Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D0DA24C02DA11EF8EA01429017001B1.roa
File: 6D0DA24C02DA11EF8EA01429017001B1.roa (raw, json)
Hash identifier: pkb9JSblsa+ktV0BdnYvTYuFcA6JhpXPjtjZSyxhpf0=
Subject key identifier: 3C:07:61:4A:4C:20:2A:25:C4:7D:1D:85:7B:38:88:71:31:A5:7C:37
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B04B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D0DA24C02DA11EF8EA01429017001B1.roa
Signing time: Thu 25 Apr 2024 08:04:23 +0000
ROA not before: Thu 25 Apr 2024 08:04:19 +0000
ROA not after: Tue 28 May 2024 08:04:19 +0000
asID: 149440
IP address blocks: 154.91.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 12 May 2024 00:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45131 (0xb04b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 08:04:19 2024 GMT
Not After : May 28 08:04:19 2024 GMT
Subject: CN=662a0e87-ae6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:a3:57:37:ce:a7:a4:a4:0a:ff:8b:16:b6:
25:01:c8:ba:39:4e:a1:a8:44:f5:b9:53:60:e1:1e:
b1:45:51:3b:bf:d5:5a:d7:8b:c7:bf:5b:e9:1d:8f:
fc:03:e0:49:41:1d:5a:d0:04:90:d7:66:49:fb:01:
61:68:03:e1:70:c1:7f:4f:79:38:ca:88:c9:60:f4:
28:cc:84:c0:ae:14:60:a9:21:38:af:c7:49:a5:9f:
ba:41:68:91:5b:43:cb:3d:9a:76:59:b4:ad:29:9a:
b5:b3:b1:e0:ac:f2:06:2e:01:01:9a:71:b1:69:63:
ad:e6:6f:eb:3f:fd:06:18:98:b2:bd:c2:a4:4e:78:
7d:7f:8a:2f:21:35:93:b3:d2:ef:e9:1a:8b:6c:e8:
18:34:b8:ce:72:c4:1e:8a:57:47:2b:f4:43:79:ed:
78:d7:dd:5c:df:3c:55:9d:ce:f4:1e:4f:1d:8f:e3:
0f:19:3b:0f:23:48:b1:a4:12:86:3f:3f:26:a8:26:
f7:cf:88:d4:16:f2:3d:fb:67:40:77:44:c5:25:a0:
39:79:c0:ee:27:21:32:bc:9a:32:f1:6e:27:0d:08:
72:24:11:62:48:94:50:ec:cd:f7:83:8e:14:3b:83:
25:4c:05:03:b8:a0:ad:8a:fb:1c:b7:7a:69:d4:13:
85:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:07:61:4A:4C:20:2A:25:C4:7D:1D:85:7B:38:88:71:31:A5:7C:37
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6D0DA24C02DA11EF8EA01429017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.0.0/24
Signature Algorithm: sha256WithRSAEncryption
73:c1:ef:36:c0:76:30:ad:ae:59:ba:f1:53:10:3c:72:a7:2b:
2a:1a:61:4b:5f:66:6f:d8:69:1f:85:93:0d:1e:8f:81:64:6a:
bc:cb:da:ee:31:d6:4a:73:3c:e3:a7:d1:18:45:91:be:16:ee:
24:a0:4f:b3:0d:27:7c:eb:61:c7:05:87:28:c6:84:a3:20:71:
22:2f:bf:23:bc:a9:6c:52:04:44:c2:8d:93:d9:7d:c3:d0:a5:
35:09:64:d7:7f:4c:e1:b7:30:38:e5:30:39:bf:0b:eb:d5:f8:
d9:9b:99:d1:ab:52:88:30:c4:26:ae:66:b2:ad:bb:82:6b:27:
51:b6:32:e3:58:ff:91:ef:ba:8b:e0:2c:d1:a1:79:b4:f5:63:
b0:1c:7b:9b:7b:b4:27:f1:84:49:02:6c:c3:c3:58:0f:c5:1d:
f9:c1:38:3c:4b:55:6f:3d:42:e7:8f:1f:4b:1f:9e:f5:23:31:
57:c1:d9:7e:01:bf:fa:76:fe:7b:60:77:de:ce:c0:e6:0b:df:
aa:e3:d8:ff:df:05:07:cd:25:48:96:75:98:df:b2:c7:9c:3e:
ed:89:9c:21:4f:fe:7e:fe:0c:0b:8b:b2:46:6e:0b:91:23:61:
5b:c0:60:86:6f:84:3a:fa:c9:90:2c:c2:f3:fc:4f:fd:8c:a5:
69:d4:c8:32
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALBLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI1MDgwNDE5WhcNMjQwNTI4MDgwNDE5WjAYMRYw
FAYDVQQDEw02NjJhMGU4Ny1hZTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwwmjVzfOp6SkCv+LFrYlAci6OU6hqET1uVNg4R6xRVE7v9Va14vHv1vp
HY/8A+BJQR1a0ASQ12ZJ+wFhaAPhcMF/T3k4yojJYPQozITArhRgqSE4r8dJpZ+6
QWiRW0PLPZp2WbStKZq1s7HgrPIGLgEBmnGxaWOt5m/rP/0GGJiyvcKkTnh9f4ov
ITWTs9Lv6RqLbOgYNLjOcsQeildHK/RDee14191c3zxVnc70Hk8dj+MPGTsPI0ix
pBKGPz8mqCb3z4jUFvI9+2dAd0TFJaA5ecDuJyEyvJoy8W4nDQhyJBFiSJRQ7M33
g44UO4MlTAUDuKCtivsct3pp1BOF8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDwH
YUpMIColxH0dhXs4iHExpXw3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82RDBEQTI0QzAyREExMUVGOEVBMDE0MjkwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlsAMA0GCSqGSIb3DQEB
CwUAA4IBAQBzwe82wHYwra5ZuvFTEDxypysqGmFLX2Zv2GkfhZMNHo+BZGq8y9ru
MdZKczzjp9EYRZG+Fu4koE+zDSd862HHBYcoxoSjIHEiL78jvKlsUgREwo2T2X3D
0KU1CWTXf0zhtzA45TA5vwvr1fjZm5nRq1KIMMQmrmayrbuCaydRtjLjWP+R77qL
4CzRoXm09WOwHHube7Qn8YRJAmzDw1gPxR35wTg8S1VvPULnjx9LH571IzFXwdl+
Ab/6dv57YHfezsDmC9+q49j/3wUHzSVIlnWY37LHnD7tiZwhT/5+/gwLi7JGbguR
I2FbwGCGb4Q6+smQLMLz/E/9jKVp1Mgy
-----END CERTIFICATE-----
Generated at Fri May 10 09:10:47 2024 by rpki-client on console-ams.rpki-client.org