Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0AB6908D15811EEBAD0B78C775412E6.roa
File: A0AB6908D15811EEBAD0B78C775412E6.roa (raw, json)
Hash identifier: 6zXSkrVhtjVyx8ZPiLc3VHjq4FQsyV9dYQkeKs00yfA=
Subject key identifier: 00:36:09:B8:C9:E4:E8:8F:1B:89:76:C3:03:52:69:C4:87:37:DD:E6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8D1D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0AB6908D15811EEBAD0B78C775412E6.roa
Signing time: Thu 22 Feb 2024 08:01:48 +0000
ROA not before: Thu 22 Feb 2024 08:01:44 +0000
ROA not after: Sun 23 Feb 2025 08:01:44 +0000
asID: 197730
IP address blocks: 154.208.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36125 (0x8d1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 22 08:01:44 2024 GMT
Not After : Feb 23 08:01:44 2025 GMT
Subject: CN=65d6ff6c-3db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:29:b7:3e:89:a1:65:c3:d9:cb:48:a9:47:27:
4c:d5:e9:1a:9a:3a:55:ea:46:54:b3:b4:11:fe:de:
ce:11:df:53:7c:a4:50:0d:b1:e4:f2:33:f2:6d:c9:
00:c9:60:cd:c3:47:bc:98:66:08:32:b4:25:13:47:
8c:18:e1:82:a6:41:9d:cf:20:02:bc:8f:9c:5f:c9:
c9:33:e2:a3:aa:30:ba:ea:15:11:a6:70:ff:d5:4a:
5f:9a:64:e6:5b:3b:8b:17:a1:d1:5b:30:53:84:e1:
aa:e4:24:51:3a:16:87:ce:c3:8e:32:e5:1e:a9:7f:
a9:ae:29:97:1b:e7:2d:70:b1:57:09:69:c5:18:c6:
7d:b0:e1:75:3a:ef:37:92:d2:a2:93:8b:8c:37:91:
d3:e7:a2:b4:ed:48:2c:34:b1:a4:fd:2d:1d:66:a9:
63:7e:a6:d1:1d:e5:42:34:4a:04:28:a1:94:e0:22:
22:53:37:63:17:6f:13:7a:3b:c5:0d:35:e5:8e:b9:
35:4a:73:63:38:ef:b0:ad:7a:8e:51:85:8d:31:a2:
45:27:80:49:e8:88:e0:e3:19:df:84:85:2e:76:da:
d1:6e:f4:dc:f8:5a:0b:1e:43:42:45:ff:4e:92:50:
ee:b1:6c:6d:e5:4b:dd:98:a7:7e:58:d1:63:f5:bd:
89:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:36:09:B8:C9:E4:E8:8F:1B:89:76:C3:03:52:69:C4:87:37:DD:E6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A0AB6908D15811EEBAD0B78C775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.140.0/22
Signature Algorithm: sha256WithRSAEncryption
65:c9:95:6b:48:58:e0:d2:d1:05:44:49:d2:cd:8d:bb:9d:cc:
04:03:1f:fb:48:8b:9a:ab:0b:6f:86:86:df:67:8d:a3:26:96:
17:13:7e:47:e3:f4:59:e5:5c:cd:1d:92:11:60:33:7e:f6:f3:
d6:29:bf:d1:79:fa:0f:d3:1b:6c:cf:d0:15:a4:58:b7:00:b0:
fb:5e:b7:7a:81:d6:a1:f2:d8:ce:39:ef:5b:8a:ab:9e:38:39:
76:b0:04:5a:d0:30:78:ce:e0:5b:f2:97:d7:09:94:cd:82:7f:
8a:9e:9f:22:45:c5:23:4d:4a:36:87:3b:a4:54:51:a7:cd:0a:
c7:9b:c6:7b:96:f7:8e:2a:29:d0:83:2a:a0:fa:ad:87:2b:e9:
37:34:e6:13:d1:59:b7:c2:9d:1b:1a:c0:f1:36:2e:73:0b:7a:
22:a6:13:c8:0c:c7:2b:de:38:85:6c:4d:45:44:8c:53:4b:11:
92:6c:a7:25:84:9a:78:81:2e:5a:a5:31:a7:5f:76:63:92:7b:
ed:fb:2a:39:c4:3a:a2:a8:fb:ee:56:a7:ba:66:a3:1e:f6:20:
76:b1:10:cf:85:84:a1:5c:27:4c:33:3a:81:3d:0d:e6:19:a6:
a3:9e:5b:7a:b5:31:45:ad:89:07:77:1e:7f:7a:5f:d2:eb:70:
c0:c6:59:13
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAI0dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjIyMDgwMTQ0WhcNMjUwMjIzMDgwMTQ0WjAYMRYw
FAYDVQQDEw02NWQ2ZmY2Yy0zZGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuCm3PomhZcPZy0ipRydM1ekamjpV6kZUs7QR/t7OEd9TfKRQDbHk8jPy
bckAyWDNw0e8mGYIMrQlE0eMGOGCpkGdzyACvI+cX8nJM+KjqjC66hURpnD/1Upf
mmTmWzuLF6HRWzBThOGq5CRROhaHzsOOMuUeqX+primXG+ctcLFXCWnFGMZ9sOF1
Ou83ktKik4uMN5HT56K07UgsNLGk/S0dZqljfqbRHeVCNEoEKKGU4CIiUzdjF28T
ejvFDTXljrk1SnNjOO+wrXqOUYWNMaJFJ4BJ6Ijg4xnfhIUudtrRbvTc+FoLHkNC
Rf9OklDusWxt5UvdmKd+WNFj9b2J6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAA2
CbjJ5OiPG4l2wwNSacSHN93mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMEFCNjkwOEQxNTgxMUVFQkFEMEI3OEM3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtCMMA0GCSqGSIb3DQEB
CwUAA4IBAQBlyZVrSFjg0tEFREnSzY27ncwEAx/7SIuaqwtvhobfZ42jJpYXE35H
4/RZ5VzNHZIRYDN+9vPWKb/RefoP0xtsz9AVpFi3ALD7Xrd6gdah8tjOOe9bique
ODl2sARa0DB4zuBb8pfXCZTNgn+Knp8iRcUjTUo2hzukVFGnzQrHm8Z7lveOKinQ
gyqg+q2HK+k3NOYT0Vm3wp0bGsDxNi5zC3oiphPIDMcr3jiFbE1FRIxTSxGSbKcl
hJp4gS5apTGnX3Zjknvt+yo5xDqiqPvuVqe6ZqMe9iB2sRDPhYShXCdMMzqBPQ3m
Gaajnlt6tTFFrYkHdx5/el/S63DAxlkT
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:33 2024 by rpki-client on console-fra.rpki-client.org