Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AABB955A01DA11EFBB7197FD007001B1.roa
File: AABB955A01DA11EFBB7197FD007001B1.roa (raw, json)
Hash identifier: cnPjKbAXhfncOE2b2DAhFCPZ+/ZPZI6HvUGO7++YWXU=
Subject key identifier: 79:04:7C:C8:08:D4:9D:34:44:79:A3:BB:34:D5:C3:04:A9:E8:9E:C3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AFEE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AABB955A01DA11EFBB7197FD007001B1.roa
Signing time: Wed 24 Apr 2024 01:33:35 +0000
ROA not before: Wed 24 Apr 2024 01:33:32 +0000
ROA not after: Sun 26 May 2024 01:33:32 +0000
asID: 20473
IP address blocks: 154.193.176.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 08 May 2024 00:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45038 (0xafee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 01:33:32 2024 GMT
Not After : May 26 01:33:32 2024 GMT
Subject: CN=6628616f-6971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:96:48:b1:21:f0:ac:e1:f0:b7:49:3b:a6:7e:
f5:e0:88:bd:29:d0:7c:c9:18:0e:47:2a:b5:7b:d5:
27:a8:98:2e:ab:65:bf:b3:d7:89:c2:57:a3:d2:f2:
68:ad:6a:d2:c2:63:b9:fd:38:8f:47:59:df:70:7e:
c7:b3:5f:74:93:8f:7a:c0:fb:7e:5b:2e:5c:e4:7b:
a2:77:b5:ab:a4:45:e4:f4:a6:ba:e4:6c:d3:1a:e3:
0d:c6:d8:43:92:01:fd:01:3c:3f:01:17:74:03:34:
6a:2b:03:99:fb:26:ea:db:d1:bc:f2:94:5b:8c:6e:
ca:c0:6e:e5:cb:27:88:a9:70:53:8d:e1:c0:a7:5a:
87:c0:fd:c9:6c:a7:89:bc:f4:9c:40:0a:27:0e:a5:
3c:52:49:d9:76:52:a9:6a:ad:45:05:51:5d:29:d9:
a0:a4:c8:44:e5:ac:a2:4b:0f:1c:a9:a6:e0:38:0a:
e8:99:f3:e0:5f:ce:ed:53:b2:6d:f9:1f:20:c3:09:
a4:ac:55:d3:37:ab:b1:ff:10:9c:37:b9:e6:c1:39:
a6:85:86:77:cb:d9:d9:bf:89:97:df:dd:4c:2a:55:
c3:d7:12:df:9f:73:24:6e:28:14:64:e9:ba:24:dd:
96:2c:fa:ee:fa:87:b8:e4:b8:ac:08:b9:06:06:3b:
3d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:04:7C:C8:08:D4:9D:34:44:79:A3:BB:34:D5:C3:04:A9:E8:9E:C3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AABB955A01DA11EFBB7197FD007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.176.0/21
Signature Algorithm: sha256WithRSAEncryption
86:c2:a2:92:7c:42:b6:19:f9:4d:0e:0b:4d:bb:d4:0c:a9:0f:
54:0d:d8:93:7a:36:41:ec:da:05:da:a0:c4:4b:78:7d:2b:e7:
e7:b2:92:5c:8a:80:52:d1:5e:b8:3e:da:b3:c1:14:cb:3f:72:
33:e5:0c:e4:75:6c:6b:fe:a0:b1:7f:5f:4e:c3:05:2d:b2:b9:
9d:f5:e9:e6:53:0d:e0:f1:a3:4c:88:7b:d8:dc:96:f9:38:ef:
95:6a:cb:13:3c:f6:f5:54:8e:28:85:e4:fd:1f:bc:df:3d:b0:
ca:44:41:3b:62:a3:e4:be:69:e6:07:4e:e7:9f:71:4c:85:f5:
32:d0:b2:0c:42:e4:b1:87:e5:b1:ae:7a:3c:97:4e:66:9b:23:
2b:b2:3f:0b:ea:fd:ef:80:e6:1a:1f:62:64:b1:b1:15:59:fa:
57:60:08:78:93:d2:f7:c7:f9:f7:3a:8b:66:b6:92:b3:a0:0b:
3f:99:01:64:3f:14:e0:17:05:ea:be:cc:ff:9d:fa:f6:90:5f:
d3:1e:f9:95:ad:7f:e8:c7:67:bb:ee:27:5a:e2:34:63:bb:bc:
a9:e2:17:07:bf:c8:ff:f9:46:dc:65:50:cc:42:b5:5d:1a:5a:
b0:53:b7:51:f5:a3:ba:5e:c3:98:03:fb:b4:18:bd:a3:80:98:
74:fb:b2:1f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK/uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI0MDEzMzMyWhcNMjQwNTI2MDEzMzMyWjAYMRYw
FAYDVQQDEw02NjI4NjE2Zi02OTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp5ZIsSHwrOHwt0k7pn714Ii9KdB8yRgORyq1e9UnqJguq2W/s9eJwlej
0vJorWrSwmO5/TiPR1nfcH7Hs190k496wPt+Wy5c5Huid7WrpEXk9Ka65GzTGuMN
xthDkgH9ATw/ARd0AzRqKwOZ+ybq29G88pRbjG7KwG7lyyeIqXBTjeHAp1qHwP3J
bKeJvPScQAonDqU8UknZdlKpaq1FBVFdKdmgpMhE5ayiSw8cqabgOAromfPgX87t
U7Jt+R8gwwmkrFXTN6ux/xCcN7nmwTmmhYZ3y9nZv4mX391MKlXD1xLfn3MkbigU
ZOm6JN2WLPru+oe45LisCLkGBjs9dwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHkE
fMgI1J00RHmjuzTVwwSp6J7DMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQUJCOTU1QTAxREExMUVGQkI3MTk3RkQwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsGwMA0GCSqGSIb3DQEB
CwUAA4IBAQCGwqKSfEK2GflNDgtNu9QMqQ9UDdiTejZB7NoF2qDES3h9K+fnspJc
ioBS0V64PtqzwRTLP3Iz5QzkdWxr/qCxf19OwwUtsrmd9enmUw3g8aNMiHvY3Jb5
OO+VassTPPb1VI4oheT9H7zfPbDKREE7YqPkvmnmB07nn3FMhfUy0LIMQuSxh+Wx
rno8l05mmyMrsj8L6v3vgOYaH2JksbEVWfpXYAh4k9L3x/n3OotmtpKzoAs/mQFk
PxTgFwXqvsz/nfr2kF/THvmVrX/ox2e77ida4jRju7yp4hcHv8j/+UbcZVDMQrVd
GlqwU7dR9aO6XsOYA/u0GL2jgJh0+7If
-----END CERTIFICATE-----
Generated at Mon May 6 09:07:54 2024 by rpki-client on console-fra.rpki-client.org