Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABC0BEF8E73B11EEB5B9676F775412E6.roa
File: ABC0BEF8E73B11EEB5B9676F775412E6.roa (raw, json)
Hash identifier: PFNQVg8pcYcskQ+5Xqi72ktH6YjebetwipInfIY92vQ=
Subject key identifier: 2A:FD:6E:AD:68:F7:B1:B7:4A:28:7B:73:B6:D5:1F:9F:28:5C:2D:CC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A3A0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABC0BEF8E73B11EEB5B9676F775412E6.roa
Signing time: Thu 21 Mar 2024 04:29:56 +0000
ROA not before: Thu 21 Mar 2024 04:29:53 +0000
ROA not after: Tue 23 Apr 2024 04:29:53 +0000
asID: 44559
IP address blocks: 154.221.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 23 Apr 2024 00:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41888 (0xa3a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 04:29:53 2024 GMT
Not After : Apr 23 04:29:53 2024 GMT
Subject: CN=65fbb7c4-84cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0c:e5:80:37:e8:42:fd:df:10:29:8e:ce:b4:
48:b8:78:b1:1b:b9:32:b0:5c:33:8f:67:e2:52:e3:
2f:15:63:34:74:04:3a:a8:b8:09:8f:4a:77:a5:eb:
06:1e:3e:b4:23:fa:a6:f8:d6:96:51:b9:46:d1:ff:
82:61:ad:b8:de:56:50:d5:62:08:d5:0e:a8:51:9b:
21:b6:26:99:96:8e:60:68:91:bc:8e:99:32:be:3d:
3d:f7:0a:44:8c:a9:9a:7f:06:d7:d5:6b:da:3a:d5:
b1:d9:eb:51:52:31:50:c6:ce:22:2a:94:b3:9f:73:
7e:bc:a5:73:8a:af:51:d1:80:fc:2f:a6:f2:83:2b:
6e:53:87:7e:aa:b3:e1:60:73:a3:60:08:c6:1d:4a:
01:ee:c9:86:a3:51:f6:0c:87:6d:01:74:9d:fa:5b:
04:53:15:bc:a5:d0:f1:2f:9d:98:e7:bc:c0:ef:77:
f6:d3:65:f9:1a:a6:c3:c9:4a:74:15:01:5a:ac:ec:
c3:55:de:3e:cf:53:12:fe:fc:8d:72:11:97:f2:bf:
d1:37:fd:92:92:8c:2b:78:00:01:36:42:de:cb:f5:
59:89:7a:2a:1b:ce:36:a8:64:9a:b5:28:fa:66:9d:
b9:26:b9:5d:ef:ce:9c:55:7f:91:a4:bf:39:e1:6b:
e0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FD:6E:AD:68:F7:B1:B7:4A:28:7B:73:B6:D5:1F:9F:28:5C:2D:CC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ABC0BEF8E73B11EEB5B9676F775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.233.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b9:83:c6:15:47:3d:86:45:95:95:75:b9:c3:87:5d:6e:88:
b6:a3:c4:6a:42:c9:d4:9a:9f:94:6b:f3:e0:eb:d6:18:c0:d2:
ab:28:e3:f5:bf:ab:fe:72:d2:16:ab:a0:46:41:53:52:ff:a8:
64:d2:6c:ef:b0:6e:6d:40:aa:33:53:4c:ae:37:93:d4:d5:a0:
f9:17:4d:a5:20:c2:2f:c7:45:fa:6c:da:4b:ef:f8:e2:c7:bf:
04:97:7c:cb:bf:37:fa:c5:ba:05:ca:cc:38:f1:ce:f9:c2:fe:
94:23:6a:92:c2:72:8b:2e:e6:3c:ba:75:18:d0:91:9a:bc:29:
49:d3:50:29:3a:8b:24:53:ad:66:c8:99:e4:40:cb:ec:6e:9f:
9b:11:c2:4b:e5:ee:4c:95:f8:bd:9b:94:72:28:a6:86:75:c7:
69:21:c3:e0:f0:7a:a4:8d:54:35:f4:12:d9:e7:41:95:8a:7a:
b9:cd:5d:8e:bf:ee:c6:cc:c2:20:cd:97:f4:58:2d:cf:d2:6f:
75:2c:cc:d2:a0:31:35:ab:ee:7d:cc:44:38:02:75:60:5b:6a:
20:0f:e8:a2:14:aa:3b:99:f4:48:7f:96:98:8b:c2:a5:26:f2:
1b:cd:84:fc:46:ba:c0:3e:03:f1:46:bf:2f:10:f1:8d:52:e1:
f9:85:ab:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKOgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIxMDQyOTUzWhcNMjQwNDIzMDQyOTUzWjAYMRYw
FAYDVQQDEw02NWZiYjdjNC04NGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3QzlgDfoQv3fECmOzrRIuHixG7kysFwzj2fiUuMvFWM0dAQ6qLgJj0p3
pesGHj60I/qm+NaWUblG0f+CYa243lZQ1WII1Q6oUZshtiaZlo5gaJG8jpkyvj09
9wpEjKmafwbX1WvaOtWx2etRUjFQxs4iKpSzn3N+vKVziq9R0YD8L6bygytuU4d+
qrPhYHOjYAjGHUoB7smGo1H2DIdtAXSd+lsEUxW8pdDxL52Y57zA73f202X5GqbD
yUp0FQFarOzDVd4+z1MS/vyNchGX8r/RN/2SkowreAABNkLey/VZiXoqG842qGSa
tSj6Zp25Jrld786cVX+RpL854WvgLwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCr9
bq1o97G3Sih7c7bVH58oXC3MMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQkMwQkVGOEU3M0IxMUVFQjVCOTY3NkY3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3pMA0GCSqGSIb3DQEB
CwUAA4IBAQAAuYPGFUc9hkWVlXW5w4ddboi2o8RqQsnUmp+Ua/Pg69YYwNKrKOP1
v6v+ctIWq6BGQVNS/6hk0mzvsG5tQKozU0yuN5PU1aD5F02lIMIvx0X6bNpL7/ji
x78El3zLvzf6xboFysw48c75wv6UI2qSwnKLLuY8unUY0JGavClJ01ApOoskU61m
yJnkQMvsbp+bEcJL5e5Mlfi9m5RyKKaGdcdpIcPg8HqkjVQ19BLZ50GVinq5zV2O
v+7GzMIgzZf0WC3P0m91LMzSoDE1q+59zEQ4AnVgW2ogD+iiFKo7mfRIf5aYi8Kl
JvIbzYT8RrrAPgPxRr8vEPGNUuH5hat/
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:30:24 2024 by rpki-client on console-fra.rpki-client.org