Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3F962B6EDB311EEBDBDF591775412E6.roa
File: D3F962B6EDB311EEBDBDF591775412E6.roa (raw, json)
Hash identifier: 5GYb5xBvGLxFWLuwxe84rugcjmSWNMDWuCdpf4GkWjs=
Subject key identifier: 66:8D:16:33:82:77:E4:00:53:7D:58:96:17:59:FF:09:C5:3C:D6:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A711
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3F962B6EDB311EEBDBDF591775412E6.roa
Signing time: Fri 29 Mar 2024 10:05:11 +0000
ROA not before: Fri 29 Mar 2024 10:05:07 +0000
ROA not after: Sat 04 May 2024 10:05:07 +0000
asID: 142062
IP address blocks: 154.86.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 04 May 2024 10:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42769 (0xa711)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 29 10:05:07 2024 GMT
Not After : May 4 10:05:07 2024 GMT
Subject: CN=66069257-9fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:06:e4:5f:b3:32:56:8a:8f:ac:59:f6:82:13:
02:4f:80:1a:69:b1:6c:8b:b9:83:a1:d2:40:66:cc:
a7:06:05:1a:f1:28:a1:08:bb:0b:96:af:79:f2:5b:
19:49:e3:87:b6:4d:7f:86:cf:94:7b:9d:69:1b:b0:
3f:23:a3:b3:cc:48:23:b4:9b:88:6e:9a:8c:74:b4:
a0:a0:47:27:52:40:f8:95:2f:fd:b7:b8:a2:3d:23:
c5:fe:62:c0:9e:e6:92:5e:a0:9b:e7:0b:f0:7e:4f:
f3:85:17:01:96:3d:df:8e:75:e2:b5:49:70:71:7e:
74:1e:42:3b:43:54:ac:c6:f1:a2:94:a4:fd:98:1d:
7b:d7:87:42:fc:94:ad:5d:e5:fb:fe:f1:19:45:47:
6a:9d:d7:9e:dd:58:66:e2:02:d8:51:32:2d:45:db:
a4:07:14:6c:f1:6f:25:9d:cf:32:d2:48:bd:c3:9e:
85:df:f1:34:67:00:73:ec:33:5a:37:9d:19:75:c3:
51:21:10:a7:d1:a8:92:df:2d:19:42:c1:50:1d:8d:
a1:b3:f1:6f:33:e5:a0:b7:59:3b:ed:43:85:3b:c9:
f7:7f:6f:3e:d1:ae:ad:32:b4:dc:bf:a3:cf:df:a4:
af:8f:8e:d3:d5:eb:72:48:75:7f:3f:1b:8d:0a:b4:
67:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8D:16:33:82:77:E4:00:53:7D:58:96:17:59:FF:09:C5:3C:D6:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3F962B6EDB311EEBDBDF591775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.79.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:8a:f3:6c:4e:df:a2:f5:aa:96:e3:3c:b1:17:8d:5b:a3:d7:
75:a7:06:18:48:41:ee:ef:65:cc:0c:60:be:59:7e:87:65:db:
ac:b4:94:81:23:e9:b2:39:a7:6a:55:3a:4c:2b:39:b9:28:a0:
cc:c2:54:22:6a:f3:24:44:80:7f:0b:59:1f:4f:57:53:f9:66:
f2:60:09:a7:5f:35:1a:bb:38:61:4f:b8:c4:e6:8f:fb:27:19:
c9:3e:4f:ba:2d:98:3d:15:36:e6:1c:5a:c2:26:10:9c:41:ef:
12:85:41:42:1d:b8:3c:61:6e:ce:b5:3e:26:1d:c5:dc:9d:a1:
52:fb:90:99:7f:bb:ac:a2:fb:7e:fc:86:31:17:80:e8:17:90:
5c:9a:a1:1f:bc:17:5a:b7:9f:fc:ad:53:53:92:17:97:22:f7:
d5:1a:14:33:06:33:bd:8f:2a:61:6a:65:44:6b:08:43:41:56:
94:cd:86:82:45:08:c3:9a:64:c6:d0:5d:9e:0a:7f:e3:3a:91:
92:df:6f:9b:d4:90:96:2b:87:e4:3f:d1:0e:92:04:92:09:38:
37:50:e9:de:7a:b2:f6:f6:b9:75:26:8f:5c:a3:eb:d3:45:b1:
3f:85:3c:e0:b6:fa:21:65:84:98:f3:05:73:0d:50:dd:a7:42:
f4:02:af:99
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKcRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzI5MTAwNTA3WhcNMjQwNTA0MTAwNTA3WjAYMRYw
FAYDVQQDEw02NjA2OTI1Ny05ZmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQbkX7MyVoqPrFn2ghMCT4AaabFsi7mDodJAZsynBgUa8SihCLsLlq95
8lsZSeOHtk1/hs+Ue51pG7A/I6OzzEgjtJuIbpqMdLSgoEcnUkD4lS/9t7iiPSPF
/mLAnuaSXqCb5wvwfk/zhRcBlj3fjnXitUlwcX50HkI7Q1SsxvGilKT9mB1714dC
/JStXeX7/vEZRUdqndee3Vhm4gLYUTItRdukBxRs8W8lnc8y0ki9w56F3/E0ZwBz
7DNaN50ZdcNRIRCn0aiS3y0ZQsFQHY2hs/FvM+Wgt1k77UOFO8n3f28+0a6tMrTc
v6PP36Svj47T1etySHV/PxuNCrRnGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGaN
FjOCd+QAU31YlhdZ/wnFPNbtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EM0Y5NjJCNkVEQjMxMUVFQkRCREY1OTE3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlZPMA0GCSqGSIb3DQEB
CwUAA4IBAQAvivNsTt+i9aqW4zyxF41bo9d1pwYYSEHu72XMDGC+WX6HZdustJSB
I+myOadqVTpMKzm5KKDMwlQiavMkRIB/C1kfT1dT+WbyYAmnXzUauzhhT7jE5o/7
JxnJPk+6LZg9FTbmHFrCJhCcQe8ShUFCHbg8YW7OtT4mHcXcnaFS+5CZf7usovt+
/IYxF4DoF5BcmqEfvBdat5/8rVNTkheXIvfVGhQzBjO9jyphamVEawhDQVaUzYaC
RQjDmmTG0F2eCn/jOpGS32+b1JCWK4fkP9EOkgSSCTg3UOneerL29rl1Jo9co+vT
RbE/hTzgtvohZYSY8wVzDVDdp0L0Aq+Z
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:39 2024 by rpki-client on console-fra.rpki-client.org