Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E967706EFF511EEB5C738B8775412E6.roa
File: 8E967706EFF511EEB5C738B8775412E6.roa (raw, json)
Hash identifier: QdRRXImayxKuTB+hJytPrZXS0aO12s6tIquPVV5wkVA=
Subject key identifier: E5:AC:52:32:E1:35:F8:41:40:7C:52:1C:98:C4:0A:87:16:2B:57:44
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A7F6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E967706EFF511EEB5C738B8775412E6.roa
Signing time: Mon 01 Apr 2024 07:00:43 +0000
ROA not before: Mon 01 Apr 2024 07:00:40 +0000
ROA not after: Tue 07 May 2024 07:00:40 +0000
asID: 138915
IP address blocks: 154.223.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42998 (0xa7f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 1 07:00:40 2024 GMT
Not After : May 7 07:00:40 2024 GMT
Subject: CN=660a5b9b-aa2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4d:c9:d1:03:4e:00:ac:61:50:b4:60:23:a7:
e2:6b:4d:93:1f:70:4f:7d:0f:42:20:37:a0:57:90:
96:92:c0:39:14:99:cb:da:80:d8:d2:eb:c1:90:f0:
15:40:90:53:46:82:d7:a3:81:fa:bd:bc:aa:b7:da:
c5:67:45:40:06:89:bf:d4:a6:aa:24:c6:bf:0c:12:
c0:e6:ca:70:c6:82:73:c7:54:d2:9d:8a:af:29:b8:
f0:1c:01:13:f0:3c:ca:94:3e:0c:0f:90:ee:4c:25:
72:1d:56:79:22:93:5c:d2:f0:b6:89:a6:99:a9:c2:
43:97:87:33:d3:01:bc:c4:5a:65:c0:60:57:2c:1a:
ca:bb:d2:65:0c:70:5c:00:a8:d4:9c:ef:22:de:40:
55:6e:b3:2b:01:3a:44:2d:ff:b8:02:4f:3f:59:1d:
a0:2a:df:e5:9c:82:d0:b8:4d:8a:86:3d:70:86:cd:
c5:26:9d:58:4b:da:71:49:e6:c9:9e:e9:f4:0e:f0:
f8:d3:d9:0f:e5:da:f0:87:c0:81:83:eb:2c:41:83:
31:a3:0a:47:be:1f:42:d0:0b:51:f0:8a:f1:27:0e:
9b:13:50:c1:47:3f:bd:b9:16:46:96:77:ad:d8:c7:
4d:8c:f8:35:5d:7a:4a:3f:6a:59:07:35:f7:bf:2b:
9d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AC:52:32:E1:35:F8:41:40:7C:52:1C:98:C4:0A:87:16:2B:57:44
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8E967706EFF511EEB5C738B8775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.33.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ed:c4:a7:07:d7:c0:56:f7:18:4c:b3:eb:e5:4b:52:25:0e:
52:72:01:23:3c:57:44:7d:05:62:74:69:69:a8:cf:63:7b:0d:
59:34:b7:22:c4:6e:5e:ef:ea:0a:2f:ae:1d:6a:b3:90:9e:68:
37:7e:a3:f4:8a:fb:7a:c7:af:5f:e0:cf:51:22:82:90:5e:ed:
28:e9:33:7a:b7:0f:33:fd:5e:ed:26:5c:7f:7b:85:aa:40:17:
c7:8a:2a:5b:f6:62:51:dc:78:61:04:f3:50:f5:d4:e6:ae:8f:
9f:dd:33:e3:84:51:fc:81:1e:20:88:ef:81:73:8f:85:e9:78:
a7:a2:41:7f:c8:d4:6d:d1:ae:38:83:1c:d3:a0:a4:36:c7:cd:
89:37:a9:05:56:e7:f6:f8:c4:32:e5:4f:08:9b:f6:8a:aa:b7:
db:32:c7:b1:f2:ac:d4:4d:4d:71:e8:36:f6:5a:c6:05:f1:c3:
94:af:62:a1:cf:70:f5:a6:0a:c9:0e:ac:c6:10:a1:ba:a6:80:
d5:2a:16:4e:1c:8e:03:60:68:45:1a:f1:90:38:ac:2a:b6:98:
0f:3a:44:6c:25:0c:95:73:4b:b0:71:a6:91:ed:73:60:36:be:
1b:39:94:90:3c:17:4b:b5:15:f5:b8:8c:67:77:f1:65:57:d7:
c0:f2:81:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKf2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAxMDcwMDQwWhcNMjQwNTA3MDcwMDQwWjAYMRYw
FAYDVQQDEw02NjBhNWI5Yi1hYTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApU3J0QNOAKxhULRgI6fia02TH3BPfQ9CIDegV5CWksA5FJnL2oDY0uvB
kPAVQJBTRoLXo4H6vbyqt9rFZ0VABom/1KaqJMa/DBLA5spwxoJzx1TSnYqvKbjw
HAET8DzKlD4MD5DuTCVyHVZ5IpNc0vC2iaaZqcJDl4cz0wG8xFplwGBXLBrKu9Jl
DHBcAKjUnO8i3kBVbrMrATpELf+4Ak8/WR2gKt/lnILQuE2Khj1whs3FJp1YS9px
SebJnun0DvD409kP5drwh8CBg+ssQYMxowpHvh9C0AtR8IrxJw6bE1DBRz+9uRZG
lnet2MdNjPg1XXpKP2pZBzX3vyudoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOWs
UjLhNfhBQHxSHJjECocWK1dEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RTk2NzcwNkVGRjUxMUVFQjVDNzM4Qjg3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8hMA0GCSqGSIb3DQEB
CwUAA4IBAQCX7cSnB9fAVvcYTLPr5UtSJQ5ScgEjPFdEfQVidGlpqM9jew1ZNLci
xG5e7+oKL64darOQnmg3fqP0ivt6x69f4M9RIoKQXu0o6TN6tw8z/V7tJlx/e4Wq
QBfHiipb9mJR3HhhBPNQ9dTmro+f3TPjhFH8gR4giO+Bc4+F6XinokF/yNRt0a44
gxzToKQ2x82JN6kFVuf2+MQy5U8Im/aKqrfbMsex8qzUTU1x6Db2WsYF8cOUr2Kh
z3D1pgrJDqzGEKG6poDVKhZOHI4DYGhFGvGQOKwqtpgPOkRsJQyVc0uwcaaR7XNg
Nr4bOZSQPBdLtRX1uIxnd/FlV9fA8oFw
-----END CERTIFICATE-----
Generated at Fri May 3 04:36:15 2024 by rpki-client on console-ams.rpki-client.org