Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/900D95B8E20511EE9BB26C4D775412E6.roa
File: 900D95B8E20511EE9BB26C4D775412E6.roa (raw, json)
Hash identifier: QzXwxxDqQsSlhcPECLUR1Li4/S2VoPD8GHXgnufA84g=
Subject key identifier: EC:FF:EB:38:34:49:7F:8B:9F:BF:39:3A:FE:5B:10:5C:6B:22:73:FC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A168
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/900D95B8E20511EE9BB26C4D775412E6.roa
Signing time: Thu 14 Mar 2024 13:20:02 +0000
ROA not before: Thu 14 Mar 2024 13:19:48 +0000
ROA not after: Fri 20 Sep 2024 13:19:48 +0000
asID: 2914
IP address blocks: 154.214.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41320 (0xa168)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 14 13:19:48 2024 GMT
Not After : Sep 20 13:19:48 2024 GMT
Subject: CN=65f2f982-4329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:50:f0:81:1f:eb:7b:69:a5:c8:06:e5:0e:8a:
db:6a:bf:f4:85:54:4d:20:61:59:2e:eb:61:78:29:
c2:97:83:c1:16:57:da:40:e3:2d:f2:68:de:17:d5:
9e:da:53:04:ce:a4:e1:47:4a:87:87:ac:cf:b5:c0:
6e:1b:10:6b:6b:d2:47:cc:10:92:e5:af:6f:a0:68:
96:be:63:6a:c0:e6:e6:dd:04:b0:b7:a3:0d:e6:36:
85:5d:c1:85:25:6c:21:96:40:28:58:58:f1:1c:cd:
3b:af:ac:1e:1e:26:c2:a9:92:59:df:4e:85:b8:80:
9a:a1:03:f9:3e:ed:43:dc:a9:52:97:33:c9:f1:c6:
87:b9:0f:73:ec:ee:3f:89:1f:68:a5:d3:cf:32:87:
56:ab:78:eb:30:76:73:14:b8:75:7e:4f:52:32:66:
b5:30:85:a9:b5:8d:06:55:44:4c:4a:06:d8:19:9e:
95:b0:e7:68:6e:63:2d:bc:c8:64:78:f1:5d:99:5c:
e5:75:e2:58:31:4a:b1:70:d6:66:22:86:b3:57:20:
8d:94:b9:75:de:f5:f3:9d:a1:ce:3c:ea:3c:f7:5c:
4a:a5:6e:e4:9f:41:2c:c6:58:ec:a3:31:c4:5a:aa:
c5:87:4a:30:1a:ec:5e:48:8c:2c:62:e0:c0:bb:de:
22:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:FF:EB:38:34:49:7F:8B:9F:BF:39:3A:FE:5B:10:5C:6B:22:73:FC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/900D95B8E20511EE9BB26C4D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.202.0/24
Signature Algorithm: sha256WithRSAEncryption
17:9c:02:3f:07:f2:47:c9:75:6a:89:b5:18:ad:5c:c0:a4:8a:
c2:0d:79:b0:e7:92:0d:bb:1b:1a:9d:e9:9a:37:43:a3:77:65:
93:8b:33:e6:91:62:91:82:a3:78:26:34:d8:e7:ef:82:9c:9f:
be:15:ac:a6:36:44:71:f6:7d:9c:94:1b:53:0b:04:11:82:45:
7b:cd:6f:10:74:73:e3:d2:15:03:20:cc:0b:49:d0:2c:de:c0:
59:c8:03:9f:0a:76:b7:15:88:66:3b:02:76:0d:80:53:3b:45:
f6:57:fb:b8:76:4a:db:c6:e8:d0:b7:b6:a7:d8:3f:bc:b1:83:
d5:78:a4:88:88:c7:45:07:09:15:a9:5c:73:de:7b:b0:94:4c:
c5:b1:3f:c0:10:42:9d:3d:ef:c4:59:0a:7c:5d:92:2e:a4:a1:
25:2b:40:09:95:fb:76:70:20:31:fb:0f:f6:54:d1:44:3b:9d:
26:6c:4d:d9:4c:0f:06:3a:59:36:38:bd:a0:7d:1e:ed:96:e5:
ed:e4:38:03:99:23:54:d3:7f:14:1b:49:c9:47:14:b5:5f:d1:
9c:d1:40:37:0d:bb:43:b8:bf:17:3c:13:b8:09:c3:90:08:7a:
60:a1:8d:1e:71:86:21:e7:70:e5:50:4a:8f:6e:2f:45:32:29:
e4:bd:66:d9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKFoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE0MTMxOTQ4WhcNMjQwOTIwMTMxOTQ4WjAYMRYw
FAYDVQQDEw02NWYyZjk4Mi00MzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxFDwgR/re2mlyAblDorbar/0hVRNIGFZLutheCnCl4PBFlfaQOMt8mje
F9We2lMEzqThR0qHh6zPtcBuGxBra9JHzBCS5a9voGiWvmNqwObm3QSwt6MN5jaF
XcGFJWwhlkAoWFjxHM07r6weHibCqZJZ306FuICaoQP5Pu1D3KlSlzPJ8caHuQ9z
7O4/iR9opdPPModWq3jrMHZzFLh1fk9SMma1MIWptY0GVURMSgbYGZ6VsOdobmMt
vMhkePFdmVzldeJYMUqxcNZmIoazVyCNlLl13vXznaHOPOo891xKpW7kn0Esxljs
ozHEWqrFh0owGuxeSIwsYuDAu94iHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOz/
6zg0SX+Ln785Ov5bEFxrInP8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MDBEOTVCOEUyMDUxMUVFOUJCMjZDNEQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtbKMA0GCSqGSIb3DQEB
CwUAA4IBAQAXnAI/B/JHyXVqibUYrVzApIrCDXmw55INuxsanemaN0Ojd2WTizPm
kWKRgqN4JjTY5++CnJ++FaymNkRx9n2clBtTCwQRgkV7zW8QdHPj0hUDIMwLSdAs
3sBZyAOfCna3FYhmOwJ2DYBTO0X2V/u4dkrbxujQt7an2D+8sYPVeKSIiMdFBwkV
qVxz3nuwlEzFsT/AEEKdPe/EWQp8XZIupKElK0AJlft2cCAx+w/2VNFEO50mbE3Z
TA8GOlk2OL2gfR7tluXt5DgDmSNU038UG0nJRxS1X9Gc0UA3DbtDuL8XPBO4CcOQ
CHpgoY0ecYYh53DlUEqPbi9FMinkvWbZ
-----END CERTIFICATE-----
Generated at Fri May 3 04:36:15 2024 by rpki-client on console-ams.rpki-client.org