Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF0B482E74B11EEADB8B16D775412E6.roa
File: DCF0B482E74B11EEADB8B16D775412E6.roa (raw, json)
Hash identifier: HhtncYaUSOOVzGyxvPa1trhnVw2fPNDrg+bXWoHRnS8=
Subject key identifier: B6:89:F1:DB:29:F4:D0:D9:08:5D:5A:98:E5:CF:3F:F3:21:15:C0:B2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A43D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF0B482E74B11EEADB8B16D775412E6.roa
Signing time: Thu 21 Mar 2024 06:25:51 +0000
ROA not before: Thu 21 Mar 2024 06:25:48 +0000
ROA not after: Tue 23 Apr 2024 06:25:48 +0000
asID: 44559
IP address blocks: 154.220.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 23 Apr 2024 00:04:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42045 (0xa43d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 21 06:25:48 2024 GMT
Not After : Apr 23 06:25:48 2024 GMT
Subject: CN=65fbd2ef-8946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:28:2d:91:c9:ce:a9:f7:1b:98:08:8d:b9:43:
c0:de:1c:11:57:20:e0:8d:31:35:d4:8f:c9:dd:e6:
85:2a:78:15:0b:17:98:1a:d4:3c:62:b5:aa:fb:74:
51:f5:93:4d:20:dd:c2:2e:b6:fd:06:35:21:6c:9c:
e1:c8:cc:13:61:af:c6:98:4b:c7:63:a0:b3:be:a9:
80:e2:c9:5e:fc:90:9b:74:c6:7c:9c:68:57:7a:a2:
9b:98:5d:32:bc:92:fe:80:df:a1:7d:a2:cf:18:3f:
40:a5:40:3b:a6:53:32:83:06:85:04:4a:c9:20:1a:
28:a8:50:1c:c5:b6:12:11:88:77:c6:a3:91:f6:d0:
ae:97:90:db:05:21:9b:83:ed:0f:3f:ac:11:6a:46:
a2:18:15:3c:fe:9c:0b:57:61:35:30:2b:74:c9:38:
55:b1:03:2e:20:6c:b6:0a:96:22:16:92:e7:68:99:
fa:47:66:7a:64:19:dd:cf:70:69:69:44:36:f7:92:
b0:0a:d0:a3:3c:87:09:73:f9:83:77:0a:81:cb:e0:
f4:dc:ee:39:36:48:10:56:d1:a6:73:ba:6e:09:e8:
d1:8e:a8:89:92:28:69:02:3d:c3:35:ad:36:c5:4c:
86:2f:54:10:83:f8:fd:8b:3b:ae:e2:ab:d8:27:e4:
fe:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:89:F1:DB:29:F4:D0:D9:08:5D:5A:98:E5:CF:3F:F3:21:15:C0:B2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DCF0B482E74B11EEADB8B16D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.154.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e5:a8:3b:eb:7f:6e:7e:ca:8e:c6:7b:ca:eb:4e:1e:4e:72:
04:1b:45:51:7a:dc:1f:02:02:fe:74:63:9f:c7:14:37:38:f0:
67:df:90:98:67:69:b4:fe:e8:0e:db:fe:ba:e3:2a:c1:f7:f1:
43:e3:79:43:0e:2d:dc:ce:96:8d:93:16:89:11:7e:c0:47:41:
47:da:ca:0d:52:57:08:98:b9:04:66:8d:96:6d:0b:56:97:06:
34:28:bd:f4:86:d2:b4:0d:73:ef:e0:04:b5:69:7e:94:b1:2f:
22:31:22:95:30:0d:98:fb:92:95:d1:a0:2b:55:18:a3:18:73:
7f:d8:50:ca:c2:46:98:a5:44:69:d5:c5:2b:68:93:c2:e0:52:
73:58:bd:b2:6f:f0:47:79:03:f8:1c:00:b7:43:73:b1:d6:f6:
2e:34:ff:02:fe:0c:d6:49:cb:83:f8:89:84:c5:ec:a0:b5:4e:
de:58:84:b7:3a:a8:c8:b0:5b:2f:f9:df:a4:90:e3:85:12:d7:
54:3c:d5:41:05:6c:cd:1d:3b:fc:f1:a7:cf:e3:f8:e9:8b:8c:
c1:85:2e:e3:80:d6:00:cc:74:18:4d:40:9e:36:1b:64:8b:e9:
4f:d6:49:eb:11:74:fb:75:4a:28:7d:02:b8:67:fb:d5:3b:d8:
cc:3e:dd:43
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKQ9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzIxMDYyNTQ4WhcNMjQwNDIzMDYyNTQ4WjAYMRYw
FAYDVQQDEw02NWZiZDJlZi04OTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtigtkcnOqfcbmAiNuUPA3hwRVyDgjTE11I/J3eaFKngVCxeYGtQ8YrWq
+3RR9ZNNIN3CLrb9BjUhbJzhyMwTYa/GmEvHY6CzvqmA4sle/JCbdMZ8nGhXeqKb
mF0yvJL+gN+hfaLPGD9ApUA7plMygwaFBErJIBooqFAcxbYSEYh3xqOR9tCul5Db
BSGbg+0PP6wRakaiGBU8/pwLV2E1MCt0yThVsQMuIGy2CpYiFpLnaJn6R2Z6ZBnd
z3BpaUQ295KwCtCjPIcJc/mDdwqBy+D03O45NkgQVtGmc7puCejRjqiJkihpAj3D
Na02xUyGL1QQg/j9izuu4qvYJ+T+WQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLaJ
8dsp9NDZCF1amOXPP/MhFcCyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQ0YwQjQ4MkU3NEIxMUVFQURCOEIxNkQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtyaMA0GCSqGSIb3DQEB
CwUAA4IBAQAP5ag7639ufsqOxnvK604eTnIEG0VRetwfAgL+dGOfxxQ3OPBn35CY
Z2m0/ugO2/664yrB9/FD43lDDi3czpaNkxaJEX7AR0FH2soNUlcImLkEZo2WbQtW
lwY0KL30htK0DXPv4AS1aX6UsS8iMSKVMA2Y+5KV0aArVRijGHN/2FDKwkaYpURp
1cUraJPC4FJzWL2yb/BHeQP4HAC3Q3Ox1vYuNP8C/gzWScuD+ImExeygtU7eWIS3
OqjIsFsv+d+kkOOFEtdUPNVBBWzNHTv88afP4/jpi4zBhS7jgNYAzHQYTUCeNhtk
i+lP1knrEXT7dUoofQK4Z/vVO9jMPt1D
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:30:25 2024 by rpki-client on console-fra.rpki-client.org