Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/B159B4A6F7CF11EEB1F39025017001B1.roa
File: B159B4A6F7CF11EEB1F39025017001B1.roa (raw, json)
Hash identifier: 740iX4/YNKSrtY9V4n9PWMrAZ0OIIcK6uTWL5Tg39nE=
Subject key identifier: 9A:5A:BC:46:A0:A0:A6:08:79:C3:5B:0F:4A:C5:58:A6:78:5E:61:94
Certificate issuer: /CN=F369DB5EAF/serialNumber=D3E2E0BCEB61FB9C4527826E610D467699D63E14
Certificate serial: 01A2
Authority key identifier: D3:E2:E0:BC:EB:61:FB:9C:45:27:82:6E:61:0D:46:76:99:D6:3E:14
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/B159B4A6F7CF11EEB1F39025017001B1.roa
Signing time: Thu 11 Apr 2024 06:49:50 +0000
ROA not before: Thu 11 Apr 2024 06:49:46 +0000
ROA not after: Thu 30 Apr 2043 06:49:46 +0000
asID: 30988
IP address blocks: 102.140.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.mft
rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 23 May 2024 00:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 418 (0x1a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F369DB5EAF/serialNumber=D3E2E0BCEB61FB9C4527826E610D467699D63E14
Validity
Not Before: Apr 11 06:49:46 2024 GMT
Not After : Apr 30 06:49:46 2043 GMT
Subject: CN=6617880e-fce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:7b:62:af:87:44:6c:5a:25:df:ba:38:ad:93:
ec:b6:fd:cd:f8:51:90:4d:80:e8:18:b6:2f:97:d2:
80:5d:53:93:f3:e8:c8:84:78:33:5d:d7:40:0a:08:
6f:1e:9a:64:9b:21:4f:67:24:99:55:bb:d3:bc:a7:
02:c1:62:c0:38:51:04:ba:a8:b3:bd:54:05:78:4d:
44:31:95:79:09:17:19:29:48:cb:d7:09:60:57:8c:
43:f8:ee:72:0d:7b:7c:51:bd:aa:90:b9:c2:85:4b:
3e:8c:de:0e:2b:a5:1d:40:7e:d6:18:2a:5b:4e:cb:
25:21:30:ed:6e:1a:46:9e:1d:4b:88:6f:98:4f:21:
be:4f:60:6f:7b:80:5c:b9:06:b4:96:90:7e:6f:6e:
7a:fa:20:f8:ef:b4:84:a7:db:70:74:a2:90:0e:71:
93:9c:a9:4b:aa:64:bc:da:eb:4a:aa:9e:4c:fd:f7:
c5:81:d2:79:aa:7e:4f:35:72:6d:0c:08:0a:91:98:
3e:00:08:a6:45:15:e8:f2:75:db:3f:95:e2:7b:7f:
f2:f5:82:5a:dc:39:00:0e:3a:1a:05:17:d5:1f:9c:
1b:e9:92:6c:96:8d:20:cb:e9:8e:59:81:b7:fe:a5:
5a:e3:5d:4e:39:fa:0c:e2:2e:6e:5a:1f:07:38:5f:
68:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:5A:BC:46:A0:A0:A6:08:79:C3:5B:0F:4A:C5:58:A6:78:5E:61:94
X509v3 Authority Key Identifier:
keyid:D3:E2:E0:BC:EB:61:FB:9C:45:27:82:6E:61:0D:46:76:99:D6:3E:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0-LgvOth-5xFJ4JuYQ1GdpnWPhQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369DB5E/D1EA5914BF3111EDA7E717D0F1222468/B159B4A6F7CF11EEB1F39025017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.140.96.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:5f:f2:9a:6f:38:76:59:9e:43:ff:7d:f7:7d:96:e7:e6:10:
d6:fe:bb:10:51:c5:c0:f2:0c:f5:2c:2e:d4:d0:1e:8c:8e:6b:
cb:cb:9d:f0:94:40:29:c6:81:bb:79:76:e6:90:1b:67:41:6e:
c1:d1:d8:86:6d:4c:e9:9c:7e:fc:7a:75:e7:6f:c6:8b:b6:70:
31:89:2b:1b:a0:9d:ed:44:c6:14:8b:59:92:20:9c:cd:9c:7b:
c6:da:9f:f6:dd:66:88:dd:31:29:94:15:d1:81:e7:8d:f8:9b:
03:a0:29:98:a9:1d:80:9f:bf:24:b2:cd:d1:4b:38:a3:f3:79:
47:6f:a5:b0:9a:e0:24:9f:85:24:85:e8:19:44:08:8e:54:22:
87:aa:fe:aa:45:c5:a4:35:2f:58:e4:66:bd:18:72:ce:e6:70:
ad:d8:6a:af:56:1a:c5:a8:f3:7f:4f:1a:de:c5:0b:eb:5e:86:
9b:cb:72:fb:15:06:4d:73:df:cd:a6:f6:75:2f:f8:5e:a1:cd:
a5:21:1b:fa:58:ef:66:af:d8:89:ef:49:6b:16:96:62:d1:d0:
5f:c7:bd:11:17:76:c7:1c:40:c2:cd:3b:46:52:6e:51:33:04:
31:e9:81:39:f2:e4:a2:75:9b:33:7f:10:50:61:95:1d:c2:39:
2e:40:67:81
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAaIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OURCNUVBRjExMC8GA1UEBRMoRDNFMkUwQkNFQjYxRkI5QzQ1Mjc4MjZFNjEwRDQ2
NzY5OUQ2M0UxNDAeFw0yNDA0MTEwNjQ5NDZaFw00MzA0MzAwNjQ5NDZaMBgxFjAU
BgNVBAMTDTY2MTc4ODBlLWZjZTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDre2Kvh0RsWiXfujitk+y2/c34UZBNgOgYti+X0oBdU5Pz6MiEeDNd10AK
CG8emmSbIU9nJJlVu9O8pwLBYsA4UQS6qLO9VAV4TUQxlXkJFxkpSMvXCWBXjEP4
7nINe3xRvaqQucKFSz6M3g4rpR1AftYYKltOyyUhMO1uGkaeHUuIb5hPIb5PYG97
gFy5BrSWkH5vbnr6IPjvtISn23B0opAOcZOcqUuqZLza60qqnkz998WB0nmqfk81
cm0MCAqRmD4ACKZFFejydds/leJ7f/L1glrcOQAOOhoFF9UfnBvpkmyWjSDL6Y5Z
gbf+pVrjXU45+gziLm5aHwc4X2h7AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUmlq8
RqCgpgh5w1sPSsVYpnheYZQwHwYDVR0jBBgwFoAU0+LgvOth+5xFJ4JuYQ1GdpnW
PhQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjlEQjVFL0QxRUE1OTE0QkYzMTExRURBN0U3MTdEMEYxMjIyNDY4LzAtTGd2
T3RoLTV4Rko0SnVZUTFHZHBuV1BoUS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzAtTGd2T3RoLTV4Rko0SnVZUTFHZHBuV1BoUS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjlEQjVFL0QxRUE1OTE0QkYzMTExRURBN0U3MTdEMEYx
MjIyNDY4L0IxNTlCNEE2RjdDRjExRUVCMUYzOTAyNTAxNzAwMUIxLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANmjGAwDQYJKoZIhvcNAQEL
BQADggEBACxf8ppvOHZZnkP/ffd9lufmENb+uxBRxcDyDPUsLtTQHoyOa8vLnfCU
QCnGgbt5duaQG2dBbsHR2IZtTOmcfvx6dedvxou2cDGJKxugne1ExhSLWZIgnM2c
e8ban/bdZojdMSmUFdGB5434mwOgKZipHYCfvySyzdFLOKPzeUdvpbCa4CSfhSSF
6BlECI5UIoeq/qpFxaQ1L1jkZr0Ycs7mcK3Yaq9WGsWo839PGt7FC+tehpvLcvsV
Bk1z382m9nUv+F6hzaUhG/pY72av2InvSWsWlmLR0F/HvREXdsccQMLNO0ZSblEz
BDHpgTny5KJ1mzN/EFBhlR3COS5AZ4E=
-----END CERTIFICATE-----
Generated at Tue May 21 02:53:20 2024 by rpki-client on console-fra.rpki-client.org