Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97579F0EFE1A11EEAD947C6F017001B1.roa
File: 97579F0EFE1A11EEAD947C6F017001B1.roa (raw, json)
Hash identifier: FEJnsCRkA9n3Cl4JLSZlz/iixwYYeOG9d+qVwdfgFyc=
Subject key identifier: B1:4F:7D:EB:D7:82:6F:53:AE:C6:2A:43:DF:6B:A8:60:2B:88:AE:6A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AE50
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97579F0EFE1A11EEAD947C6F017001B1.roa
Signing time: Fri 19 Apr 2024 07:01:06 +0000
ROA not before: Fri 19 Apr 2024 07:01:02 +0000
ROA not after: Wed 22 May 2024 07:01:02 +0000
asID: 138997
IP address blocks: 154.91.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44624 (0xae50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 19 07:01:02 2024 GMT
Not After : May 22 07:01:02 2024 GMT
Subject: CN=662216b2-a4e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4f:ac:e0:87:8b:5d:7d:2d:0b:20:5f:53:ec:
68:66:b0:72:51:27:e4:40:73:b2:45:14:fd:14:91:
20:a5:6b:d5:51:a7:d4:cf:29:d2:d3:fd:de:9b:7c:
51:2e:a5:9c:9c:73:88:9f:b3:50:43:49:44:ea:48:
dd:67:4c:0f:62:b2:9b:af:20:3f:6e:b2:df:99:01:
1b:56:ea:60:42:16:09:a5:9c:00:27:6f:51:55:bc:
e5:ce:eb:9c:d1:b9:39:bd:e0:4d:cd:9b:ce:2a:70:
09:f3:c8:51:c0:5e:e0:96:1b:ef:a7:e3:11:4b:d7:
f2:88:5f:43:c2:95:3b:65:be:ec:9d:96:59:8b:1e:
9d:2c:49:a1:19:c1:70:2a:d4:f7:14:a6:56:03:0e:
e9:6c:af:b4:b7:1d:2a:68:5d:19:1b:8a:35:82:4d:
58:4a:d8:96:69:a0:fc:72:0d:b4:3e:74:51:80:2c:
2f:c4:e9:03:23:de:b5:d6:05:78:b8:69:a6:bf:71:
4c:7c:9b:6a:de:0f:13:06:c8:0b:4d:fd:52:3e:00:
8c:15:49:87:f3:49:79:4d:f4:fa:6a:09:7c:65:a7:
3b:e6:5d:22:2a:1c:89:6e:45:94:73:15:0c:e6:ed:
5b:75:e0:62:81:c6:16:df:f9:f2:6d:94:30:fe:2d:
69:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:4F:7D:EB:D7:82:6F:53:AE:C6:2A:43:DF:6B:A8:60:2B:88:AE:6A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97579F0EFE1A11EEAD947C6F017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.138.0/24
Signature Algorithm: sha256WithRSAEncryption
65:5d:69:ba:21:d8:ba:59:b8:5e:fc:8e:47:99:8c:69:97:d9:
bd:1b:6b:b4:6f:22:b1:74:b6:ee:b5:ee:56:25:9a:20:cb:d8:
31:b9:dc:43:ca:29:27:60:51:28:5f:50:df:77:52:99:44:e6:
8f:44:f3:be:b2:cc:4f:7d:02:83:d9:7c:43:50:72:e6:2e:8e:
f8:33:93:77:6b:bd:e8:61:c5:49:f8:c0:d4:46:39:75:3a:a5:
26:b8:42:d7:f2:76:f4:47:79:4c:8e:8c:37:2a:3d:b5:4f:42:
b7:a8:a1:5a:cf:58:ac:e6:5c:be:5b:c9:61:64:bc:fc:d7:80:
1c:4e:08:1d:d0:86:20:ba:63:01:b5:55:f7:7c:e6:1e:d8:57:
83:c0:0e:06:df:1c:55:48:12:d0:85:7e:2d:2d:9f:41:48:c9:
bc:0a:fa:a3:6c:9f:01:55:30:81:de:27:7b:84:b3:09:d4:58:
38:8f:42:b6:9d:e0:c6:dc:c9:4c:4c:cc:6d:73:8f:b3:a7:4a:
15:79:7e:36:cf:20:67:3f:52:53:bd:f0:5b:76:1e:a5:7e:14:
bc:7c:b6:fc:31:fd:2f:d3:1f:80:74:08:43:e3:cf:7b:ac:bb:
51:0a:d8:32:da:11:d5:c3:ef:a9:53:df:51:06:d3:ae:00:38:
be:40:6a:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK5QMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE5MDcwMTAyWhcNMjQwNTIyMDcwMTAyWjAYMRYw
FAYDVQQDEw02NjIyMTZiMi1hNGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzE+s4IeLXX0tCyBfU+xoZrByUSfkQHOyRRT9FJEgpWvVUafUzynS0/3e
m3xRLqWcnHOIn7NQQ0lE6kjdZ0wPYrKbryA/brLfmQEbVupgQhYJpZwAJ29RVbzl
zuuc0bk5veBNzZvOKnAJ88hRwF7glhvvp+MRS9fyiF9DwpU7Zb7snZZZix6dLEmh
GcFwKtT3FKZWAw7pbK+0tx0qaF0ZG4o1gk1YStiWaaD8cg20PnRRgCwvxOkDI961
1gV4uGmmv3FMfJtq3g8TBsgLTf1SPgCMFUmH80l5TfT6agl8Zac75l0iKhyJbkWU
cxUM5u1bdeBigcYW3/nybZQw/i1pgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLFP
fevXgm9TrsYqQ99rqGAriK5qMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NzU3OUYwRUZFMUExMUVFQUQ5NDdDNkYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmluKMA0GCSqGSIb3DQEB
CwUAA4IBAQBlXWm6Idi6Wbhe/I5HmYxpl9m9G2u0byKxdLbute5WJZogy9gxudxD
yiknYFEoX1Dfd1KZROaPRPO+ssxPfQKD2XxDUHLmLo74M5N3a73oYcVJ+MDURjl1
OqUmuELX8nb0R3lMjow3Kj21T0K3qKFaz1is5ly+W8lhZLz814AcTggd0IYgumMB
tVX3fOYe2FeDwA4G3xxVSBLQhX4tLZ9BSMm8CvqjbJ8BVTCB3id7hLMJ1Fg4j0K2
neDG3MlMTMxtc4+zp0oVeX42zyBnP1JTvfBbdh6lfhS8fLb8Mf0v0x+AdAhD4897
rLtRCtgy2hHVw++pU99RBtOuADi+QGqE
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:32 2024 by rpki-client on console-fra.rpki-client.org