Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DEF4DD0EF72B11EE99503066017001B1.roa
File: DEF4DD0EF72B11EE99503066017001B1.roa (raw, json)
Hash identifier: CEZNKwCc1LcDuKBZhNNg4MIFY8F2rBlXBctOnscs/VU=
Subject key identifier: 93:79:3F:36:41:55:42:93:49:41:0C:BC:B7:56:DE:00:93:D5:4E:F8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AAD6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DEF4DD0EF72B11EE99503066017001B1.roa
Signing time: Wed 10 Apr 2024 11:17:09 +0000
ROA not before: Wed 10 Apr 2024 11:17:06 +0000
ROA not after: Fri 20 Dec 2024 11:17:06 +0000
asID: 137443
IP address blocks: 154.211.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43734 (0xaad6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 11:17:06 2024 GMT
Not After : Dec 20 11:17:06 2024 GMT
Subject: CN=66167535-4954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c7:64:57:df:59:d4:a7:23:c7:d4:d8:87:cc:
a5:06:41:bc:2c:bd:3e:ee:c7:37:01:5e:c2:98:dc:
7f:b7:17:02:9d:ba:1c:2f:ee:4b:6d:f9:72:fa:11:
b3:d1:d9:ae:02:ab:eb:44:ba:67:32:79:16:61:2d:
ac:d9:e7:e1:ea:2a:f3:43:fa:2d:25:cb:60:48:af:
94:a8:4f:be:38:a0:ae:ad:98:f2:d0:1c:35:bc:6e:
b6:6a:4e:93:c2:6b:d1:c8:f2:8c:0f:92:10:4e:50:
d7:60:fd:d3:a1:b5:35:5b:85:f3:53:3a:69:8a:b4:
08:32:c3:f6:99:11:ec:89:9d:78:e0:ee:09:58:7b:
28:bb:d0:fc:53:3f:e1:a2:dd:aa:57:7c:97:8f:00:
f8:fe:de:dd:f7:d6:8b:06:35:b3:e1:8c:58:a0:85:
81:80:0b:73:53:cd:78:99:7c:cd:dc:d5:05:83:a4:
c1:ec:de:6d:65:9f:28:59:2c:c5:9d:6f:68:8b:1e:
e3:78:b0:78:da:46:ba:4d:d7:5e:e8:e8:f7:79:23:
2c:ed:c6:39:31:7a:05:f4:80:85:22:ea:f6:5f:15:
10:67:34:5c:80:c0:e7:6b:83:9a:b0:3f:63:cf:f1:
3a:5b:a8:7d:85:49:4f:8c:58:78:4c:ee:26:fe:23:
20:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:79:3F:36:41:55:42:93:49:41:0C:BC:B7:56:DE:00:93:D5:4E:F8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DEF4DD0EF72B11EE99503066017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.20.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:a7:30:46:fd:93:8c:da:5e:66:a3:9e:9b:13:e9:bd:92:0d:
8c:0d:a6:40:d8:d0:4a:03:f6:e6:6b:a3:56:e8:b4:b7:22:02:
7e:3e:49:bc:20:1f:83:00:b9:96:fa:39:cd:56:03:ea:12:63:
14:da:50:79:f4:b5:2c:09:97:d7:ff:b2:ee:2e:75:ae:88:d4:
c8:1a:57:82:99:73:7a:e3:50:b0:1d:11:88:9e:e5:e5:56:b1:
52:c3:37:ba:0e:36:d1:eb:9b:5e:67:53:24:ac:3e:a3:38:6e:
36:73:61:5b:5a:cc:ec:b3:a0:72:94:73:c3:b4:85:c6:a4:02:
b6:d0:d7:d3:e3:83:b4:2c:5f:89:67:7b:83:a5:da:e2:6f:18:
fd:c8:8d:6d:be:b4:0b:04:d9:6d:e7:ad:78:03:b0:cf:9f:6b:
1d:94:1d:df:b8:72:aa:6f:c2:fa:ba:f7:b9:ee:cc:98:0d:de:
77:6f:64:77:5f:62:eb:06:64:ea:89:03:ac:dd:1a:c8:f8:ae:
1c:e5:5f:71:07:0a:99:79:63:18:53:f3:dd:5a:aa:f8:db:9d:
0e:36:91:e3:47:41:15:6d:07:35:c6:ec:f7:a5:69:e8:d6:31:
cd:28:5e:95:d6:0e:51:e1:d3:f8:e9:ca:db:d8:f6:36:fe:56:
39:ea:df:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKrWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDEwMTExNzA2WhcNMjQxMjIwMTExNzA2WjAYMRYw
FAYDVQQDEw02NjE2NzUzNS00OTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4sdkV99Z1Kcjx9TYh8ylBkG8LL0+7sc3AV7CmNx/txcCnbocL+5Lbfly
+hGz0dmuAqvrRLpnMnkWYS2s2efh6irzQ/otJctgSK+UqE++OKCurZjy0Bw1vG62
ak6TwmvRyPKMD5IQTlDXYP3TobU1W4XzUzppirQIMsP2mRHsiZ144O4JWHsou9D8
Uz/hot2qV3yXjwD4/t7d99aLBjWz4YxYoIWBgAtzU814mXzN3NUFg6TB7N5tZZ8o
WSzFnW9oix7jeLB42ka6Tdde6Oj3eSMs7cY5MXoF9ICFIur2XxUQZzRcgMDna4Oa
sD9jz/E6W6h9hUlPjFh4TO4m/iMgBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJN5
PzZBVUKTSUEMvLdW3gCT1U74MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ERUY0REQwRUY3MkIxMUVFOTk1MDMwNjYwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtMUMA0GCSqGSIb3DQEB
CwUAA4IBAQDEpzBG/ZOM2l5mo56bE+m9kg2MDaZA2NBKA/bma6NW6LS3IgJ+Pkm8
IB+DALmW+jnNVgPqEmMU2lB59LUsCZfX/7LuLnWuiNTIGleCmXN641CwHRGInuXl
VrFSwze6DjbR65teZ1MkrD6jOG42c2FbWszss6BylHPDtIXGpAK20NfT44O0LF+J
Z3uDpdribxj9yI1tvrQLBNlt5614A7DPn2sdlB3fuHKqb8L6uve57syYDd53b2R3
X2LrBmTqiQOs3RrI+K4c5V9xBwqZeWMYU/PdWqr4250ONpHjR0EVbQc1xuz3pWno
1jHNKF6V1g5R4dP46crb2PY2/lY56t/A
-----END CERTIFICATE-----
Generated at Fri May 3 03:10:29 2024 by rpki-client on console-ams.rpki-client.org