Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A63E9CCF47A11EEBA968993775412E6.roa
File: 9A63E9CCF47A11EEBA968993775412E6.roa (raw, json)
Hash identifier: /tnaLYNr9+D/JWZl5e4a8ZSvuiL9iF8xjx5E7JZAZuw=
Subject key identifier: 51:55:72:A2:41:65:7D:BC:5F:3A:67:6E:BD:4D:1C:B0:E4:50:7B:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A972
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A63E9CCF47A11EEBA968993775412E6.roa
Signing time: Sun 07 Apr 2024 01:03:11 +0000
ROA not before: Sun 07 Apr 2024 01:03:07 +0000
ROA not after: Sat 06 Jul 2024 01:03:07 +0000
asID: 135377
IP address blocks: 154.202.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43378 (0xa972)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 7 01:03:07 2024 GMT
Not After : Jul 6 01:03:07 2024 GMT
Subject: CN=6611f0cf-6686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f0:57:67:34:95:6b:51:15:d8:7c:09:f7:c5:
ee:fc:24:8c:06:6f:5b:75:f0:29:36:84:e0:84:5d:
fb:b4:42:94:60:36:bc:d8:64:5f:cf:c7:04:9a:6e:
80:df:13:ee:e0:4e:bc:5f:ac:67:47:93:15:da:73:
74:0b:6c:47:46:cc:d6:b5:1e:80:7c:6e:b4:4a:4e:
2e:9d:e7:ca:7c:ac:9d:9f:ce:e8:3d:bc:18:7c:e4:
ef:c0:98:9a:27:b0:1f:fe:f9:4f:d9:86:c7:58:dd:
14:0a:e6:49:32:9a:a1:45:32:38:ae:f3:11:28:0d:
3d:c6:5a:8b:95:93:c7:ba:f6:ed:d5:2b:27:83:dc:
8a:d4:72:6f:d1:8f:95:eb:0f:37:db:f6:2b:5c:25:
71:8a:6e:1a:35:42:65:c8:ef:48:25:f8:51:a9:23:
e3:4e:7b:ac:e4:24:dc:e0:2a:53:13:c7:9c:9a:4e:
b7:a2:83:b6:48:d8:39:2b:b7:20:8c:99:2a:59:f5:
2a:9c:85:c6:bd:89:71:29:ff:43:33:08:27:6f:c0:
61:ce:fc:b2:dd:8c:6c:a9:1a:56:ce:39:34:6e:51:
47:e3:31:e8:91:ef:90:75:9c:21:1a:d3:19:56:9e:
0e:57:e8:2b:4e:4b:dd:9f:fa:27:d5:bd:55:e6:45:
66:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:55:72:A2:41:65:7D:BC:5F:3A:67:6E:BD:4D:1C:B0:E4:50:7B:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9A63E9CCF47A11EEBA968993775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.66.0/23
Signature Algorithm: sha256WithRSAEncryption
19:d8:9a:48:27:5a:72:58:ab:a0:f3:cb:52:71:43:eb:b1:b5:
8d:40:ea:67:5e:95:c6:25:da:98:b6:4a:df:19:d6:c4:00:2e:
fc:1a:02:fd:5a:3d:81:9d:89:35:ae:26:6e:8d:a5:59:27:1e:
f7:d3:0d:9c:db:a6:d2:22:12:30:ff:fd:5c:34:61:40:e9:1c:
9a:d7:ad:e3:09:a3:06:05:21:f0:ff:7b:8b:3d:de:f3:f6:b5:
7d:d5:11:98:4c:b9:23:6a:18:ef:e1:f4:0a:14:be:5b:a7:81:
68:36:2d:21:82:a8:d6:ba:dc:0b:c2:48:63:cc:b6:b4:66:ba:
4a:5c:e3:e5:ba:e9:37:b9:7e:9e:a1:94:ea:07:a9:77:26:2d:
06:c4:f1:f8:94:5b:ea:d0:f4:65:9f:67:c4:fd:0f:9d:b9:35:
33:6e:34:57:ac:b0:6d:5b:03:6a:73:88:9c:ec:75:c3:3e:0c:
1f:17:a1:d1:09:48:ac:ed:9f:47:40:7c:04:49:7c:1a:54:13:
03:a5:a2:1b:c0:1e:ce:2d:82:1f:4f:6d:2e:64:e0:f1:b6:83:
bc:f3:58:67:58:f6:47:19:0b:70:c0:ca:95:df:a1:e3:0e:0e:
07:8c:d7:0e:63:38:f7:45:8a:54:be:e5:62:28:72:f4:63:40:
91:5a:21:07
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKlyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDA3MDEwMzA3WhcNMjQwNzA2MDEwMzA3WjAYMRYw
FAYDVQQDEw02NjExZjBjZi02Njg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu/BXZzSVa1EV2HwJ98Xu/CSMBm9bdfApNoTghF37tEKUYDa82GRfz8cE
mm6A3xPu4E68X6xnR5MV2nN0C2xHRszWtR6AfG60Sk4unefKfKydn87oPbwYfOTv
wJiaJ7Af/vlP2YbHWN0UCuZJMpqhRTI4rvMRKA09xlqLlZPHuvbt1Ssng9yK1HJv
0Y+V6w832/YrXCVxim4aNUJlyO9IJfhRqSPjTnus5CTc4CpTE8ecmk63ooO2SNg5
K7cgjJkqWfUqnIXGvYlxKf9DMwgnb8Bhzvyy3YxsqRpWzjk0blFH4zHoke+QdZwh
GtMZVp4OV+grTkvdn/on1b1V5kVmPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFFV
cqJBZX28Xzpnbr1NHLDkUHtKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QTYzRTlDQ0Y0N0ExMUVFQkE5Njg5OTM3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmspCMA0GCSqGSIb3DQEB
CwUAA4IBAQAZ2JpIJ1pyWKug88tScUPrsbWNQOpnXpXGJdqYtkrfGdbEAC78GgL9
Wj2BnYk1riZujaVZJx730w2c26bSIhIw//1cNGFA6Rya163jCaMGBSHw/3uLPd7z
9rV91RGYTLkjahjv4fQKFL5bp4FoNi0hgqjWutwLwkhjzLa0ZrpKXOPluuk3uX6e
oZTqB6l3Ji0GxPH4lFvq0PRln2fE/Q+duTUzbjRXrLBtWwNqc4ic7HXDPgwfF6HR
CUis7Z9HQHwESXwaVBMDpaIbwB7OLYIfT20uZODxtoO881hnWPZHGQtwwMqV36Hj
Dg4HjNcOYzj3RYpUvuViKHL0Y0CRWiEH
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:33 2024 by rpki-client on console-fra.rpki-client.org