Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40233358E74811EE94C19D52775412E6.roa
File: 40233358E74811EE94C19D52775412E6.roa (raw, json)
Hash identifier: 8dRMB45oNuGNEhSsmADdeqJipnDw20hYua/xiLfk3tI=
Subject key identifier: B2:0D:05:41:3B:EE:E7:44:AD:51:58:55:1A:2D:2E:5E:CA:82:A6:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A419
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40233358E74811EE94C19D52775412E6.roa
Signing time: Thu 21 Mar 2024 06:00:00 +0000
ROA not before: Thu 21 Mar 2024 05:59:56 +0000
ROA not after: Tue 23 Apr 2024 05:59:56 +0000
asID: 44559
IP address blocks: 154.220.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 23 Apr 2024 00:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42009 (0xa419)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 05:59:56 2024 GMT
Not After : Apr 23 05:59:56 2024 GMT
Subject: CN=65fbccdf-c9de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:67:88:bd:0b:fe:40:59:2d:78:34:61:de:bc:
cb:47:a6:a1:16:70:42:81:93:73:0e:bf:0d:35:55:
1c:14:3b:5a:05:ad:d5:05:73:25:46:67:6a:df:24:
6c:38:d3:ce:0e:0b:db:7c:5d:e7:7c:6e:44:39:be:
eb:92:cb:d5:f6:b6:b2:3d:36:dd:e6:0c:80:67:3e:
54:04:aa:cd:6d:95:92:a6:71:a1:1d:fa:24:60:95:
86:d1:f7:2e:72:b6:49:7d:b9:50:ce:e6:5c:c2:31:
57:cf:5c:6d:39:f9:e0:d5:8f:33:9f:ce:1f:39:69:
f9:96:bf:74:e3:2a:01:1a:cf:7b:05:e3:f6:5b:42:
23:4e:2a:c9:8c:b7:ad:ef:9d:55:e0:da:fc:77:e5:
0e:38:c3:33:52:d3:46:03:fe:cf:8a:4f:1d:bf:00:
b3:e4:22:64:57:b0:80:bc:d4:77:37:07:3c:bd:fc:
86:c2:5c:06:5b:24:d8:56:64:90:40:ed:4d:a2:1a:
da:55:1a:1f:a5:f2:b2:e5:94:67:45:6a:e4:b7:48:
8d:e2:5a:1c:fb:cb:fd:fc:d7:2a:05:d8:b2:5a:8e:
3a:06:03:60:68:9c:ec:fd:e5:25:9b:b9:d9:e1:64:
51:c8:b9:0a:8b:20:29:d6:80:e5:0d:b9:9a:cd:2e:
14:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0D:05:41:3B:EE:E7:44:AD:51:58:55:1A:2D:2E:5E:CA:82:A6:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40233358E74811EE94C19D52775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.172.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:29:3e:54:2c:e8:f2:64:e3:04:04:bc:55:2c:7a:83:af:76:
7b:a4:5c:c8:88:ff:79:2a:92:a6:33:9e:e6:ad:82:ea:ab:fe:
b8:9d:c4:29:69:63:fd:4f:ac:44:71:43:a8:20:b9:6d:8e:06:
0a:f3:cf:65:6a:e9:99:d8:69:5a:8f:97:02:13:c2:b1:08:a9:
ab:a1:22:72:dd:b2:fa:e1:01:05:b5:c3:82:1f:b0:ba:36:bb:
a3:3c:91:a2:a2:2b:93:65:86:2e:b3:c0:d3:2f:e1:9f:b2:2d:
b8:0b:d4:fa:9c:45:e0:c0:d3:54:9e:fe:e7:bd:8e:8a:03:9b:
bb:c5:66:25:24:cd:54:b8:00:42:2c:a6:7c:ac:62:03:b8:ad:
4b:65:20:56:44:bd:dd:54:4d:a0:71:b0:57:3a:15:fe:b0:5f:
f2:59:a1:21:30:bf:0d:16:10:57:6c:09:0f:4d:71:6d:1c:bc:
86:ae:73:52:a8:dd:0b:be:1e:f3:af:51:63:1b:2d:6f:b8:7d:
36:6f:6d:2f:b8:af:29:73:b7:e2:84:18:29:c6:fc:c6:0d:ec:
79:d7:b3:a1:d6:93:7a:ed:a0:2b:79:73:ae:9d:21:e1:5e:42:
73:d5:dd:f9:4c:d6:65:c8:99:6e:b8:f0:7e:cc:cc:4a:83:d3:
64:a2:7a:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKQZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIxMDU1OTU2WhcNMjQwNDIzMDU1OTU2WjAYMRYw
FAYDVQQDEw02NWZiY2NkZi1jOWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3GeIvQv+QFkteDRh3rzLR6ahFnBCgZNzDr8NNVUcFDtaBa3VBXMlRmdq
3yRsONPODgvbfF3nfG5EOb7rksvV9rayPTbd5gyAZz5UBKrNbZWSpnGhHfokYJWG
0fcucrZJfblQzuZcwjFXz1xtOfng1Y8zn84fOWn5lr904yoBGs97BeP2W0IjTirJ
jLet751V4Nr8d+UOOMMzUtNGA/7Pik8dvwCz5CJkV7CAvNR3Nwc8vfyGwlwGWyTY
VmSQQO1NohraVRofpfKy5ZRnRWrkt0iN4loc+8v9/NcqBdiyWo46BgNgaJzs/eUl
m7nZ4WRRyLkKiyAp1oDlDbmazS4U8wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLIN
BUE77udErVFYVRotLl7KgqZSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MDIzMzM1OEU3NDgxMUVFOTRDMTlENTI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtysMA0GCSqGSIb3DQEB
CwUAA4IBAQBvKT5ULOjyZOMEBLxVLHqDr3Z7pFzIiP95KpKmM57mrYLqq/64ncQp
aWP9T6xEcUOoILltjgYK889laumZ2Glaj5cCE8KxCKmroSJy3bL64QEFtcOCH7C6
NrujPJGioiuTZYYus8DTL+Gfsi24C9T6nEXgwNNUnv7nvY6KA5u7xWYlJM1UuABC
LKZ8rGIDuK1LZSBWRL3dVE2gcbBXOhX+sF/yWaEhML8NFhBXbAkPTXFtHLyGrnNS
qN0Lvh7zr1FjGy1vuH02b20vuK8pc7fihBgpxvzGDex517Oh1pN67aAreXOunSHh
XkJz1d35TNZlyJluuPB+zMxKg9Nkonqi
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:04:18 2024 by rpki-client on console-ams.rpki-client.org