Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9325606F01111EE861AC996775412E6.roa
File: D9325606F01111EE861AC996775412E6.roa (raw, json)
Hash identifier: wljUbz/64EsFMA6rTYU3ShRf88kGg3vZzCn9U+pkxjo=
Subject key identifier: F2:73:45:DA:F1:8F:A5:38:7B:78:1E:69:3D:E2:15:80:27:E8:F3:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A892
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9325606F01111EE861AC996775412E6.roa
Signing time: Mon 01 Apr 2024 10:23:14 +0000
ROA not before: Mon 01 Apr 2024 10:23:11 +0000
ROA not after: Sat 11 May 2024 10:23:11 +0000
asID: 138915
IP address blocks: 154.203.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43154 (0xa892)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 1 10:23:11 2024 GMT
Not After : May 11 10:23:11 2024 GMT
Subject: CN=660a8b12-8ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b1:c8:bc:2b:9a:51:10:43:ba:63:76:e2:83:
74:6c:4b:14:09:97:df:1e:c7:e9:28:02:aa:f6:0d:
54:6c:9d:08:ce:c4:58:7f:56:28:ab:0a:e5:56:ef:
6a:ac:f5:d9:98:9e:27:5e:8d:dc:a1:87:4d:3a:38:
57:bf:44:2e:d3:10:c8:06:b4:38:6b:09:26:c7:2f:
62:e0:ba:9f:9d:4b:23:a6:4f:3e:25:0f:1c:56:e5:
50:1f:e6:db:a9:a9:d7:56:c3:c4:23:c9:ba:69:5f:
9d:84:dd:31:15:31:89:7d:86:83:87:5d:0c:8d:5f:
f4:5d:6e:49:0c:c6:38:46:19:54:91:51:c2:85:ea:
d6:91:51:78:38:c6:ba:26:aa:32:93:33:66:52:b4:
ba:aa:ba:c4:f6:bc:ca:ae:1a:07:e4:d4:7e:20:b3:
5f:4c:86:64:bb:70:1a:a1:a4:16:d9:47:fd:f0:8e:
c5:69:80:74:69:cf:18:6a:87:fa:b0:3b:b5:3c:0d:
22:28:f0:33:45:56:bf:c6:fc:b9:fc:1d:4c:ba:ea:
7c:93:c7:f1:50:f8:0d:13:1b:f9:08:a1:56:a3:68:
6f:cc:62:f2:5e:75:92:e2:bb:c8:84:2a:97:6b:3f:
51:4d:16:84:cf:e8:4d:b8:9b:d2:f6:1a:5c:d9:f8:
b8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:73:45:DA:F1:8F:A5:38:7B:78:1E:69:3D:E2:15:80:27:E8:F3:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D9325606F01111EE861AC996775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.139.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:7c:d9:43:29:f5:1b:e2:f5:0e:47:e2:31:0a:11:29:95:7e:
75:59:94:95:98:4c:f3:1c:ff:4c:c0:6f:ea:0f:31:8d:e5:74:
cd:53:f4:94:46:8f:f4:95:2f:0f:c0:9c:61:66:c6:1a:bc:60:
fe:fc:ed:52:ac:8a:1b:f9:87:ec:27:5b:87:60:aa:4e:d5:71:
60:0c:5d:f3:79:34:bf:8e:76:1e:21:74:23:85:b5:c4:a2:c5:
7b:b5:9d:2d:a3:c6:a1:46:c8:c7:58:52:92:84:f8:bf:7d:9c:
cb:90:80:3a:18:af:67:39:49:11:cb:23:2b:31:70:5c:39:78:
94:de:22:ae:b9:4b:b8:36:7e:4b:a4:c2:11:47:e9:c9:0f:59:
8d:45:2f:0e:d2:0a:d3:44:ee:cd:e6:da:9b:74:b6:a5:53:36:
c0:b4:93:3a:dc:7d:da:94:0c:51:43:e5:78:f4:ba:9d:ee:95:
96:57:88:a4:b1:bd:13:10:09:ca:0c:46:81:62:0e:52:ff:1c:
85:00:fc:79:60:6a:a8:58:60:2b:21:4b:9d:d0:b7:63:de:c2:
9e:4e:4b:48:d5:01:b7:94:06:b4:b1:2e:c3:09:b5:f9:b4:6a:
f9:71:cc:a9:2b:af:84:81:87:81:7a:7a:4f:93:45:4f:7b:22:
40:68:45:35
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKiSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAxMTAyMzExWhcNMjQwNTExMTAyMzExWjAYMRYw
FAYDVQQDEw02NjBhOGIxMi04YWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3bHIvCuaURBDumN24oN0bEsUCZffHsfpKAKq9g1UbJ0IzsRYf1Yoqwrl
Vu9qrPXZmJ4nXo3coYdNOjhXv0Qu0xDIBrQ4awkmxy9i4LqfnUsjpk8+JQ8cVuVQ
H+bbqanXVsPEI8m6aV+dhN0xFTGJfYaDh10MjV/0XW5JDMY4RhlUkVHCherWkVF4
OMa6JqoykzNmUrS6qrrE9rzKrhoH5NR+ILNfTIZku3AaoaQW2Uf98I7FaYB0ac8Y
aof6sDu1PA0iKPAzRVa/xvy5/B1Muup8k8fxUPgNExv5CKFWo2hvzGLyXnWS4rvI
hCqXaz9RTRaEz+hNuJvS9hpc2fi4wQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPJz
Rdrxj6U4e3geaT3iFYAn6PNIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTMyNTYwNkYwMTExMUVFODYxQUM5OTY3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuLMA0GCSqGSIb3DQEB
CwUAA4IBAQA6fNlDKfUb4vUOR+IxChEplX51WZSVmEzzHP9MwG/qDzGN5XTNU/SU
Ro/0lS8PwJxhZsYavGD+/O1SrIob+YfsJ1uHYKpO1XFgDF3zeTS/jnYeIXQjhbXE
osV7tZ0to8ahRsjHWFKShPi/fZzLkIA6GK9nOUkRyyMrMXBcOXiU3iKuuUu4Nn5L
pMIRR+nJD1mNRS8O0grTRO7N5tqbdLalUzbAtJM63H3alAxRQ+V49Lqd7pWWV4ik
sb0TEAnKDEaBYg5S/xyFAPx5YGqoWGArIUud0Ldj3sKeTktI1QG3lAa0sS7DCbX5
tGr5ccypK6+EgYeBenpPk0VPeyJAaEU1
-----END CERTIFICATE-----
Generated at Fri May 3 04:36:22 2024 by rpki-client on console-ams.rpki-client.org