Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CD3231CF86D11EE98D7C91F017001B1.roa
File: 3CD3231CF86D11EE98D7C91F017001B1.roa (raw, json)
Hash identifier: wkZ7boIvpwpGJjcmr89rQqJIAr8GhDzPUL5tF3TIW4I=
Subject key identifier: A2:E4:DA:A4:42:BF:2C:49:BC:FF:DB:BC:44:FA:FF:0D:BC:94:CF:9A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AB90
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CD3231CF86D11EE98D7C91F017001B1.roa
Signing time: Fri 12 Apr 2024 01:37:35 +0000
ROA not before: Fri 12 Apr 2024 01:37:32 +0000
ROA not after: Sun 19 May 2024 01:37:32 +0000
asID: 138915
IP address blocks: 154.93.40.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43920 (0xab90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 01:37:32 2024 GMT
Not After : May 19 01:37:32 2024 GMT
Subject: CN=6618905f-270e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:52:5a:6b:69:ca:0f:16:5a:f9:3e:49:d4:0b:
eb:4c:b8:a7:2b:15:66:55:18:65:79:35:c7:43:70:
12:50:b3:05:4b:af:af:2f:40:52:33:d4:1a:84:6d:
c6:d9:90:cf:81:88:59:c4:bd:0e:e8:e4:4b:d8:b3:
77:6d:9a:3c:28:9f:64:b4:30:47:56:3f:e8:45:9f:
ec:6c:ad:52:5f:3b:13:80:ba:bd:f7:fe:68:f5:61:
c1:cf:0c:a7:dc:96:ba:0e:a0:bd:f5:78:3b:74:e2:
93:cc:2d:34:49:19:8c:ab:3d:da:fa:f1:0a:e0:0e:
a6:e8:e5:4d:e6:5e:47:e6:bf:ee:39:f0:fc:8c:f1:
d8:69:6f:6c:41:53:7b:53:49:0d:b3:78:5c:34:af:
4c:96:ed:5b:47:bf:71:0d:29:c0:b7:7f:e4:b3:bb:
c3:20:7a:47:0e:9e:5a:c5:b3:81:6a:a1:e3:dc:25:
67:e6:3a:ba:74:e1:6c:4e:42:57:72:26:8b:89:be:
a0:cc:f5:d7:95:1c:31:06:02:12:1c:05:c4:9e:34:
ae:16:bd:62:25:1c:b0:bb:67:73:90:91:5f:a0:d7:
d1:6f:1c:a3:6f:af:b8:89:1f:ef:8d:a1:7a:8f:e7:
d3:13:d6:47:42:07:0a:6a:50:d5:55:27:33:5b:b1:
64:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E4:DA:A4:42:BF:2C:49:BC:FF:DB:BC:44:FA:FF:0D:BC:94:CF:9A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3CD3231CF86D11EE98D7C91F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.40.0/23
Signature Algorithm: sha256WithRSAEncryption
33:b5:eb:dc:bf:c8:f4:dd:33:fa:a7:56:2e:48:52:1d:b3:d1:
2d:f4:46:49:41:d2:02:7b:ff:16:c8:c2:94:de:15:15:31:24:
3e:2a:3d:e3:f5:37:07:72:72:26:8b:25:1f:08:34:a4:91:bb:
78:09:fe:1f:ad:9e:5e:bd:21:9a:e4:91:cf:b8:50:c3:06:24:
0c:7f:01:6b:f7:05:2c:57:51:cc:63:a7:a2:33:a2:e5:3f:b5:
b7:3f:2b:9f:09:43:d4:87:32:13:e2:9b:cb:d5:0f:66:20:5d:
da:b8:03:03:60:59:8b:ee:c7:01:46:10:f4:cf:a8:81:72:12:
52:3a:f2:11:8e:13:20:44:86:9c:24:11:9c:4e:01:35:50:c2:
af:cd:36:5a:d7:a7:43:87:c6:56:f2:7b:fd:07:2c:8b:64:97:
f8:6d:1b:0a:9c:c4:c4:c0:db:36:be:03:ad:d5:bc:ce:90:a5:
f3:59:f1:cb:67:ee:d2:ee:68:b3:1d:9c:3e:7d:05:bd:9d:bc:
1e:4f:ac:e3:23:74:7f:1c:57:c5:ec:8c:ed:1c:05:3f:f5:c2:
42:6b:1e:ae:42:c3:c6:6e:f1:3d:fe:bf:4d:f5:75:9d:07:d2:
55:d0:d4:27:f7:c4:c8:0b:37:20:bc:8f:0a:2a:ad:94:83:44:
4e:58:ae:91
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKuQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDEyMDEzNzMyWhcNMjQwNTE5MDEzNzMyWjAYMRYw
FAYDVQQDEw02NjE4OTA1Zi0yNzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1VJaa2nKDxZa+T5J1AvrTLinKxVmVRhleTXHQ3ASULMFS6+vL0BSM9Qa
hG3G2ZDPgYhZxL0O6ORL2LN3bZo8KJ9ktDBHVj/oRZ/sbK1SXzsTgLq99/5o9WHB
zwyn3Ja6DqC99Xg7dOKTzC00SRmMqz3a+vEK4A6m6OVN5l5H5r/uOfD8jPHYaW9s
QVN7U0kNs3hcNK9Mlu1bR79xDSnAt3/ks7vDIHpHDp5axbOBaqHj3CVn5jq6dOFs
TkJXciaLib6gzPXXlRwxBgISHAXEnjSuFr1iJRywu2dzkJFfoNfRbxyjb6+4iR/v
jaF6j+fTE9ZHQgcKalDVVSczW7FkzQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKLk
2qRCvyxJvP/bvET6/w28lM+aMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQ0QzMjMxQ0Y4NkQxMUVFOThEN0M5MUYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml0oMA0GCSqGSIb3DQEB
CwUAA4IBAQAztevcv8j03TP6p1YuSFIds9Et9EZJQdICe/8WyMKU3hUVMSQ+Kj3j
9TcHcnImiyUfCDSkkbt4Cf4frZ5evSGa5JHPuFDDBiQMfwFr9wUsV1HMY6eiM6Ll
P7W3PyufCUPUhzIT4pvL1Q9mIF3auAMDYFmL7scBRhD0z6iBchJSOvIRjhMgRIac
JBGcTgE1UMKvzTZa16dDh8ZW8nv9ByyLZJf4bRsKnMTEwNs2vgOt1bzOkKXzWfHL
Z+7S7mizHZw+fQW9nbweT6zjI3R/HFfF7IztHAU/9cJCax6uQsPGbvE9/r9N9XWd
B9JV0NQn98TICzcgvI8KKq2Ug0ROWK6R
-----END CERTIFICATE-----
Generated at Fri May 3 04:36:06 2024 by rpki-client on console-ams.rpki-client.org