4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:53:31:20:A3:AF:A5:9C:20:2F:77:72:F1:37:F8:30:6F:D0:83:EB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2B3A11D6F86A11EEB19B9C05017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.59.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:01:13:cd:55:80:3d:b6:36:0a:46:f1:24:74:fb:82:19:37:
6c:7e:5d:18:34:ca:50:87:f4:af:7f:cf:b9:ad:13:6b:60:c1:
b6:24:51:5d:17:49:66:3d:b6:8c:8b:a5:bb:5d:6c:ed:40:00:
93:d9:db:e0:7a:d5:41:68:f9:dc:c9:a6:f3:98:64:04:d5:c3:
53:74:93:e4:05:16:31:4e:ad:d5:52:b5:f1:31:57:2e:13:cb:
da:68:20:b3:87:3f:ce:3f:f3:dc:2d:a9:25:c3:aa:d3:ff:1b:
1e:f8:1c:d3:f9:de:5d:77:9c:36:cd:0c:38:63:2b:56:e5:50:
a6:57:f0:26:51:d7:0c:3d:7e:1f:54:3f:e8:12:81:99:04:01:
ff:f1:8a:10:93:3e:a4:a6:78:a5:09:32:ca:59:80:6d:5e:23:
30:54:89:f2:ea:34:7c:f5:2b:13:4b:04:e8:22:4a:08:05:67:
8f:7d:60:09:1e:6b:d0:c4:5a:de:89:4a:ce:4f:c0:13:bf:d9:
a8:41:eb:2a:06:0f:ac:e0:5e:5c:5a:25:4a:fd:f4:ba:58:15:
82:21:06:61:1d:9f:3f:27:19:7f:04:96:58:4e:44:a9:c9:d9:
35:1f:bf:36:df:40:00:91:1d:49:34:ed:b5:6c:c6:26:92:d5:
14:db:b9:3e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKtsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDEyMDExNTM0WhcNMjQwNTE5MDExNTM0WjAYMRYw
FAYDVQQDEw02NjE4OGIzOS0zNDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxw5e7ut30QoqMYaw8H+ZTlwAWX3QJ86det4QLi4cuWD3tCzfLx4HkUk7
F8LbUI74VZzXTi+gqHi6xfPC4sYeHkPdfrSEki3pUZLDcQTj+YlJrQ9aiXsAsTQI
OBKjshy6BXoKJLF1AaxOXm0W6ifFvAWKKJfbkLq+/7YmkFKgPS56zeaLB08/amSy
AX0pFiAF563ZC5XixKuZyym/L30sKQAhEw9vDdOBG9YdNG7f4gdN51+pV5fIOo9q
R2IqTm6dyM9JctnjPhT8SkLeeoyrlWZtp1yPTvuKix3Nq2k2OtD8cPGV4UkF8DjX
FNvvRHPJLu2vsDnDH924j6wEy9307QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFZT
MSCjr6WcIC93cvE3+DBv0IPrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQjNBMTFENkY4NkExMUVFQjE5QjlDMDUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml07MA0GCSqGSIb3DQEB
CwUAA4IBAQBPARPNVYA9tjYKRvEkdPuCGTdsfl0YNMpQh/Svf8+5rRNrYMG2JFFd
F0lmPbaMi6W7XWztQACT2dvgetVBaPncyabzmGQE1cNTdJPkBRYxTq3VUrXxMVcu
E8vaaCCzhz/OP/PcLaklw6rT/xse+BzT+d5dd5w2zQw4YytW5VCmV/AmUdcMPX4f
VD/oEoGZBAH/8YoQkz6kpnilCTLKWYBtXiMwVIny6jR89SsTSwToIkoIBWePfWAJ
HmvQxFreiUrOT8ATv9moQesqBg+s4F5cWiVK/fS6WBWCIQZhHZ8/Jxl/BJZYTkSp
ydk1H78230AAkR1JNO21bMYmktUU27k+
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:19 2024 by rpki-client on console-fra.rpki-client.org