Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D28DAA50F7BC11EE96A47F0C017001B1.roa
File: D28DAA50F7BC11EE96A47F0C017001B1.roa (raw, json)
Hash identifier: rtiWKT28uPVMB6rwDLd0IXjweJjThl7AWhqHcitYPac=
Subject key identifier: 79:64:DE:FC:E7:10:CE:AF:B7:C2:F7:C6:17:53:CC:E9:86:8A:BE:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AB01
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D28DAA50F7BC11EE96A47F0C017001B1.roa
Signing time: Thu 11 Apr 2024 04:34:45 +0000
ROA not before: Thu 11 Apr 2024 04:34:42 +0000
ROA not after: Sun 19 May 2024 04:34:42 +0000
asID: 138915
IP address blocks: 154.90.40.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43777 (0xab01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 11 04:34:42 2024 GMT
Not After : May 19 04:34:42 2024 GMT
Subject: CN=66176865-f06c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ed:1a:b3:ad:5d:ca:d0:50:d9:92:a6:92:c9:
30:a8:97:8c:92:d3:c3:69:4c:bb:35:db:44:5e:32:
98:9a:04:b6:76:91:42:e5:b1:b5:d6:e4:f8:74:1d:
24:8a:23:cd:a2:08:b7:95:66:0c:0a:38:04:06:b5:
8c:59:94:fc:b9:87:f9:53:f5:e2:48:66:90:6d:c9:
2d:37:07:26:ac:30:a3:25:51:63:3c:5d:df:10:4a:
50:d7:78:a7:28:65:07:07:53:75:20:2a:a1:d6:3c:
d4:39:96:76:16:3e:23:ef:6e:01:6b:43:a0:ab:81:
37:7c:6e:9f:58:ac:28:14:be:78:15:9f:c0:45:4a:
b5:11:b1:47:fc:34:1c:86:5c:13:64:a4:54:0b:c3:
69:ca:ff:4d:56:d0:11:da:99:94:60:81:a0:a4:63:
9c:5f:d3:65:d3:5c:68:c2:df:c6:14:51:c7:03:04:
0b:55:ff:7b:25:0e:20:e4:ca:ae:4b:66:4a:99:b4:
1b:9e:59:49:1f:0d:89:9d:7a:5d:5b:af:5a:f2:49:
fd:0c:34:c9:3e:cb:f8:7b:9c:fb:fb:65:84:b2:f8:
26:20:55:39:be:c7:d2:04:62:d7:c2:6d:14:f1:25:
00:2e:df:a0:5c:c8:b4:6c:84:57:ad:04:59:3e:f3:
bd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:64:DE:FC:E7:10:CE:AF:B7:C2:F7:C6:17:53:CC:E9:86:8A:BE:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D28DAA50F7BC11EE96A47F0C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.40.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:6f:3f:ff:a4:5d:e7:a7:25:61:d2:1c:83:80:cc:de:67:bc:
59:71:08:47:48:46:58:72:90:f0:35:34:e0:70:24:98:89:8e:
65:e6:af:7e:e2:17:35:68:37:59:88:ee:f3:06:98:89:56:fd:
b9:9f:57:a5:91:98:9e:f8:ac:6d:33:b6:91:10:09:be:1e:2e:
88:13:74:3e:4e:bd:82:ac:7f:fc:26:37:ed:e3:fd:a0:da:43:
ca:75:0a:5e:f4:3b:29:06:3c:3a:32:4c:8a:43:aa:da:bc:4e:
4e:dd:7d:a3:41:fc:70:9c:93:b8:19:75:ae:7b:96:d5:a8:0b:
a5:0f:4a:90:83:dc:62:34:e2:51:02:73:16:e5:f7:97:0a:d4:
d9:57:bf:1a:68:c2:d0:25:c8:6a:00:9e:e7:e8:59:33:47:7c:
63:5e:a1:7e:95:ef:49:da:2e:fe:96:cb:91:6a:8c:26:9d:51:
81:4b:09:c5:36:8d:9f:c1:79:de:6f:6f:c6:0e:91:67:b4:43:
7b:9c:c3:3b:7e:72:e6:dd:5d:fa:22:9e:f6:c3:10:7b:75:a6:
23:85:bc:2b:73:9a:f2:5f:ed:35:eb:28:1d:02:fc:9e:81:63:
f0:38:08:28:92:bd:63:5f:bd:16:c1:48:4e:8d:60:f3:ac:2f:
d8:0c:b3:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKsBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDExMDQzNDQyWhcNMjQwNTE5MDQzNDQyWjAYMRYw
FAYDVQQDEw02NjE3Njg2NS1mMDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8+0as61dytBQ2ZKmkskwqJeMktPDaUy7NdtEXjKYmgS2dpFC5bG11uT4
dB0kiiPNogi3lWYMCjgEBrWMWZT8uYf5U/XiSGaQbcktNwcmrDCjJVFjPF3fEEpQ
13inKGUHB1N1ICqh1jzUOZZ2Fj4j724Ba0Ogq4E3fG6fWKwoFL54FZ/ARUq1EbFH
/DQchlwTZKRUC8Npyv9NVtAR2pmUYIGgpGOcX9Nl01xowt/GFFHHAwQLVf97JQ4g
5MquS2ZKmbQbnllJHw2JnXpdW69a8kn9DDTJPsv4e5z7+2WEsvgmIFU5vsfSBGLX
wm0U8SUALt+gXMi0bIRXrQRZPvO9jwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHlk
3vznEM6vt8L3xhdTzOmGir4wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMjhEQUE1MEY3QkMxMUVFOTZBNDdGMEMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlooMA0GCSqGSIb3DQEB
CwUAA4IBAQDCbz//pF3npyVh0hyDgMzeZ7xZcQhHSEZYcpDwNTTgcCSYiY5l5q9+
4hc1aDdZiO7zBpiJVv25n1elkZie+KxtM7aREAm+Hi6IE3Q+Tr2CrH/8Jjft4/2g
2kPKdQpe9DspBjw6MkyKQ6ravE5O3X2jQfxwnJO4GXWue5bVqAulD0qQg9xiNOJR
AnMW5feXCtTZV78aaMLQJchqAJ7n6FkzR3xjXqF+le9J2i7+lsuRaowmnVGBSwnF
No2fwXneb2/GDpFntEN7nMM7fnLm3V36Ip72wxB7daYjhbwrc5ryX+016ygdAvye
gWPwOAgokr1jX70WwUhOjWDzrC/YDLO2
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:39 2024 by rpki-client on console-fra.rpki-client.org