Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3157FF4CF01311EEB54D44A1775412E6.roa
File: 3157FF4CF01311EEB54D44A1775412E6.roa (raw, json)
Hash identifier: 61qAQrLZk27QqR6yCLNn5s9g6JpWuxTMi0NhFSZXQa4=
Subject key identifier: 3B:90:EC:F4:C8:4F:9F:CD:46:A8:56:79:C9:39:FC:E6:4C:79:C8:7A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A8A2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3157FF4CF01311EEB54D44A1775412E6.roa
Signing time: Mon 01 Apr 2024 10:32:52 +0000
ROA not before: Mon 01 Apr 2024 10:32:48 +0000
ROA not after: Sat 11 May 2024 10:32:48 +0000
asID: 63139
IP address blocks: 154.203.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43170 (0xa8a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 1 10:32:48 2024 GMT
Not After : May 11 10:32:48 2024 GMT
Subject: CN=660a8d54-478f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6b:43:a4:c6:e2:51:5e:fa:30:d2:c8:79:61:
d4:4d:1b:08:b7:64:1f:54:0f:1f:af:f2:ec:77:a2:
8f:5e:e2:bb:c0:4f:44:aa:f5:2b:e0:93:95:ca:80:
ce:8e:34:82:4d:0f:32:90:7b:b5:1b:b1:ce:d4:b2:
20:00:06:7e:7d:d6:63:e1:1a:1c:c6:df:d6:d0:45:
f5:98:fa:40:63:bb:c2:7c:71:76:01:73:79:6f:d9:
ef:5c:34:cd:6b:f4:20:c8:e1:f9:8f:05:af:37:2c:
d0:4f:f3:2e:c5:c4:29:4a:88:48:c8:6b:87:1d:ed:
3f:c2:cb:a3:aa:8d:33:1b:3c:d6:f8:13:26:b8:df:
b5:a0:dd:22:15:37:9a:5b:c1:0c:ff:75:a0:b4:27:
80:ea:9b:a8:8a:b4:f7:3f:3c:7a:5d:5c:09:0e:6f:
6a:66:8c:b4:6a:9f:bf:b2:43:12:96:b4:19:a7:4b:
44:bc:6e:35:c2:b3:d6:ef:40:fe:bb:2a:56:95:03:
2f:c6:ae:4c:5e:a7:f6:5c:43:06:7e:fb:dc:aa:87:
dd:5d:6d:9c:e7:ad:33:6a:1a:f9:da:de:9b:9e:13:
46:96:72:40:95:c4:aa:b3:0c:14:46:63:a2:1a:7d:
a2:4b:16:41:57:24:d1:5f:64:6a:a6:ea:03:22:3a:
3f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:90:EC:F4:C8:4F:9F:CD:46:A8:56:79:C9:39:FC:E6:4C:79:C8:7A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3157FF4CF01311EEB54D44A1775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.187.0/24
Signature Algorithm: sha256WithRSAEncryption
54:b6:a8:66:3b:c5:2d:fe:ee:c6:8a:a2:3a:7b:83:72:6b:3a:
10:ab:b5:b3:ad:9c:66:23:7e:8a:da:df:db:cb:74:e0:8a:65:
da:41:a9:fd:51:2b:1d:f6:c2:b1:60:c0:58:b0:3e:e4:d4:b3:
96:f1:65:06:bc:b5:b5:fb:42:c9:81:04:3c:0c:ec:63:30:cd:
b6:e7:7a:a6:e9:ad:3b:30:f6:82:9b:7d:71:77:56:ab:51:ef:
34:6d:a5:e9:12:e0:f4:cf:3e:0e:ad:5b:a8:94:5a:f1:3b:c1:
f5:6b:83:f3:e2:3f:a7:50:61:f5:0b:7f:1f:77:b2:d4:d5:b2:
f9:fd:a5:56:f5:af:7e:4f:ee:4d:0c:e4:0b:9e:5e:85:d5:19:
6a:7a:62:76:58:91:81:e9:16:e0:6e:ee:9c:54:3c:c4:c2:d4:
de:9f:8d:62:0a:22:7e:e9:da:3b:fb:39:d6:93:a9:1c:ff:2f:
60:aa:74:d0:8e:03:94:80:6b:f6:a4:1b:bc:b2:e3:53:1f:d7:
fc:22:ff:7a:e0:46:46:5b:dc:ae:76:bd:b6:a5:64:77:7e:93:
ee:f2:9a:52:65:5f:6e:e2:0e:c2:67:54:5c:bf:d9:67:ec:70:
18:f4:9e:dc:0b:8d:e0:72:c1:e5:3c:94:b5:04:20:77:07:2d:
e1:6d:7d:eb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKiiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAxMTAzMjQ4WhcNMjQwNTExMTAzMjQ4WjAYMRYw
FAYDVQQDEw02NjBhOGQ1NC00NzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGtDpMbiUV76MNLIeWHUTRsIt2QfVA8fr/Lsd6KPXuK7wE9EqvUr4JOV
yoDOjjSCTQ8ykHu1G7HO1LIgAAZ+fdZj4Rocxt/W0EX1mPpAY7vCfHF2AXN5b9nv
XDTNa/QgyOH5jwWvNyzQT/MuxcQpSohIyGuHHe0/wsujqo0zGzzW+BMmuN+1oN0i
FTeaW8EM/3WgtCeA6puoirT3Pzx6XVwJDm9qZoy0ap+/skMSlrQZp0tEvG41wrPW
70D+uypWlQMvxq5MXqf2XEMGfvvcqofdXW2c560zahr52t6bnhNGlnJAlcSqswwU
RmOiGn2iSxZBVyTRX2RqpuoDIjo/lwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDuQ
7PTIT5/NRqhWeck5/OZMech6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMTU3RkY0Q0YwMTMxMUVFQjU0RDQ0QTE3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsu7MA0GCSqGSIb3DQEB
CwUAA4IBAQBUtqhmO8Ut/u7GiqI6e4NyazoQq7WzrZxmI36K2t/by3TgimXaQan9
USsd9sKxYMBYsD7k1LOW8WUGvLW1+0LJgQQ8DOxjMM2253qm6a07MPaCm31xd1ar
Ue80baXpEuD0zz4OrVuolFrxO8H1a4Pz4j+nUGH1C38fd7LU1bL5/aVW9a9+T+5N
DOQLnl6F1RlqemJ2WJGB6Rbgbu6cVDzEwtTen41iCiJ+6do7+znWk6kc/y9gqnTQ
jgOUgGv2pBu8suNTH9f8Iv964EZGW9yudr22pWR3fpPu8ppSZV9u4g7CZ1Rcv9ln
7HAY9J7cC43gcsHlPJS1BCB3By3hbX3r
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:19 2024 by rpki-client on console-fra.rpki-client.org