Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3247196F00E11EE94FF027D775412E6.roa
File: A3247196F00E11EE94FF027D775412E6.roa (raw, json)
Hash identifier: RXiue8mN4ToALWMGXveMhC4r4zUoWgNs+4WWwfndTe4=
Subject key identifier: 87:4B:0C:80:02:8A:E6:85:6D:62:B9:EE:3C:58:39:A2:B8:B5:84:38
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A86C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3247196F00E11EE94FF027D775412E6.roa
Signing time: Mon 01 Apr 2024 10:00:15 +0000
ROA not before: Mon 01 Apr 2024 10:00:12 +0000
ROA not after: Sat 11 May 2024 10:00:12 +0000
asID: 63139
IP address blocks: 154.203.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43116 (0xa86c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 1 10:00:12 2024 GMT
Not After : May 11 10:00:12 2024 GMT
Subject: CN=660a85af-4876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cc:6e:af:6d:4d:36:d2:89:51:07:93:24:cf:
ae:bc:8c:75:de:fb:14:89:03:5f:8e:0b:34:cd:6d:
1b:48:92:15:4d:91:b9:cf:0a:ac:3b:a5:08:95:16:
89:7c:c1:49:c6:d7:d9:fa:15:c0:8e:f7:c6:0b:8a:
10:e5:fe:60:f5:4b:3e:2d:42:33:27:94:73:83:c6:
86:93:ba:4a:f1:91:d8:9c:55:c8:55:e8:ac:36:a2:
c2:95:38:71:28:55:3b:9f:d0:e6:f8:a6:8d:b4:d6:
68:a2:95:fb:3f:f7:1b:60:ff:79:48:e7:7a:ae:8b:
a3:e3:cf:a1:31:bd:b1:f9:24:d2:b2:a1:0a:38:97:
0c:f2:ea:d4:42:b8:0f:81:53:80:a5:be:0e:3e:d5:
8e:70:83:24:7b:47:f0:79:06:eb:60:05:f5:65:cc:
50:a8:af:a9:47:bc:5f:cd:c3:e3:45:06:27:51:65:
70:88:d2:f9:d3:1f:46:f2:96:60:4a:58:bc:14:19:
e9:8e:23:3b:ff:77:c6:95:65:18:93:13:53:c7:60:
dc:88:74:96:2d:7d:98:7c:f9:92:94:b1:72:86:96:
07:6e:f3:5b:94:24:c1:e8:fe:08:33:d2:46:dc:19:
ba:49:9d:a2:51:f2:a2:da:a5:c9:11:8b:4c:3f:1d:
b7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4B:0C:80:02:8A:E6:85:6D:62:B9:EE:3C:58:39:A2:B8:B5:84:38
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A3247196F00E11EE94FF027D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.161.0/24
Signature Algorithm: sha256WithRSAEncryption
04:87:a3:a9:91:a6:bd:20:29:e3:90:eb:25:48:0b:b3:1b:b0:
9c:04:16:f5:ee:49:b2:8f:bc:54:ab:c1:de:e6:0c:5f:ab:25:
16:71:77:4a:c2:0b:87:9c:78:11:73:cc:5e:0a:48:7e:85:86:
1b:26:f1:eb:f6:1d:ee:53:a9:81:d9:43:ad:09:e7:00:98:3f:
1e:32:6e:4f:69:11:99:a6:cd:85:83:c0:e2:dc:58:61:1e:5b:
aa:fa:20:a3:ad:62:a2:55:5e:25:0c:73:7c:fc:a1:74:d2:73:
16:de:33:3e:c1:71:7c:cc:cd:84:78:7c:7b:8e:71:2e:d3:6e:
a1:d1:2b:46:4e:3f:46:88:b8:35:d7:33:cf:d7:5f:f7:5f:00:
46:e6:89:fa:3e:74:90:71:d0:dd:24:d0:30:a2:23:ec:8c:4c:
db:c1:49:94:58:5e:b5:3a:21:36:5c:71:14:56:d4:a8:2e:16:
2a:14:7e:41:ba:5e:8b:4a:b8:87:01:0a:8c:b2:4c:e3:a0:60:
83:ca:ae:61:88:83:b3:ad:15:a3:98:55:67:e0:f9:d2:c4:91:
3b:c3:df:4e:e1:fd:e0:15:3e:80:0e:14:aa:17:9e:20:08:8f:
a4:e5:37:fa:0f:9e:30:90:ad:e9:89:61:91:d1:84:26:b7:33:
8c:5d:d7:7e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKhsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAxMTAwMDEyWhcNMjQwNTExMTAwMDEyWjAYMRYw
FAYDVQQDEw02NjBhODVhZi00ODc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAosxur21NNtKJUQeTJM+uvIx13vsUiQNfjgs0zW0bSJIVTZG5zwqsO6UI
lRaJfMFJxtfZ+hXAjvfGC4oQ5f5g9Us+LUIzJ5Rzg8aGk7pK8ZHYnFXIVeisNqLC
lThxKFU7n9Dm+KaNtNZoopX7P/cbYP95SOd6rouj48+hMb2x+STSsqEKOJcM8urU
QrgPgVOApb4OPtWOcIMke0fweQbrYAX1ZcxQqK+pR7xfzcPjRQYnUWVwiNL50x9G
8pZgSli8FBnpjiM7/3fGlWUYkxNTx2DciHSWLX2YfPmSlLFyhpYHbvNblCTB6P4I
M9JG3Bm6SZ2iUfKi2qXJEYtMPx23kwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIdL
DIACiuaFbWK57jxYOaK4tYQ4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMzI0NzE5NkYwMEUxMUVFOTRGRjAyN0Q3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuhMA0GCSqGSIb3DQEB
CwUAA4IBAQAEh6Opkaa9ICnjkOslSAuzG7CcBBb17kmyj7xUq8He5gxfqyUWcXdK
wguHnHgRc8xeCkh+hYYbJvHr9h3uU6mB2UOtCecAmD8eMm5PaRGZps2Fg8Di3Fhh
Hluq+iCjrWKiVV4lDHN8/KF00nMW3jM+wXF8zM2EeHx7jnEu026h0StGTj9GiLg1
1zPP11/3XwBG5on6PnSQcdDdJNAwoiPsjEzbwUmUWF61OiE2XHEUVtSoLhYqFH5B
ul6LSriHAQqMskzjoGCDyq5hiIOzrRWjmFVn4PnSxJE7w99O4f3gFT6ADhSqF54g
CI+k5Tf6D54wkK3piWGR0YQmtzOMXdd+
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:34 2024 by rpki-client on console-fra.rpki-client.org