Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5873FF001DA11EF9FB125FE007001B1.roa
File: D5873FF001DA11EF9FB125FE007001B1.roa (raw, json)
Hash identifier: 2mv+hBy62Gqsio0U3ujoiHDwfLSHAg3GLkJMyK24YxY=
Subject key identifier: 96:C6:8B:A3:88:B3:D8:20:81:3A:FC:9B:45:C4:00:46:29:5B:E2:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AFF0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5873FF001DA11EF9FB125FE007001B1.roa
Signing time: Wed 24 Apr 2024 01:34:47 +0000
ROA not before: Wed 24 Apr 2024 01:34:44 +0000
ROA not after: Sun 26 May 2024 01:34:44 +0000
asID: 20473
IP address blocks: 154.193.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 08 May 2024 00:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45040 (0xaff0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 01:34:44 2024 GMT
Not After : May 26 01:34:44 2024 GMT
Subject: CN=662861b7-bde8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:51:07:1e:32:ba:a1:7c:1d:33:d0:4d:1d:03:
94:ba:e5:3f:8c:56:9b:44:ec:ee:02:f6:5a:e0:eb:
3f:48:6c:f4:b2:fd:f5:06:39:a7:1e:40:51:80:1e:
16:83:77:ec:e5:82:d3:ed:30:0d:cd:51:24:7e:40:
b6:d2:42:0e:9d:6d:e0:04:0f:8e:1b:bc:13:52:45:
ab:89:ed:40:6f:fc:bb:41:ed:df:8c:d3:c8:ca:df:
ee:f6:31:70:91:30:7d:48:8f:d7:30:bd:8b:38:ae:
db:24:5d:0d:b6:c5:c9:9b:63:cb:86:40:60:fd:4f:
c9:52:5d:c8:38:7c:97:46:6a:32:76:f0:3e:19:d9:
40:6e:b9:31:5a:c3:ac:aa:8b:99:4f:5d:da:fe:68:
83:df:bc:fc:9f:47:58:a3:0c:5c:63:af:f9:e4:79:
9c:f5:47:e5:52:ed:e3:18:41:10:41:eb:a8:85:f3:
8b:a5:04:1a:de:e2:fd:b1:a5:83:a6:2c:76:ec:e6:
93:fb:78:d8:ff:85:39:3e:98:70:65:49:c8:ae:71:
1a:78:34:43:58:89:e8:ae:d5:1e:3a:1b:6d:9b:93:
3e:11:6b:e1:a7:22:1b:ca:60:10:4b:cc:f3:70:d6:
02:f0:cc:99:2b:d3:cb:f4:52:b5:b2:bf:7e:3b:3a:
f2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C6:8B:A3:88:B3:D8:20:81:3A:FC:9B:45:C4:00:46:29:5B:E2:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D5873FF001DA11EF9FB125FE007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.160.0/20
Signature Algorithm: sha256WithRSAEncryption
37:fb:e7:17:1c:40:ca:b0:e4:98:a2:a9:53:8c:66:67:a2:a0:
04:e5:d3:97:46:c4:7f:f7:39:a8:17:61:f6:47:3c:93:68:b5:
19:0a:4e:66:74:22:2b:91:29:64:8d:04:d2:24:e1:19:b7:e3:
49:7f:7a:c5:03:8c:5f:15:9c:57:16:72:0e:a9:f8:0b:c5:48:
e3:dd:6a:2c:6b:58:d4:1b:fc:d7:63:fd:57:07:1e:7b:c1:ea:
4f:6e:c3:a2:a4:27:f9:9d:16:2d:1d:97:84:c9:43:a8:bb:a7:
45:2e:8d:49:0e:ac:f5:6a:5a:ee:9d:a7:e4:e1:24:fb:7d:e6:
82:6b:d3:ee:62:96:12:37:a5:f4:7e:b9:6a:c8:64:8a:6d:37:
66:16:e9:fe:2d:0c:54:cb:0a:00:a0:4d:a2:c9:80:ff:d0:c2:
9a:1e:78:05:3a:5c:35:f6:4e:8d:29:d6:2e:5f:0d:0d:c8:e0:
94:78:ac:fa:52:0a:e7:73:93:9a:ea:89:e7:75:df:3e:07:0d:
29:3e:49:4b:cd:8c:32:f1:f9:b7:8d:7e:5f:9d:65:9f:01:d0:
92:ae:69:0e:f6:a0:29:fe:d8:85:65:eb:7f:1e:79:45:c5:82:
f0:2a:01:c6:90:3a:3c:81:71:ad:a8:f1:af:17:c1:0b:10:70:
98:7a:8d:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK/wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI0MDEzNDQ0WhcNMjQwNTI2MDEzNDQ0WjAYMRYw
FAYDVQQDEw02NjI4NjFiNy1iZGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyFEHHjK6oXwdM9BNHQOUuuU/jFabROzuAvZa4Os/SGz0sv31BjmnHkBR
gB4Wg3fs5YLT7TANzVEkfkC20kIOnW3gBA+OG7wTUkWrie1Ab/y7Qe3fjNPIyt/u
9jFwkTB9SI/XML2LOK7bJF0NtsXJm2PLhkBg/U/JUl3IOHyXRmoydvA+GdlAbrkx
WsOsqouZT13a/miD37z8n0dYowxcY6/55Hmc9UflUu3jGEEQQeuohfOLpQQa3uL9
saWDpix27OaT+3jY/4U5PphwZUnIrnEaeDRDWInortUeOhttm5M+EWvhpyIbymAQ
S8zzcNYC8MyZK9PL9FK1sr9+OzrylQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJbG
i6OIs9gggTr8m0XEAEYpW+LcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENTg3M0ZGMDAxREExMUVGOUZCMTI1RkUwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmsGgMA0GCSqGSIb3DQEB
CwUAA4IBAQA3++cXHEDKsOSYoqlTjGZnoqAE5dOXRsR/9zmoF2H2RzyTaLUZCk5m
dCIrkSlkjQTSJOEZt+NJf3rFA4xfFZxXFnIOqfgLxUjj3Wosa1jUG/zXY/1XBx57
wepPbsOipCf5nRYtHZeEyUOou6dFLo1JDqz1alrunafk4ST7feaCa9PuYpYSN6X0
frlqyGSKbTdmFun+LQxUywoAoE2iyYD/0MKaHngFOlw19k6NKdYuXw0NyOCUeKz6
Ugrnc5Oa6onndd8+Bw0pPklLzYwy8fm3jX5fnWWfAdCSrmkO9qAp/tiFZet/HnlF
xYLwKgHGkDo8gXGtqPGvF8ELEHCYeo1k
-----END CERTIFICATE-----
Generated at Mon May 6 08:04:44 2024 by rpki-client on console-ams.rpki-client.org