Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F71A7FF2EFF511EEBE14A4BD775412E6.roa
File: F71A7FF2EFF511EEBE14A4BD775412E6.roa (raw, json)
Hash identifier: fq0oeBx0b62mnm6tAx46KJn75R7d8Ijy5nMFNgcqiWg=
Subject key identifier: 2A:FA:87:68:1B:32:C5:E9:84:3B:D7:2C:22:6E:0E:FC:F2:3C:C1:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A7FC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F71A7FF2EFF511EEBE14A4BD775412E6.roa
Signing time: Mon 01 Apr 2024 07:03:39 +0000
ROA not before: Mon 01 Apr 2024 07:03:35 +0000
ROA not after: Tue 07 May 2024 07:03:35 +0000
asID: 138915
IP address blocks: 154.223.40.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43004 (0xa7fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 1 07:03:35 2024 GMT
Not After : May 7 07:03:35 2024 GMT
Subject: CN=660a5c4b-7a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:d7:8a:6e:11:7a:70:97:56:0a:0a:9e:2e:26:
d1:15:a3:eb:04:e6:de:c1:73:07:5f:de:4b:3e:2c:
9d:33:78:33:d0:80:0e:19:6d:5c:cc:07:58:7d:20:
ed:f7:e3:bc:0e:e5:67:d4:7e:65:8c:c7:e3:ee:88:
69:9d:16:17:b5:e2:c5:70:22:c2:67:b4:fb:4e:95:
41:c0:a0:78:bd:cf:ee:39:ff:5e:c8:a6:3f:61:e3:
6a:fd:c8:86:18:9e:b8:57:c2:43:dd:d1:ab:ec:93:
b7:1b:39:f7:7c:39:e6:64:77:ef:d6:fc:e5:29:d3:
e1:63:71:a5:e1:58:24:ce:cb:46:0e:d4:cd:5c:ff:
d8:ae:62:12:21:36:d8:b0:4e:9c:61:2e:27:b9:78:
20:ac:af:05:63:17:ab:5a:23:be:64:fd:63:41:2a:
a5:cd:0f:fd:aa:e5:bc:c9:71:24:4a:ab:7e:c6:68:
b7:1b:68:fa:07:72:fa:be:48:3c:f8:33:92:47:8c:
bd:da:f8:8f:ee:b3:ce:42:63:41:13:23:f1:f9:7c:
9d:7a:04:74:01:5c:25:c7:c3:55:eb:f3:2d:ce:c3:
2a:29:d3:3f:20:f2:84:c5:c3:75:b0:ce:0d:5a:d6:
b0:ec:92:82:9c:aa:aa:40:9a:f5:17:b3:e2:f3:8d:
a8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FA:87:68:1B:32:C5:E9:84:3B:D7:2C:22:6E:0E:FC:F2:3C:C1:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F71A7FF2EFF511EEBE14A4BD775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.40.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:0e:3a:ca:5b:5d:04:9a:bc:c6:75:ca:ca:4b:0a:0e:13:5b:
f3:4b:84:10:63:81:a3:23:23:e4:54:75:48:de:33:f8:91:3c:
fb:4e:05:d3:f5:50:d3:6c:28:d9:e6:f7:7d:4a:4d:53:77:4c:
32:38:06:80:97:96:88:d8:d8:60:00:0c:34:8d:16:83:10:e4:
6e:a3:aa:7d:13:05:7c:92:86:11:1c:54:2f:ab:a5:1e:c0:8a:
2a:30:a9:69:fe:90:a2:81:fd:6a:30:d7:8a:3e:44:86:fe:4d:
66:b5:25:6a:40:e3:2e:01:cf:38:98:c7:6d:1f:b8:b0:23:ef:
54:01:87:ac:71:8d:77:89:5f:84:e5:1e:99:80:07:e6:71:97:
2b:e5:13:01:9c:11:87:d6:ed:d9:18:53:b9:4e:a2:ff:d9:b6:
09:f6:97:c8:1f:cc:b4:db:05:a8:4e:0d:e0:67:65:05:5f:d9:
ac:a4:b5:2e:95:b1:40:63:2d:ac:fa:3d:5d:a6:e0:c1:d4:5a:
fd:f1:a4:3a:d8:7f:2b:65:7d:2f:b0:f4:aa:d4:a7:22:96:de:
dc:19:27:12:1f:74:3e:a2:87:12:ff:d3:94:2a:af:ed:02:21:
20:2b:42:74:f8:05:d1:2a:4d:6d:f3:00:c3:c2:e6:9e:1a:3d:
0c:0b:50:fb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKf8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDAxMDcwMzM1WhcNMjQwNTA3MDcwMzM1WjAYMRYw
FAYDVQQDEw02NjBhNWM0Yi03YTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7deKbhF6cJdWCgqeLibRFaPrBObewXMHX95LPiydM3gz0IAOGW1czAdY
fSDt9+O8DuVn1H5ljMfj7ohpnRYXteLFcCLCZ7T7TpVBwKB4vc/uOf9eyKY/YeNq
/ciGGJ64V8JD3dGr7JO3Gzn3fDnmZHfv1vzlKdPhY3Gl4VgkzstGDtTNXP/YrmIS
ITbYsE6cYS4nuXggrK8FYxerWiO+ZP1jQSqlzQ/9quW8yXEkSqt+xmi3G2j6B3L6
vkg8+DOSR4y92viP7rPOQmNBEyPx+XydegR0AVwlx8NV6/MtzsMqKdM/IPKExcN1
sM4NWtaw7JKCnKqqQJr1F7Pi842oeQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCr6
h2gbMsXphDvXLCJuDvzyPMFXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNzFBN0ZGMkVGRjUxMUVFQkUxNEE0QkQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt8oMA0GCSqGSIb3DQEB
CwUAA4IBAQALDjrKW10EmrzGdcrKSwoOE1vzS4QQY4GjIyPkVHVI3jP4kTz7TgXT
9VDTbCjZ5vd9Sk1Td0wyOAaAl5aI2NhgAAw0jRaDEORuo6p9EwV8koYRHFQvq6Ue
wIoqMKlp/pCigf1qMNeKPkSG/k1mtSVqQOMuAc84mMdtH7iwI+9UAYescY13iV+E
5R6ZgAfmcZcr5RMBnBGH1u3ZGFO5TqL/2bYJ9pfIH8y02wWoTg3gZ2UFX9mspLUu
lbFAYy2s+j1dpuDB1Fr98aQ62H8rZX0vsPSq1Kcilt7cGScSH3Q+oocS/9OUKq/t
AiEgK0J0+AXRKk1t8wDDwuaeGj0MC1D7
-----END CERTIFICATE-----
Generated at Fri May 3 04:44:43 2024 by rpki-client on console-fra.rpki-client.org