Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF0163CAE76011EE9D2C1992775412E6.roa
File: CF0163CAE76011EE9D2C1992775412E6.roa (raw, json)
Hash identifier: pri3cRSMM8a0PwsUVlyPd5xcmZ82SRq2yxswndLef+g=
Subject key identifier: 75:6A:E5:22:09:06:08:16:3B:74:79:24:BD:72:87:2B:44:6C:9C:E5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A509
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF0163CAE76011EE9D2C1992775412E6.roa
Signing time: Thu 21 Mar 2024 08:55:47 +0000
ROA not before: Thu 21 Mar 2024 08:55:44 +0000
ROA not after: Tue 23 Apr 2024 08:55:44 +0000
asID: 44559
IP address blocks: 154.222.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 23 Apr 2024 00:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42249 (0xa509)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 08:55:44 2024 GMT
Not After : Apr 23 08:55:44 2024 GMT
Subject: CN=65fbf613-fcc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6b:24:14:a5:27:8b:99:92:ea:52:14:ec:50:
95:13:83:80:e7:02:7c:be:55:af:44:ff:44:a6:5c:
94:e1:31:79:0b:1e:cc:02:57:70:5b:64:cf:ca:ac:
bf:fa:a9:a7:8f:d4:c0:a0:92:17:44:4c:31:2f:4b:
f9:46:97:c2:b0:72:e0:28:c7:30:ac:c7:0f:70:f5:
cb:f8:9f:6d:3e:d5:8c:be:10:06:a8:c9:2d:24:59:
9a:a0:b6:67:62:3f:c3:2a:88:64:7e:60:bb:7f:18:
9d:4c:1d:96:bb:68:00:76:31:b6:e0:13:70:20:0b:
71:82:4f:5f:0c:53:0f:de:7a:42:36:19:b2:be:fc:
38:14:c2:43:5f:08:11:44:ee:c1:8a:f0:3b:20:6b:
1b:df:5d:b9:8e:11:ba:3a:a2:51:6f:ce:62:cf:a0:
a0:09:3e:3a:10:4a:8a:5a:84:3a:87:35:ab:f8:9a:
48:7e:a6:ad:27:39:7c:14:fa:64:8b:3a:a5:d1:3b:
26:09:a3:a0:6a:e1:b5:54:e5:0e:49:41:55:15:b9:
56:73:98:5a:fe:23:5e:f3:e6:6e:1f:ea:78:c2:ec:
c6:07:20:cd:3a:12:db:57:f7:b2:3f:41:16:bd:64:
ee:16:b5:24:27:87:37:84:a5:06:eb:05:43:7b:ad:
0c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6A:E5:22:09:06:08:16:3B:74:79:24:BD:72:87:2B:44:6C:9C:E5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF0163CAE76011EE9D2C1992775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.20.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:dc:2a:85:24:20:77:ff:13:be:c0:0f:f3:af:d5:5f:1c:17:
3d:2b:97:be:a4:b1:82:ad:c2:5f:85:80:24:df:38:34:dd:fe:
4b:13:c3:bc:72:79:07:7c:fb:fa:ae:11:bb:63:0f:40:d1:44:
03:af:be:78:91:7b:d8:b7:a1:f6:eb:e6:d9:c9:0a:b7:54:2c:
27:80:9b:ae:fb:c2:75:af:8f:d9:a6:09:ab:48:78:0c:4c:9d:
5f:33:45:82:3d:33:0a:45:2f:2b:93:49:be:1b:f6:47:75:bf:
94:1a:bf:b0:ce:7a:d9:f5:90:fc:63:a1:8a:cb:63:23:f5:59:
73:75:be:e7:83:8c:20:c5:58:06:b5:0d:eb:32:aa:0c:71:59:
78:ef:51:2b:a2:ea:8a:e1:d5:26:57:4a:25:77:53:1f:ab:44:
25:f1:02:39:c2:b1:52:aa:79:81:98:e1:8e:ca:bd:e1:6f:55:
ed:9b:7d:a6:52:87:8e:62:de:4b:ee:2b:60:c1:8b:a1:d8:c8:
80:9f:27:c1:d5:4c:7b:95:d9:9b:c1:67:45:8f:13:ee:4f:c6:
cb:81:f3:14:71:03:08:8a:c2:5b:93:87:18:d4:c8:4e:e8:9f:
90:5c:ac:d7:43:b1:d9:87:ca:f1:3d:26:f0:67:72:63:60:c9:
9e:70:e1:52
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKUJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIxMDg1NTQ0WhcNMjQwNDIzMDg1NTQ0WjAYMRYw
FAYDVQQDEw02NWZiZjYxMy1mY2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAumskFKUni5mS6lIU7FCVE4OA5wJ8vlWvRP9EplyU4TF5Cx7MAldwW2TP
yqy/+qmnj9TAoJIXREwxL0v5RpfCsHLgKMcwrMcPcPXL+J9tPtWMvhAGqMktJFma
oLZnYj/DKohkfmC7fxidTB2Wu2gAdjG24BNwIAtxgk9fDFMP3npCNhmyvvw4FMJD
XwgRRO7BivA7IGsb3125jhG6OqJRb85iz6CgCT46EEqKWoQ6hzWr+JpIfqatJzl8
FPpkizql0TsmCaOgauG1VOUOSUFVFblWc5ha/iNe8+ZuH+p4wuzGByDNOhLbV/ey
P0EWvWTuFrUkJ4c3hKUG6wVDe60M/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHVq
5SIJBggWO3R5JL1yhytEbJzlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjAxNjNDQUU3NjAxMUVFOUQyQzE5OTI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4UMA0GCSqGSIb3DQEB
CwUAA4IBAQCx3CqFJCB3/xO+wA/zr9VfHBc9K5e+pLGCrcJfhYAk3zg03f5LE8O8
cnkHfPv6rhG7Yw9A0UQDr754kXvYt6H26+bZyQq3VCwngJuu+8J1r4/ZpgmrSHgM
TJ1fM0WCPTMKRS8rk0m+G/ZHdb+UGr+wznrZ9ZD8Y6GKy2Mj9Vlzdb7ng4wgxVgG
tQ3rMqoMcVl471ErouqK4dUmV0old1Mfq0Ql8QI5wrFSqnmBmOGOyr3hb1Xtm32m
UoeOYt5L7itgwYuh2MiAnyfB1Ux7ldmbwWdFjxPuT8bLgfMUcQMIisJbk4cY1MhO
6J+QXKzXQ7HZh8rxPSbwZ3JjYMmecOFS
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:04:25 2024 by rpki-client on console-ams.rpki-client.org