Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A12FB1DAD61811EE97CE7763775412E6.roa
File: A12FB1DAD61811EE97CE7763775412E6.roa (raw, json)
Hash identifier: QMPLt1ljJUrUEtO7ObsDHLuOzDnhW/Y7Y8U6psCWtXQ=
Subject key identifier: 71:1C:CF:DF:98:95:46:0F:68:F8:CC:8C:30:24:78:7C:A4:20:86:C5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 92DA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A12FB1DAD61811EE97CE7763775412E6.roa
Signing time: Wed 28 Feb 2024 09:06:17 +0000
ROA not before: Wed 28 Feb 2024 09:06:13 +0000
ROA not after: Sun 19 May 2024 09:06:13 +0000
asID: 23764
IP address blocks: 154.209.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37594 (0x92da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 28 09:06:13 2024 GMT
Not After : May 19 09:06:13 2024 GMT
Subject: CN=65def789-4823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ff:bf:c1:82:40:5e:c1:6d:fe:38:f7:e1:30:
33:4f:67:fa:b1:d1:82:26:0e:1e:98:39:47:49:6e:
26:fa:5c:c1:43:28:89:cd:80:1a:12:88:1e:ea:b7:
ad:e3:b5:01:3b:10:e4:ed:c4:e2:9a:99:28:b7:66:
9e:c8:23:68:b9:18:85:6b:91:90:06:4f:68:ec:5c:
07:67:a0:af:62:11:8d:39:44:12:ec:cc:93:fd:24:
2d:08:19:00:cb:b1:95:37:45:93:f5:da:7a:f0:17:
25:5c:50:97:7e:0f:8c:b6:fb:0e:b5:db:37:58:70:
95:c2:45:c9:f9:4b:bb:fe:5d:46:77:a3:0c:b6:7a:
7b:1e:97:5f:44:ff:e0:19:a4:9b:7f:a3:e4:fe:c8:
f3:ff:61:30:c8:c4:54:f8:50:b4:3f:d9:ae:47:df:
70:a2:e5:07:4d:71:0f:fc:2c:b0:5e:3f:54:c9:17:
02:62:07:c1:09:b5:51:a0:79:b0:da:1e:6d:78:72:
cb:bb:4c:37:1a:6d:af:4b:b4:3c:10:54:f3:c3:4e:
01:77:8a:dc:64:e0:d0:df:bc:bf:b1:7c:4e:b1:6f:
ad:33:75:48:6c:aa:be:1d:67:cb:2c:dd:f7:07:b3:
08:e2:69:31:29:11:d8:8a:4c:47:ce:e6:f4:c7:d5:
34:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1C:CF:DF:98:95:46:0F:68:F8:CC:8C:30:24:78:7C:A4:20:86:C5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A12FB1DAD61811EE97CE7763775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.21.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:64:ed:c2:b4:dd:ef:48:09:17:88:9f:ec:af:aa:bd:e8:98:
6f:89:91:1d:47:27:ac:bc:3e:31:58:90:1d:41:59:6f:c8:c8:
fe:ef:54:e0:d0:d8:9f:f2:94:45:2b:11:b8:b1:6e:12:39:65:
7b:79:fa:fe:fa:7f:7d:c1:d9:ad:1b:97:35:b8:42:ef:5e:0a:
b3:50:49:f0:60:58:d4:4f:ba:d1:d4:39:82:1c:fa:c3:ea:e5:
fa:ee:af:af:65:70:df:08:50:e6:47:5d:fd:4c:0e:4c:7c:80:
50:4e:98:ba:ef:be:d4:21:4f:f8:55:ab:2c:21:14:2b:ea:76:
b8:50:e0:21:04:ca:fc:65:8a:6f:42:bd:27:5f:60:cc:41:a2:
46:97:75:64:fe:84:99:f3:5e:82:73:47:a1:30:d9:d9:e3:9e:
22:74:f6:d5:80:a4:c1:83:12:30:03:19:06:9b:83:fc:a8:56:
c3:f2:e4:e7:8a:a5:3e:a5:b1:83:1f:2a:49:95:a1:f3:7d:bb:
b9:94:da:84:0d:ce:ac:9e:93:10:c0:ef:a6:cf:73:c7:fb:9f:
40:c8:83:95:a2:60:8a:de:db:cc:cd:ec:47:e5:e3:6c:07:70:
0c:ed:20:5c:23:43:96:fb:83:0c:1f:95:2a:18:79:3e:08:84:
b5:fd:89:c7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAJLaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjI4MDkwNjEzWhcNMjQwNTE5MDkwNjEzWjAYMRYw
FAYDVQQDEw02NWRlZjc4OS00ODIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwv+/wYJAXsFt/jj34TAzT2f6sdGCJg4emDlHSW4m+lzBQyiJzYAaEoge
6ret47UBOxDk7cTimpkot2aeyCNouRiFa5GQBk9o7FwHZ6CvYhGNOUQS7MyT/SQt
CBkAy7GVN0WT9dp68BclXFCXfg+MtvsOtds3WHCVwkXJ+Uu7/l1Gd6MMtnp7Hpdf
RP/gGaSbf6Pk/sjz/2EwyMRU+FC0P9muR99wouUHTXEP/CywXj9UyRcCYgfBCbVR
oHmw2h5teHLLu0w3Gm2vS7Q8EFTzw04Bd4rcZODQ37y/sXxOsW+tM3VIbKq+HWfL
LN33B7MI4mkxKRHYikxHzub0x9U0aQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHEc
z9+YlUYPaPjMjDAkeHykIIbFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMTJGQjFEQUQ2MTgxMUVFOTdDRTc3NjM3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtEVMA0GCSqGSIb3DQEB
CwUAA4IBAQCdZO3CtN3vSAkXiJ/sr6q96JhviZEdRyesvD4xWJAdQVlvyMj+71Tg
0Nif8pRFKxG4sW4SOWV7efr++n99wdmtG5c1uELvXgqzUEnwYFjUT7rR1DmCHPrD
6uX67q+vZXDfCFDmR139TA5MfIBQTpi6777UIU/4VassIRQr6na4UOAhBMr8ZYpv
Qr0nX2DMQaJGl3Vk/oSZ816Cc0ehMNnZ454idPbVgKTBgxIwAxkGm4P8qFbD8uTn
iqU+pbGDHypJlaHzfbu5lNqEDc6snpMQwO+mz3PH+59AyIOVomCK3tvMzexH5eNs
B3AM7SBcI0OW+4MMH5UqGHk+CIS1/YnH
-----END CERTIFICATE-----
Generated at Fri May 3 04:36:17 2024 by rpki-client on console-ams.rpki-client.org