Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C4A408C5EF611EF93CECAB4762E951A.roa
File: 5C4A408C5EF611EF93CECAB4762E951A.roa (raw, json)
Hash identifier: vMX0V3kMEAFk+0kgNfV4ngq12BXQdX5YDb/+bS177Qc=
Subject key identifier: D6:71:6C:0D:83:ED:9F:4C:A7:11:0B:CD:CE:9D:27:E9:62:31:FA:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: E200
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C4A408C5EF611EF93CECAB4762E951A.roa
Signing time: Tue 20 Aug 2024 13:16:07 +0000
ROA not before: Tue 20 Aug 2024 13:16:04 +0000
ROA not after: Tue 27 May 2025 13:16:04 +0000
asID: 399077
IP address blocks: 154.91.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57856 (0xe200)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 20 13:16:04 2024 GMT
Not After : May 27 13:16:04 2025 GMT
Subject: CN=66c49717-5eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f1:a3:5e:61:d5:f6:3c:ba:67:01:de:02:c5:
da:3c:03:b2:96:77:42:03:45:23:a5:04:b3:14:74:
a7:2c:3b:56:74:8f:e5:cb:30:fa:d7:4b:87:76:eb:
2f:d4:1a:38:b0:e8:e0:2b:5b:e7:6a:30:cb:01:89:
fe:21:fc:52:a6:be:99:af:87:60:6f:05:4f:53:e6:
e4:46:8c:4f:4c:f2:42:a1:f9:f7:70:33:47:1d:12:
c4:a6:96:10:78:cb:ed:97:b1:d5:91:e3:32:a4:81:
c4:2a:db:85:58:07:21:88:ee:f9:0d:a2:d1:00:8e:
f4:dd:3f:2e:43:e5:c6:5b:e0:79:bf:2c:44:02:d7:
81:f0:1e:a2:06:49:32:8d:53:b7:4d:8d:ea:e1:e8:
3f:ad:3d:7f:ce:2a:0b:80:c6:e2:95:77:de:9f:17:
40:54:11:1a:76:e7:59:42:be:a7:12:ce:e4:53:70:
15:dd:6d:6d:62:c9:be:11:9e:74:4f:d8:03:ca:dc:
7d:cd:3e:ad:c0:5c:74:c4:50:f1:6a:bd:c2:a2:9e:
7d:94:b4:12:a4:59:32:43:9c:c4:92:83:ff:cd:4e:
3b:c9:a6:1f:2b:57:a4:31:ec:a7:4f:9f:0c:10:f8:
5a:d1:11:a8:4c:e1:14:1d:02:04:03:cf:ea:86:47:
77:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:71:6C:0D:83:ED:9F:4C:A7:11:0B:CD:CE:9D:27:E9:62:31:FA:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5C4A408C5EF611EF93CECAB4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5d:45:13:6b:51:de:48:ed:70:86:b7:dd:d5:1d:d4:73:80:cf:
b7:8b:77:2d:75:fd:ff:5c:7a:13:a1:f2:3f:cf:a3:34:1d:8e:
12:b8:46:7b:36:e8:dc:2b:ce:8b:a7:74:d5:46:7b:13:94:1e:
74:a0:d7:10:0d:5b:64:6f:db:e3:f4:9b:a0:c9:ff:36:3b:a6:
9a:d8:f2:35:3b:06:b5:34:a3:b2:0c:c9:ff:db:ac:4e:13:19:
31:41:cf:0d:7d:f7:22:41:83:20:40:d9:9d:bf:2c:37:5c:fa:
05:65:c4:6e:5d:b3:09:ca:3e:f9:60:4c:80:e2:6e:84:5f:8b:
6c:66:b7:c9:a2:d8:78:6c:1f:99:2f:79:b8:b7:90:16:26:ed:
65:b9:56:ae:27:61:d6:e4:cd:28:9f:f8:53:63:44:33:85:3e:
60:71:96:76:0b:e4:2b:a4:5e:0f:8f:69:3e:2b:49:8c:60:2f:
c6:ac:e2:f5:ea:bb:0d:a3:6b:09:d8:bb:5e:ec:a6:8c:8b:0e:
b1:ac:f4:5c:ae:87:f6:91:16:cb:6a:f1:20:38:44:a2:09:1c:
4d:09:7f:03:27:b1:de:e0:0a:7d:f9:08:87:65:e2:3e:a0:f9:
42:67:0d:f8:79:bf:02:d2:8f:47:9b:61:5c:f8:39:6b:4f:c7:
22:97:0f:93
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAOIAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwODIwMTMxNjA0WhcNMjUwNTI3MTMxNjA0WjAYMRYw
FAYDVQQDEw02NmM0OTcxNy01ZWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp/GjXmHV9jy6ZwHeAsXaPAOylndCA0UjpQSzFHSnLDtWdI/lyzD610uH
dusv1Bo4sOjgK1vnajDLAYn+IfxSpr6Zr4dgbwVPU+bkRoxPTPJCofn3cDNHHRLE
ppYQeMvtl7HVkeMypIHEKtuFWAchiO75DaLRAI703T8uQ+XGW+B5vyxEAteB8B6i
BkkyjVO3TY3q4eg/rT1/zioLgMbilXfenxdAVBEadudZQr6nEs7kU3AV3W1tYsm+
EZ50T9gDytx9zT6twFx0xFDxar3Cop59lLQSpFkyQ5zEkoP/zU47yaYfK1ekMeyn
T58MEPha0RGoTOEUHQIEA8/qhkd37QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNZx
bA2D7Z9MpxELzc6dJ+liMfp2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81QzRBNDA4QzVFRjYxMUVGOTNDRUNBQjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmltAMA0GCSqGSIb3DQEB
CwUAA4IBAQBdRRNrUd5I7XCGt93VHdRzgM+3i3ctdf3/XHoTofI/z6M0HY4SuEZ7
NujcK86Lp3TVRnsTlB50oNcQDVtkb9vj9Jugyf82O6aa2PI1Owa1NKOyDMn/26xO
ExkxQc8NffciQYMgQNmdvyw3XPoFZcRuXbMJyj75YEyA4m6EX4tsZrfJoth4bB+Z
L3m4t5AWJu1luVauJ2HW5M0on/hTY0QzhT5gcZZ2C+QrpF4Pj2k+K0mMYC/GrOL1
6rsNo2sJ2Lte7KaMiw6xrPRcrof2kRbLavEgOESiCRxNCX8DJ7He4Ap9+QiHZeI+
oPlCZw34eb8C0o9Hm2Fc+DlrT8cilw+T
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:05 2024 by rpki-client on console-ams.rpki-client.org