Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD3A659C1F4411EF8FFF60FC7CDC24C2.roa
File: DD3A659C1F4411EF8FFF60FC7CDC24C2.roa (raw, json)
Hash identifier: FOJ0dFQKwBLDBsezaHBcEqxgV5/SlAOZWNL3OkUTiQM=
Subject key identifier: 3F:62:B5:3F:9B:5A:53:DD:95:6B:E2:37:83:CD:D0:29:2D:92:43:E5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: BC64
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD3A659C1F4411EF8FFF60FC7CDC24C2.roa
Signing time: Fri 31 May 2024 11:56:50 +0000
ROA not before: Fri 31 May 2024 11:56:45 +0000
ROA not after: Mon 30 Jun 2025 11:56:45 +0000
asID: 63673
IP address blocks: 154.213.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 08:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48228 (0xbc64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 31 11:56:45 2024 GMT
Not After : Jun 30 11:56:45 2025 GMT
Subject: CN=6659bb02-672d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:de:42:a5:68:75:8c:30:31:52:ca:8b:ba:74:
a6:a2:17:f2:da:6e:e6:50:fd:2f:72:d7:4e:29:0e:
ee:11:70:a3:a3:e6:8a:89:00:17:d3:d9:2a:da:68:
73:fd:29:6f:f9:a4:80:db:7b:68:cf:75:7d:69:01:
c1:61:a3:d6:48:01:12:9f:2c:3f:16:72:33:e9:0d:
2b:b3:5b:6c:1a:c6:06:19:81:32:d0:32:dc:6b:c0:
59:bf:51:8f:50:03:e6:62:8f:72:9f:6c:ba:58:47:
a8:6f:6b:10:45:b3:2f:38:7f:76:50:0d:8b:4f:e6:
fb:77:34:5b:b5:9c:a4:28:af:ba:e9:94:e1:0c:dd:
0b:55:7d:45:86:6b:08:6a:e4:6f:34:9d:1f:36:e7:
1b:aa:d1:84:a3:f4:74:53:d8:03:9f:a4:3e:ca:19:
fd:19:41:ee:e3:9f:17:36:e1:ae:08:f9:83:f3:94:
e3:73:54:09:56:f9:f5:51:03:0b:f4:a4:63:06:a2:
e8:91:c8:d9:ca:b6:f6:88:be:fc:7b:f6:04:63:ad:
cd:4a:71:5b:79:03:7b:6b:1a:95:ca:70:37:96:80:
d6:4f:9c:62:5c:17:35:56:c2:29:0d:59:ab:7a:43:
70:36:39:4c:65:26:a7:1c:15:ea:24:e0:4a:c7:0a:
4d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:62:B5:3F:9B:5A:53:DD:95:6B:E2:37:83:CD:D0:29:2D:92:43:E5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DD3A659C1F4411EF8FFF60FC7CDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.4.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:b5:ad:02:d8:85:ba:ce:df:0a:a9:20:ed:2f:69:5c:e5:e8:
8f:de:8e:e2:1b:a9:c3:9e:19:3b:62:87:ac:58:d7:f2:e2:ec:
cd:79:13:6b:bf:f2:0d:7f:c4:5c:74:f5:a2:6f:39:16:aa:93:
61:5b:f1:7f:29:3d:6a:1f:5a:dc:ed:7b:3f:9d:5c:3d:90:80:
07:d5:86:c7:dd:e9:12:60:ed:2c:a8:df:b7:37:a8:f3:67:7b:
07:38:4a:13:88:a3:51:2a:b9:b8:a1:aa:20:f4:77:c5:c6:77:
42:c9:c7:30:17:c3:c2:a3:4d:5d:e9:69:bd:99:03:b9:25:f7:
14:ba:eb:89:a9:00:24:ca:1f:70:6a:8f:9c:31:16:e5:00:a1:
9e:25:c5:67:17:e8:91:83:99:58:12:04:45:c5:d5:22:f2:87:
8d:f6:f1:66:f6:7e:cf:73:44:0e:b5:95:74:4c:8e:c5:45:b2:
95:d7:d2:d5:dd:4e:34:3f:5e:7e:14:1d:36:b4:42:d4:9f:8f:
e7:5c:86:88:24:af:8b:e7:47:6b:38:28:75:60:38:1e:11:e5:
ce:bc:7d:53:5d:58:98:20:dd:4f:a1:42:3d:a1:8e:c1:91:e7:
07:93:d2:3a:13:ec:2a:b4:d1:1a:6c:ab:bb:ec:02:b4:41:28:
76:aa:88:59
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALxkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTMxMTE1NjQ1WhcNMjUwNjMwMTE1NjQ1WjAYMRYw
FAYDVQQDEw02NjU5YmIwMi02NzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1d5CpWh1jDAxUsqLunSmohfy2m7mUP0vctdOKQ7uEXCjo+aKiQAX09kq
2mhz/Slv+aSA23toz3V9aQHBYaPWSAESnyw/FnIz6Q0rs1tsGsYGGYEy0DLca8BZ
v1GPUAPmYo9yn2y6WEeob2sQRbMvOH92UA2LT+b7dzRbtZykKK+66ZThDN0LVX1F
hmsIauRvNJ0fNucbqtGEo/R0U9gDn6Q+yhn9GUHu458XNuGuCPmD85Tjc1QJVvn1
UQML9KRjBqLokcjZyrb2iL78e/YEY63NSnFbeQN7axqVynA3loDWT5xiXBc1VsIp
DVmrekNwNjlMZSanHBXqJOBKxwpN9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD9i
tT+bWlPdlWviN4PN0CktkkPlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERDNBNjU5QzFGNDQxMUVGOEZGRjYwRkM3Q0RDMjRDMi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtUEMA0GCSqGSIb3DQEB
CwUAA4IBAQAbta0C2IW6zt8KqSDtL2lc5eiP3o7iG6nDnhk7YoesWNfy4uzNeRNr
v/INf8RcdPWibzkWqpNhW/F/KT1qH1rc7Xs/nVw9kIAH1YbH3ekSYO0sqN+3N6jz
Z3sHOEoTiKNRKrm4oaog9HfFxndCyccwF8PCo01d6Wm9mQO5JfcUuuuJqQAkyh9w
ao+cMRblAKGeJcVnF+iRg5lYEgRFxdUi8oeN9vFm9n7Pc0QOtZV0TI7FRbKV19LV
3U40P15+FB02tELUn4/nXIaIJK+L50drOCh1YDgeEeXOvH1TXViYIN1PoUI9oY7B
kecHk9I6E+wqtNEabKu77AK0QSh2qohZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:46:40 2024 by rpki-client on console-ams.rpki-client.org