Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7157E1CF0BA11EEA34DADC4775412E6.roa
File: D7157E1CF0BA11EEA34DADC4775412E6.roa (raw, json)
Hash identifier: eyt2TJqaKkwxX2dnRf4PSxr4qExqpOUP2zWroPD2U3g=
Subject key identifier: 51:6D:02:A7:85:9A:A4:5E:96:B1:5A:1B:53:0C:7A:35:F7:41:7B:27
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A8AD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7157E1CF0BA11EEA34DADC4775412E6.roa
Signing time: Tue 02 Apr 2024 06:32:56 +0000
ROA not before: Tue 02 Apr 2024 06:32:52 +0000
ROA not after: Mon 01 Jul 2024 06:32:52 +0000
asID: 14618
IP address blocks: 154.197.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 03 May 2024 00:04:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43181 (0xa8ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 2 06:32:52 2024 GMT
Not After : Jul 1 06:32:52 2024 GMT
Subject: CN=660ba698-62b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2c:1e:f6:ca:02:a3:12:43:34:a1:9f:93:23:
d3:2e:43:14:95:ac:83:71:af:b9:b6:13:98:94:7f:
02:c5:89:44:29:81:ec:eb:e0:c8:3a:65:46:ad:de:
1a:91:9f:d4:fa:06:d2:37:a6:d0:c9:d1:7e:d9:c0:
63:0b:8d:ae:bf:f5:07:ea:c6:a5:d2:37:a1:1e:e4:
12:88:e4:e8:d7:14:2a:f7:5c:ef:3d:7c:24:72:e1:
ef:0a:e6:1a:8b:f1:35:fd:20:78:33:e3:97:f8:b7:
14:18:e6:ed:6d:76:a6:bb:22:c3:1b:e8:e7:d6:77:
8a:39:db:43:5e:b6:dc:47:8d:ca:9d:fa:26:b9:c9:
75:8f:58:0b:73:ea:fa:a2:1f:21:24:f6:cc:6d:fe:
37:2f:67:43:3d:4d:88:7f:2d:89:4d:b5:dd:f1:8b:
9a:0a:3b:0b:5f:06:79:db:1d:e7:1e:8d:9c:c2:b9:
4d:16:cc:4c:6d:91:c5:ab:78:32:db:21:2a:53:e7:
f2:d1:6a:c7:fc:d8:14:ff:39:5d:4e:03:76:75:66:
c8:fc:e6:a6:0e:95:d9:8c:3d:03:f2:03:cc:b6:8d:
0a:09:66:4d:2c:d1:77:f5:14:14:25:44:5c:f9:2a:
2f:95:17:a5:9a:48:ce:91:d5:7f:ca:95:0f:fa:8b:
02:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:6D:02:A7:85:9A:A4:5E:96:B1:5A:1B:53:0C:7A:35:F7:41:7B:27
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D7157E1CF0BA11EEA34DADC4775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.70.0/24
Signature Algorithm: sha256WithRSAEncryption
28:a6:f1:e9:13:e0:e6:42:ba:e5:f7:83:c7:74:ef:ea:88:1d:
40:87:0a:c5:71:cc:37:e3:bd:36:a6:28:39:a7:9f:bb:1f:5e:
3b:06:fc:1e:83:1c:6b:97:2d:58:7e:37:f1:7d:41:4c:05:0e:
45:3c:98:55:7b:90:64:4d:56:a9:3a:82:05:d7:5e:54:e6:ea:
e9:aa:cf:f1:51:61:6f:08:c4:89:82:0a:4c:72:25:95:fd:c8:
c8:5a:cf:91:bb:fb:17:98:07:7f:7a:fc:6f:da:8a:92:76:44:
6f:16:f5:7a:43:cd:f6:ff:af:17:3d:88:e3:cf:4d:b9:75:7f:
6a:f2:80:72:c4:56:ef:21:ca:d5:5e:e1:94:30:d2:86:ef:46:
40:db:cc:10:43:43:19:57:b6:b1:1d:6a:e5:5c:07:60:cd:59:
ce:18:c8:c2:45:0a:42:06:72:26:77:47:d3:bc:73:52:95:b2:
4d:ec:e8:12:4e:6f:bb:71:9d:e1:e3:8d:53:83:d7:e8:db:79:
03:a8:7f:fa:ce:14:6e:07:c1:24:58:22:78:34:e8:55:b1:69:
fc:86:0d:0c:ac:81:5e:14:87:0b:34:69:03:ee:73:ee:39:29:
b9:82:40:d0:7d:5c:8f:2e:bd:0f:e4:14:cc:55:b7:21:ba:19:
b7:22:76:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKitMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAyMDYzMjUyWhcNMjQwNzAxMDYzMjUyWjAYMRYw
FAYDVQQDEw02NjBiYTY5OC02MmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0ywe9soCoxJDNKGfkyPTLkMUlayDca+5thOYlH8CxYlEKYHs6+DIOmVG
rd4akZ/U+gbSN6bQydF+2cBjC42uv/UH6sal0jehHuQSiOTo1xQq91zvPXwkcuHv
CuYai/E1/SB4M+OX+LcUGObtbXamuyLDG+jn1neKOdtDXrbcR43Knfomucl1j1gL
c+r6oh8hJPbMbf43L2dDPU2Ify2JTbXd8YuaCjsLXwZ52x3nHo2cwrlNFsxMbZHF
q3gy2yEqU+fy0WrH/NgU/zldTgN2dWbI/OamDpXZjD0D8gPMto0KCWZNLNF39RQU
JURc+SovlRelmkjOkdV/ypUP+osCpwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFFt
AqeFmqRelrFaG1MMejX3QXsnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENzE1N0UxQ0YwQkExMUVFQTM0REFEQzQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVGMA0GCSqGSIb3DQEB
CwUAA4IBAQAopvHpE+DmQrrl94PHdO/qiB1AhwrFccw34702pig5p5+7H147Bvwe
gxxrly1YfjfxfUFMBQ5FPJhVe5BkTVapOoIF115U5urpqs/xUWFvCMSJggpMciWV
/cjIWs+Ru/sXmAd/evxv2oqSdkRvFvV6Q832/68XPYjjz025dX9q8oByxFbvIcrV
XuGUMNKG70ZA28wQQ0MZV7axHWrlXAdgzVnOGMjCRQpCBnImd0fTvHNSlbJN7OgS
Tm+7cZ3h441Tg9fo23kDqH/6zhRuB8EkWCJ4NOhVsWn8hg0MrIFeFIcLNGkD7nPu
OSm5gkDQfVyPLr0P5BTMVbchuhm3InZ1
-----END CERTIFICATE-----
Generated at Wed May 1 13:29:52 2024 by rpki-client on console-fra.rpki-client.org