Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B37A802AE4F211EEB07BC1B2775412E6.roa
File: B37A802AE4F211EEB07BC1B2775412E6.roa (raw, json)
Hash identifier: s4xDxtv6Q0RrhB/oqPev9/wlCEYm44yNPaFre0Dqdso=
Subject key identifier: 38:16:E5:86:D8:31:7A:CC:30:27:07:6B:27:CA:C3:9F:52:CB:CF:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A2A3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B37A802AE4F211EEB07BC1B2775412E6.roa
Signing time: Mon 18 Mar 2024 06:42:34 +0000
ROA not before: Mon 18 Mar 2024 06:42:30 +0000
ROA not after: Sat 20 Apr 2024 06:42:30 +0000
asID: 39600
IP address blocks: 154.86.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Apr 2024 06:42:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41635 (0xa2a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 18 06:42:30 2024 GMT
Not After : Apr 20 06:42:30 2024 GMT
Subject: CN=65f7e25a-2efa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e5:29:b3:7f:ad:64:29:f0:4a:47:6f:5b:8e:
57:8a:cd:26:fb:5f:04:bf:ba:a6:3e:44:1a:50:3b:
98:88:e0:fe:ca:85:29:01:51:2b:62:c2:03:23:d5:
59:c7:42:15:77:e8:8c:61:69:eb:95:00:c9:29:53:
3d:40:89:e5:06:cd:8c:b3:7f:66:e9:90:79:98:30:
28:89:c7:fd:67:b6:99:1b:a9:df:5d:fd:bd:80:c7:
bb:45:41:bc:3d:df:a3:34:08:5c:cf:ed:bf:68:2f:
60:95:87:ab:ba:4c:fe:20:a2:e5:08:67:1c:f2:d3:
bc:7b:8f:86:e1:e5:4e:ae:b3:38:b3:1a:71:32:b0:
75:c6:3f:6c:47:40:b6:ce:9d:d9:c0:6e:32:3a:0c:
e8:0e:0f:57:f9:c3:b8:79:2d:05:14:53:14:eb:2a:
bc:bc:83:27:7f:74:94:a0:50:c4:df:e6:27:41:5a:
b6:d1:36:98:30:42:06:16:6c:33:8b:97:92:c1:6c:
1d:7d:89:38:16:1e:f3:bb:5f:75:56:fe:1e:38:ab:
03:b0:de:a1:d6:1e:25:d6:bd:6e:86:06:d8:a6:5f:
20:46:19:a7:f4:5b:84:ee:33:42:17:b9:6f:63:b1:
ea:be:f2:eb:87:a8:8f:8b:5f:91:b8:f4:aa:b2:ae:
83:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:16:E5:86:D8:31:7A:CC:30:27:07:6B:27:CA:C3:9F:52:CB:CF:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B37A802AE4F211EEB07BC1B2775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.120.0/21
Signature Algorithm: sha256WithRSAEncryption
b9:d4:96:d1:82:65:ef:0d:46:60:6b:48:13:8f:ae:d9:a6:1c:
21:37:0f:29:4b:cd:21:9c:4b:6d:7c:5d:ad:63:8b:db:d7:f7:
a4:53:bb:99:af:9d:b1:11:31:8f:60:70:eb:9f:3a:a7:50:9a:
2b:a0:e1:30:44:06:94:fc:d6:d5:41:dd:3a:1a:ad:0b:75:4f:
70:f4:8e:27:8b:31:14:99:9c:c8:33:0e:20:ab:20:ff:8f:33:
9c:5d:00:3c:6b:27:d2:4e:bf:f3:6b:81:ff:da:d9:4e:43:5e:
d3:c0:df:a9:4e:f6:d0:8e:a4:f0:21:3c:b3:1d:b8:1e:81:4b:
a5:94:9d:01:89:b5:6c:17:e7:01:c9:38:ac:07:be:bc:86:5e:
ba:5b:79:02:c1:85:6b:ba:38:25:8c:40:9f:58:75:c0:5d:7d:
0b:4a:67:c6:c5:62:38:a4:b6:4d:5c:62:62:a5:49:c3:fd:39:
95:ac:56:2c:5a:09:78:cf:3a:fb:f5:61:73:4b:91:d2:b4:6b:
62:00:35:a5:60:b6:50:ac:75:87:4e:a8:b3:5c:3a:f5:75:f5:
de:29:62:9e:6f:9a:3d:f5:fd:35:c6:97:ca:fe:80:50:12:9d:
2d:ec:63:20:5c:47:db:22:70:a0:1d:df:5c:84:24:27:88:8b:
74:d9:70:b1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKKjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE4MDY0MjMwWhcNMjQwNDIwMDY0MjMwWjAYMRYw
FAYDVQQDEw02NWY3ZTI1YS0yZWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxeUps3+tZCnwSkdvW45Xis0m+18Ev7qmPkQaUDuYiOD+yoUpAVErYsID
I9VZx0IVd+iMYWnrlQDJKVM9QInlBs2Ms39m6ZB5mDAoicf9Z7aZG6nfXf29gMe7
RUG8Pd+jNAhcz+2/aC9glYerukz+IKLlCGcc8tO8e4+G4eVOrrM4sxpxMrB1xj9s
R0C2zp3ZwG4yOgzoDg9X+cO4eS0FFFMU6yq8vIMnf3SUoFDE3+YnQVq20TaYMEIG
Fmwzi5eSwWwdfYk4Fh7zu191Vv4eOKsDsN6h1h4l1r1uhgbYpl8gRhmn9FuE7jNC
F7lvY7HqvvLrh6iPi1+RuPSqsq6DlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDgW
5YbYMXrMMCcHayfKw59Sy89PMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMzdBODAyQUU0RjIxMUVFQjA3QkMxQjI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlZ4MA0GCSqGSIb3DQEB
CwUAA4IBAQC51JbRgmXvDUZga0gTj67ZphwhNw8pS80hnEttfF2tY4vb1/ekU7uZ
r52xETGPYHDrnzqnUJoroOEwRAaU/NbVQd06Gq0LdU9w9I4nizEUmZzIMw4gqyD/
jzOcXQA8ayfSTr/za4H/2tlOQ17TwN+pTvbQjqTwITyzHbgegUullJ0BibVsF+cB
yTisB768hl66W3kCwYVrujgljECfWHXAXX0LSmfGxWI4pLZNXGJipUnD/TmVrFYs
Wgl4zzr79WFzS5HStGtiADWlYLZQrHWHTqizXDr1dfXeKWKeb5o99f01xpfK/oBQ
Ep0t7GMgXEfbInCgHd9chCQniIt02XCx
-----END CERTIFICATE-----
Generated at Sat Apr 20 02:39:15 2024 by rpki-client on console-ams.rpki-client.org