Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5AF20C54F01211EE9DF54798775412E6.roa
File: 5AF20C54F01211EE9DF54798775412E6.roa (raw, json)
Hash identifier: MA2gyoo+Z36HxVOyVwNZE9qmQuam6bEcN69OJSM3L3Q=
Subject key identifier: 18:9F:47:AE:40:87:AF:C1:03:7E:70:DA:84:EB:A5:7B:5A:2B:7E:B6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A898
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5AF20C54F01211EE9DF54798775412E6.roa
Signing time: Mon 01 Apr 2024 10:26:52 +0000
ROA not before: Mon 01 Apr 2024 10:26:49 +0000
ROA not after: Sat 11 May 2024 10:26:49 +0000
asID: 138915
IP address blocks: 154.203.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43160 (0xa898)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 1 10:26:49 2024 GMT
Not After : May 11 10:26:49 2024 GMT
Subject: CN=660a8bec-e4f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6b:af:a2:81:5e:27:5e:ce:0e:c7:bb:9e:96:
ad:86:f6:82:bb:96:e7:7b:4f:8a:e7:44:5f:02:a1:
38:82:fc:2a:db:9c:1a:e9:d8:58:57:6d:5b:82:77:
ca:76:f9:e8:a1:2c:36:8f:8c:83:af:41:1e:d8:b7:
bf:f4:e1:bf:09:64:08:c0:26:b0:b6:61:b4:ef:e8:
39:06:a1:34:d0:c7:19:6f:74:a3:11:76:18:35:5d:
22:f7:61:93:a8:57:ad:f3:e3:be:0e:d2:37:59:a3:
a9:e6:5f:64:7c:26:5f:24:fe:e7:68:2f:43:73:f2:
38:a1:68:cf:a0:28:6e:06:da:2b:20:33:20:c9:4a:
30:39:65:e4:d9:ca:41:17:e1:cc:a3:3e:59:8e:38:
35:68:31:43:c6:22:70:27:1d:f0:7b:ed:b2:71:8e:
ed:b7:b8:70:8e:f9:4e:4d:74:ea:0c:ac:45:08:a4:
18:a5:30:dc:e6:40:a6:ef:bc:03:51:53:7b:a2:67:
9f:0a:17:17:45:32:bd:f2:2f:53:19:34:b8:09:e7:
68:ac:ef:2d:70:de:04:56:16:e1:9e:ee:f3:80:eb:
a5:02:c0:d8:20:f7:1e:d9:18:86:c2:52:fe:c2:9b:
c5:b2:43:71:75:23:8a:9b:09:73:75:57:ef:58:7a:
54:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9F:47:AE:40:87:AF:C1:03:7E:70:DA:84:EB:A5:7B:5A:2B:7E:B6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5AF20C54F01211EE9DF54798775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.138.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:4b:94:88:37:ba:94:88:2e:65:ab:a7:b3:c3:b7:76:d7:5c:
a0:2a:6f:d6:3e:02:5a:0b:ee:82:5a:14:72:f9:08:2a:92:01:
0d:58:cc:ff:03:30:10:b8:d6:bb:c9:58:77:87:76:0e:5c:95:
e0:f2:3a:aa:4e:ef:38:90:a4:8f:65:e1:ae:ec:0f:ba:dd:6c:
72:07:84:5e:64:ce:f5:89:78:f1:8f:4b:3c:90:21:69:9d:0b:
6d:42:6a:c8:6f:9b:a6:9c:36:87:a3:24:bb:48:a6:b0:97:2c:
50:80:54:a9:10:d8:d1:cd:10:af:d7:6a:b3:78:26:b9:0f:7b:
f9:2c:67:c1:67:55:50:3c:36:4e:24:64:aa:0d:3d:40:2c:b7:
cd:07:e9:dd:5e:86:d9:0e:2f:99:70:17:19:35:6b:34:02:5b:
67:f6:20:5e:1d:7c:f2:ff:81:26:ca:ec:3d:50:06:cc:a1:d1:
e9:06:38:c4:aa:14:7d:a1:04:38:4f:44:ae:b1:c1:b6:01:26:
75:4c:88:d2:36:a2:09:89:53:bc:7c:1a:1d:c8:79:57:ff:8f:
c5:34:25:2b:2f:bc:a3:a5:66:01:60:fc:83:80:15:5e:56:bd:
17:0d:31:de:ec:1a:8c:7b:19:54:c2:2e:42:2d:93:8e:db:9e:
83:eb:4d:59
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKiYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAxMTAyNjQ5WhcNMjQwNTExMTAyNjQ5WjAYMRYw
FAYDVQQDEw02NjBhOGJlYy1lNGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA12uvooFeJ17ODse7npathvaCu5bne0+K50RfAqE4gvwq25wa6dhYV21b
gnfKdvnooSw2j4yDr0Ee2Le/9OG/CWQIwCawtmG07+g5BqE00McZb3SjEXYYNV0i
92GTqFet8+O+DtI3WaOp5l9kfCZfJP7naC9Dc/I4oWjPoChuBtorIDMgyUowOWXk
2cpBF+HMoz5Zjjg1aDFDxiJwJx3we+2ycY7tt7hwjvlOTXTqDKxFCKQYpTDc5kCm
77wDUVN7omefChcXRTK98i9TGTS4CedorO8tcN4EVhbhnu7zgOulAsDYIPce2RiG
wlL+wpvFskNxdSOKmwlzdVfvWHpUGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBif
R65Ah6/BA35w2oTrpXtaK362MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QUYyMEM1NEYwMTIxMUVFOURGNTQ3OTg3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuKMA0GCSqGSIb3DQEB
CwUAA4IBAQArS5SIN7qUiC5lq6ezw7d211ygKm/WPgJaC+6CWhRy+QgqkgENWMz/
AzAQuNa7yVh3h3YOXJXg8jqqTu84kKSPZeGu7A+63WxyB4ReZM71iXjxj0s8kCFp
nQttQmrIb5umnDaHoyS7SKawlyxQgFSpENjRzRCv12qzeCa5D3v5LGfBZ1VQPDZO
JGSqDT1ALLfNB+ndXobZDi+ZcBcZNWs0Altn9iBeHXzy/4Emyuw9UAbModHpBjjE
qhR9oQQ4T0SuscG2ASZ1TIjSNqIJiVO8fBodyHlX/4/FNCUrL7yjpWYBYPyDgBVe
Vr0XDTHe7BqMexlUwi5CLZOO256D601Z
-----END CERTIFICATE-----
Generated at Fri May 3 04:36:10 2024 by rpki-client on console-ams.rpki-client.org