Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE257486EFF211EE966B48A3775412E6.roa
File: EE257486EFF211EE966B48A3775412E6.roa (raw, json)
Hash identifier: vf9KTf7wBRuPksJVXkjJL0KObTJlOLamta+6n5e4rsU=
Subject key identifier: 41:34:8E:32:C3:5D:D6:14:35:BB:87:91:4E:4D:8D:2B:A4:7C:BE:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A7D2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE257486EFF211EE966B48A3775412E6.roa
Signing time: Mon 01 Apr 2024 06:41:55 +0000
ROA not before: Mon 01 Apr 2024 06:41:52 +0000
ROA not after: Tue 07 May 2024 06:41:52 +0000
asID: 138915
IP address blocks: 154.223.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42962 (0xa7d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 1 06:41:52 2024 GMT
Not After : May 7 06:41:52 2024 GMT
Subject: CN=660a5733-0b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1b:52:45:3a:03:c0:a8:cb:7d:6d:d3:6a:4c:
67:1b:a2:82:08:77:71:cd:b6:61:4c:e1:46:74:c0:
34:43:4a:82:98:06:80:b0:00:d3:fd:71:21:aa:a7:
d5:79:39:8f:d5:da:80:25:fc:cc:02:fa:5a:e7:80:
12:b9:e9:7b:39:af:a2:31:b4:45:f3:9f:44:8b:da:
b2:db:e5:1f:49:d2:a5:ba:22:7b:93:b7:70:65:af:
fa:c3:0d:8e:18:38:82:e2:55:78:59:fc:6f:c3:89:
cb:32:3b:bf:5b:39:e7:35:69:89:dd:e6:22:fc:fb:
62:f0:bc:2f:4f:fe:69:90:50:cc:20:08:a6:fa:e6:
02:2a:b7:38:7d:9d:81:c9:e4:b4:9a:69:29:30:9b:
a0:47:39:02:94:54:dc:3a:d0:93:77:dc:82:f1:97:
3e:0d:67:9c:32:23:f1:2e:ee:06:4c:e2:c4:a3:eb:
46:ac:c7:58:55:45:78:2e:56:ea:31:75:bd:5b:ff:
b9:99:4e:40:ab:be:6e:47:60:23:45:24:76:cd:1a:
a6:35:f8:2a:ee:b5:05:5d:14:8a:4b:1d:c8:f7:56:
98:9d:3b:66:d5:18:30:bf:0b:54:fc:aa:c2:bf:04:
51:f9:c3:5c:27:f7:bd:f5:68:a7:78:b6:d5:3a:22:
74:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:34:8E:32:C3:5D:D6:14:35:BB:87:91:4E:4D:8D:2B:A4:7C:BE:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EE257486EFF211EE966B48A3775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.20.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:94:77:0f:d1:e7:49:c3:6b:14:8c:79:11:94:6e:af:c5:a4:
79:d4:f0:ff:86:b7:d1:99:fa:00:01:e4:d7:fd:1b:05:24:7e:
27:e1:2f:fc:f6:81:0f:dc:f5:88:bb:ab:48:d3:6c:ba:74:87:
61:0e:af:4a:26:9c:f9:81:48:c6:75:10:01:9f:e1:b3:d2:f8:
08:7b:75:ed:6b:02:26:e4:c0:f9:5c:59:73:57:ed:07:23:57:
e4:64:3b:b5:da:28:e8:24:77:a2:ba:78:03:e1:1f:4e:3b:ac:
b3:fe:e2:8b:70:c5:34:40:8f:d9:3c:c4:17:fd:5f:04:14:ba:
1b:89:c2:4c:5a:5a:e4:74:71:5a:e3:10:7d:dd:6d:6d:0e:42:
9f:43:74:cd:99:38:96:8d:b9:fd:3a:e6:91:da:34:af:90:71:
0f:03:6b:39:c1:b7:e6:1d:d9:da:9f:5b:25:a2:d4:b8:df:8d:
9f:38:e9:ee:cb:99:a2:25:5b:e8:42:ca:a4:52:d7:2f:45:86:
39:82:24:1b:72:6e:66:dd:40:c8:4b:64:3c:ff:dd:07:a5:a0:
24:b4:7b:7d:84:94:da:b5:13:1f:9e:96:e8:ff:b0:74:ea:b7:
1d:b9:b7:80:3e:67:d6:75:53:06:82:7f:9f:8b:82:9f:95:08:
ab:fa:bb:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKfSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAxMDY0MTUyWhcNMjQwNTA3MDY0MTUyWjAYMRYw
FAYDVQQDEw02NjBhNTczMy0wYjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArxtSRToDwKjLfW3TakxnG6KCCHdxzbZhTOFGdMA0Q0qCmAaAsADT/XEh
qqfVeTmP1dqAJfzMAvpa54ASuel7Oa+iMbRF859Ei9qy2+UfSdKluiJ7k7dwZa/6
ww2OGDiC4lV4Wfxvw4nLMju/WznnNWmJ3eYi/Pti8LwvT/5pkFDMIAim+uYCKrc4
fZ2ByeS0mmkpMJugRzkClFTcOtCTd9yC8Zc+DWecMiPxLu4GTOLEo+tGrMdYVUV4
LlbqMXW9W/+5mU5Aq75uR2AjRSR2zRqmNfgq7rUFXRSKSx3I91aYnTtm1RgwvwtU
/KrCvwRR+cNcJ/e99WineLbVOiJ0AQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEE0
jjLDXdYUNbuHkU5NjSukfL7cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRTI1NzQ4NkVGRjIxMUVFOTY2QjQ4QTM3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8UMA0GCSqGSIb3DQEB
CwUAA4IBAQDQlHcP0edJw2sUjHkRlG6vxaR51PD/hrfRmfoAAeTX/RsFJH4n4S/8
9oEP3PWIu6tI02y6dIdhDq9KJpz5gUjGdRABn+Gz0vgIe3XtawIm5MD5XFlzV+0H
I1fkZDu12ijoJHeiungD4R9OO6yz/uKLcMU0QI/ZPMQX/V8EFLobicJMWlrkdHFa
4xB93W1tDkKfQ3TNmTiWjbn9OuaR2jSvkHEPA2s5wbfmHdnan1slotS4342fOOnu
y5miJVvoQsqkUtcvRYY5giQbcm5m3UDIS2Q8/90HpaAktHt9hJTatRMfnpbo/7B0
6rcdubeAPmfWdVMGgn+fi4KflQir+rvS
-----END CERTIFICATE-----
Generated at Fri May 3 04:36:23 2024 by rpki-client on console-ams.rpki-client.org