Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F80040AEFD3911EE9573CD4C017001B1.roa
File: F80040AEFD3911EE9573CD4C017001B1.roa (raw, json)
Hash identifier: apH/WKO2aJUQ6+aFwHrEHokwSh2scpTe13Ch07qVg+8=
Subject key identifier: A6:47:80:F3:57:60:2D:3D:6E:A7:C6:67:78:D6:73:B6:2A:AF:0E:39
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: AE11
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F80040AEFD3911EE9573CD4C017001B1.roa
Signing time: Thu 18 Apr 2024 04:13:11 +0000
ROA not before: Thu 18 Apr 2024 04:13:07 +0000
ROA not after: Fri 26 Apr 2024 04:13:07 +0000
asID: 39600
IP address blocks: 154.95.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 26 Apr 2024 04:13:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44561 (0xae11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 04:13:07 2024 GMT
Not After : Apr 26 04:13:07 2024 GMT
Subject: CN=66209dd7-9eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:21:32:11:e4:e8:c0:16:e2:7e:71:a0:61:41:
f7:7d:ee:5d:de:42:75:d7:fb:37:4c:89:5b:d4:9a:
39:7e:27:70:31:ca:e5:76:4e:48:88:35:9a:82:9e:
a6:e0:0f:f8:77:d6:a1:74:1b:bb:25:48:14:f5:16:
30:3c:cb:90:9b:9c:5a:59:c6:f2:02:a8:7c:a9:06:
ca:54:58:84:10:b0:be:8c:a9:dd:db:e0:8c:87:07:
cf:fa:0f:6d:45:17:f6:84:f8:e0:23:95:52:bb:73:
aa:f1:72:1c:5a:bb:97:96:16:c6:3f:06:f7:40:9e:
45:41:9a:9c:63:41:f8:83:18:a4:e4:64:bc:d0:e8:
e6:e7:fe:48:e7:f2:bd:25:81:99:4d:f3:86:9d:1c:
f6:c0:79:2c:f0:00:6f:09:5f:0c:23:1f:d2:16:05:
0f:a7:ba:d2:e2:0b:a4:42:8f:5d:65:34:0c:a6:00:
7f:40:79:16:da:b0:79:ee:b1:cb:b2:f3:2e:d8:5e:
b0:bc:f0:dc:d9:7a:a1:be:c1:e9:5c:1c:96:1b:d2:
b2:9c:36:8d:af:21:b1:66:ea:7e:02:2b:76:80:d3:
f7:31:7b:f7:28:2f:7d:3f:79:1a:20:dc:35:1e:e8:
a0:e5:5d:fd:b2:32:ad:fe:af:dd:67:88:0b:5a:59:
bd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:47:80:F3:57:60:2D:3D:6E:A7:C6:67:78:D6:73:B6:2A:AF:0E:39
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F80040AEFD3911EE9573CD4C017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.40.0/21
Signature Algorithm: sha256WithRSAEncryption
14:e7:e5:f9:cc:99:40:bf:01:77:a9:27:88:9d:54:4d:86:78:
dc:01:67:ff:a0:05:cc:d0:8d:da:dd:97:cc:3d:47:83:42:1c:
6c:db:bd:f0:ea:ed:e4:76:d6:fb:3f:3e:29:1e:62:7c:d2:40:
e0:bc:1b:37:26:be:a3:3b:5a:e4:77:a8:2a:19:37:56:8d:ad:
b6:98:c6:0e:b1:0d:be:63:3b:32:16:a1:c9:96:8e:71:29:50:
e6:3f:72:1e:f0:c7:7d:d5:ae:65:46:4b:99:2b:96:60:23:5e:
a8:00:b6:53:c1:cb:59:a3:09:71:6c:2d:d4:1f:9d:21:70:84:
29:a7:76:86:96:84:9f:fa:92:10:ff:e1:f5:50:22:4c:86:e7:
6e:bd:f3:76:a3:cf:85:22:d3:12:0e:39:ce:58:df:42:57:82:
3f:e5:62:e3:a0:a9:b0:9f:94:fb:6b:3e:7d:20:3e:0f:3d:6d:
6f:e1:18:25:8f:b3:ae:8a:e3:89:03:ab:3b:61:8f:ee:fe:be:
1d:bd:41:95:8e:77:a4:8e:58:c2:71:67:a9:61:af:57:cf:8e:
1b:08:75:43:e8:cf:1c:1f:58:c7:1a:18:9a:ad:57:22:ce:4b:
24:d6:ed:d4:0d:31:70:59:c2:49:11:9f:62:48:54:fb:d4:28:
fd:63:c6:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAK4RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDE4MDQxMzA3WhcNMjQwNDI2MDQxMzA3WjAYMRYw
FAYDVQQDEw02NjIwOWRkNy05ZWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmCEyEeTowBbifnGgYUH3fe5d3kJ11/s3TIlb1Jo5fidwMcrldk5IiDWa
gp6m4A/4d9ahdBu7JUgU9RYwPMuQm5xaWcbyAqh8qQbKVFiEELC+jKnd2+CMhwfP
+g9tRRf2hPjgI5VSu3Oq8XIcWruXlhbGPwb3QJ5FQZqcY0H4gxik5GS80Ojm5/5I
5/K9JYGZTfOGnRz2wHks8ABvCV8MIx/SFgUPp7rS4gukQo9dZTQMpgB/QHkW2rB5
7rHLsvMu2F6wvPDc2XqhvsHpXByWG9KynDaNryGxZup+Ait2gNP3MXv3KC99P3ka
INw1Huig5V39sjKt/q/dZ4gLWlm9WwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKZH
gPNXYC09bqfGZ3jWc7Yqrw45MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GODAwNDBBRUZEMzkxMUVFOTU3M0NENEMwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDml8oMA0GCSqGSIb3DQEB
CwUAA4IBAQAU5+X5zJlAvwF3qSeInVRNhnjcAWf/oAXM0I3a3ZfMPUeDQhxs273w
6u3kdtb7Pz4pHmJ80kDgvBs3Jr6jO1rkd6gqGTdWja22mMYOsQ2+YzsyFqHJlo5x
KVDmP3Ie8Md91a5lRkuZK5ZgI16oALZTwctZowlxbC3UH50hcIQpp3aGloSf+pIQ
/+H1UCJMhuduvfN2o8+FItMSDjnOWN9CV4I/5WLjoKmwn5T7az59ID4PPW1v4Rgl
j7OuiuOJA6s7YY/u/r4dvUGVjnekjljCcWepYa9Xz44bCHVD6M8cH1jHGhiarVci
zksk1u3UDTFwWcJJEZ9iSFT71Cj9Y8YE
-----END CERTIFICATE-----
Generated at Fri Apr 26 03:50:55 2024 by rpki-client on console-ams.rpki-client.org