Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FC039FAF17111EEA158715D775412E6.roa
File: 8FC039FAF17111EEA158715D775412E6.roa (raw, json)
Hash identifier: 4rYUetNVpDyWoleS/FCPu7X1tnAScwO88GXIa7a5olY=
Subject key identifier: AC:97:E3:EB:08:58:64:3F:8D:0D:5D:79:32:4D:25:3F:CF:8A:58:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A928
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FC039FAF17111EEA158715D775412E6.roa
Signing time: Wed 03 Apr 2024 04:20:54 +0000
ROA not before: Wed 03 Apr 2024 04:20:51 +0000
ROA not after: Mon 06 May 2024 04:20:51 +0000
asID: 147176
IP address blocks: 154.84.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43304 (0xa928)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 3 04:20:51 2024 GMT
Not After : May 6 04:20:51 2024 GMT
Subject: CN=660cd926-4c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6d:0b:2f:e0:b6:58:9e:31:36:0c:34:a7:98:
18:51:4b:74:e6:01:e6:60:6b:2d:0b:2c:cb:cc:fb:
91:32:8e:b0:cd:1d:5f:f9:75:d3:c8:ab:40:d8:55:
79:f2:69:54:24:14:00:d7:86:c4:9c:1f:c3:7d:06:
26:bb:bc:d0:4b:7d:7f:56:96:e8:eb:41:f6:d2:6d:
b8:41:4b:bb:cc:c7:c5:c2:55:6e:a2:7f:66:4c:57:
e4:00:02:d3:48:63:ea:fa:c4:ea:61:2e:14:81:b8:
ec:bd:8c:61:5a:17:de:10:02:2a:53:cc:94:5b:c6:
57:95:e2:d6:b5:7c:c3:08:66:8c:73:d6:80:d6:c3:
95:f9:76:63:63:53:02:ac:1d:20:c1:b9:5b:ce:ba:
b5:e7:4a:ee:c0:8c:5b:0d:43:1b:ee:94:1f:b0:e3:
a2:31:0d:2d:f1:e1:d0:28:4e:d8:cb:02:3d:e0:4b:
10:57:89:ef:6e:d5:5f:41:ce:ce:77:cd:e8:59:87:
f2:eb:40:5d:df:b6:a2:7a:20:88:a5:a4:e4:21:d6:
1c:21:40:eb:3a:95:c9:a6:53:76:1e:4d:a1:89:02:
0e:42:e4:18:b7:87:bd:e5:6a:ef:eb:2e:7f:ba:b9:
ef:01:bd:27:c0:ae:b3:cf:da:77:ed:49:eb:77:7e:
09:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:97:E3:EB:08:58:64:3F:8D:0D:5D:79:32:4D:25:3F:CF:8A:58:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8FC039FAF17111EEA158715D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.153.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:40:bd:6a:c3:d9:a7:2b:55:cf:ae:cc:f2:4c:51:5e:34:27:
de:16:96:24:92:5a:92:5c:b1:a9:81:ee:d7:cf:cc:d9:42:60:
b8:ba:66:e8:d1:c0:a9:c4:19:bb:a0:b6:26:39:d9:65:96:39:
bc:01:19:ff:29:9a:a7:50:52:eb:a9:3c:78:83:26:75:8e:22:
8f:8a:53:e1:00:23:05:f8:a3:7a:1c:71:16:fe:c9:b1:66:b2:
e5:cc:47:47:dc:65:29:08:26:50:56:c3:6d:8f:56:75:b5:37:
58:b9:d9:2e:47:52:e9:3e:93:9e:98:5e:8d:7f:03:c3:8f:90:
42:8d:9d:af:0a:62:4b:39:f3:39:cd:4d:2c:3f:12:9d:eb:82:
18:0b:67:02:af:58:c8:fe:27:f8:aa:72:57:26:b0:77:01:7c:
ec:85:ef:06:12:74:7f:ab:1f:65:11:1a:db:15:9f:04:76:6e:
3d:dd:82:10:29:ca:e2:4a:52:80:24:b2:11:b0:52:7c:bc:1a:
57:9b:ce:28:a6:6a:91:e9:2c:f6:5f:68:71:16:ee:ff:e9:52:
f4:7b:e8:e7:a8:8c:57:98:87:20:81:80:48:fe:23:47:a1:5c:
e7:63:3d:62:5f:29:12:5a:35:d5:c4:b3:06:f1:2f:18:e0:d4:
ea:61:d0:3d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKkoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAzMDQyMDUxWhcNMjQwNTA2MDQyMDUxWjAYMRYw
FAYDVQQDEw02NjBjZDkyNi00Yzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq20LL+C2WJ4xNgw0p5gYUUt05gHmYGstCyzLzPuRMo6wzR1f+XXTyKtA
2FV58mlUJBQA14bEnB/DfQYmu7zQS31/Vpbo60H20m24QUu7zMfFwlVuon9mTFfk
AALTSGPq+sTqYS4UgbjsvYxhWhfeEAIqU8yUW8ZXleLWtXzDCGaMc9aA1sOV+XZj
Y1MCrB0gwblbzrq150ruwIxbDUMb7pQfsOOiMQ0t8eHQKE7YywI94EsQV4nvbtVf
Qc7Od83oWYfy60Bd37aieiCIpaTkIdYcIUDrOpXJplN2Hk2hiQIOQuQYt4e95Wrv
6y5/urnvAb0nwK6zz9p37Unrd34J6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKyX
4+sIWGQ/jQ1deTJNJT/PiliDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RkMwMzlGQUYxNzExMUVFQTE1ODcxNUQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlSZMA0GCSqGSIb3DQEB
CwUAA4IBAQAaQL1qw9mnK1XPrszyTFFeNCfeFpYkklqSXLGpge7Xz8zZQmC4umbo
0cCpxBm7oLYmOdllljm8ARn/KZqnUFLrqTx4gyZ1jiKPilPhACMF+KN6HHEW/smx
ZrLlzEdH3GUpCCZQVsNtj1Z1tTdYudkuR1LpPpOemF6NfwPDj5BCjZ2vCmJLOfM5
zU0sPxKd64IYC2cCr1jI/if4qnJXJrB3AXzshe8GEnR/qx9lERrbFZ8Edm493YIQ
KcriSlKAJLIRsFJ8vBpXm84opmqR6Sz2X2hxFu7/6VL0e+jnqIxXmIcggYBI/iNH
oVznYz1iXykSWjXVxLMG8S8Y4NTqYdA9
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:31 2024 by rpki-client on console-fra.rpki-client.org