Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03BBD4629D1711EF916765A8762E951A.roa
File: 03BBD4629D1711EF916765A8762E951A.roa (raw, json)
Hash identifier: 8bhmIjqCGzFodnXWr3VnUKkxLiA7w3U2WqDffuFRGAg=
Subject key identifier: 85:40:6B:33:FE:9C:5D:45:DD:B5:88:A3:57:6B:48:4E:F8:02:B2:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010953
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03BBD4629D1711EF916765A8762E951A.roa
Signing time: Thu 07 Nov 2024 14:46:04 +0000
ROA not before: Thu 07 Nov 2024 14:46:01 +0000
ROA not after: Wed 05 Nov 2025 14:46:01 +0000
asID: 133448
IP address blocks: 154.92.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67923 (0x10953)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 14:46:01 2024 GMT
Not After : Nov 5 14:46:01 2025 GMT
Subject: CN=672cd2ac-b4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:75:04:3a:c6:8e:3b:93:0d:7f:08:4d:8f:d5:
64:55:0e:a5:c8:ca:96:72:e6:3f:59:43:54:de:c0:
70:25:0c:fe:77:66:19:5d:cd:ec:42:a0:36:9f:fa:
4e:3e:1b:6e:8c:c3:df:44:98:a5:ab:9a:8e:96:d3:
e7:63:42:2b:95:76:21:77:e1:40:c6:28:14:33:0d:
53:dd:d6:0e:07:87:a9:24:c1:eb:8f:db:6b:07:7f:
c3:af:fb:d2:66:13:40:d6:7b:dc:65:56:ee:87:f0:
69:ef:aa:83:25:27:50:09:14:67:2a:17:88:93:b5:
ab:a1:ed:69:4d:72:5f:37:19:7e:13:e1:e3:ce:f0:
31:5b:c4:4e:fd:e2:a1:c9:ae:b8:1f:78:a3:13:3b:
a2:c8:9e:b0:87:a2:c8:18:95:73:45:c2:6b:c6:7d:
e1:af:b3:d4:f0:8d:ac:a7:6e:d9:90:30:6f:42:9c:
c1:d1:25:20:ea:8c:5f:0c:f2:e9:fd:06:c4:65:58:
9d:95:97:41:56:3e:1c:06:d2:f0:9a:46:e3:29:ba:
76:a7:2c:ea:96:4f:23:24:dd:a9:42:21:e8:b7:05:
d1:42:70:dc:9d:89:4e:98:e4:7b:32:dd:cb:31:91:
c0:b3:ee:ce:71:46:57:e5:fe:63:fb:9d:ae:72:e7:
96:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:40:6B:33:FE:9C:5D:45:DD:B5:88:A3:57:6B:48:4E:F8:02:B2:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/03BBD4629D1711EF916765A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.4.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d1:36:36:69:4a:ba:b8:0b:1f:ae:f9:95:5f:95:4f:b1:0e:
46:cf:34:be:2f:e6:41:89:0d:9b:98:40:2c:e3:8c:12:6c:db:
71:0e:99:68:1c:27:8a:1d:b3:e5:c1:cd:21:04:4b:2e:2c:13:
9e:23:90:32:fe:6b:41:64:3f:fa:50:4f:1d:4d:e1:81:2e:f7:
19:75:69:66:c1:0a:f4:56:0a:de:3d:d2:6a:b7:ac:2c:3d:c9:
4d:62:7b:dc:97:82:3b:2c:d1:01:83:af:6f:a9:a2:eb:42:8e:
1c:08:9d:34:f4:51:d4:e1:21:06:72:67:e3:dd:c6:06:2c:a6:
3c:25:02:62:12:20:b6:a6:ec:15:a0:0f:a8:cf:2d:d1:12:1e:
5d:93:b6:90:1e:2e:d4:45:40:05:40:91:3e:b5:2b:4b:c8:96:
46:7f:75:9d:4c:22:cf:a6:a4:dc:b2:19:a4:93:ac:16:ec:8e:
88:93:f0:b9:45:64:79:9d:d5:40:c6:98:29:56:c9:7e:d0:c6:
1a:31:14:dd:3a:33:3d:7e:8a:e3:95:59:08:db:e8:b6:63:d5:
39:85:a1:a5:9a:fb:dd:c9:6f:c3:31:b8:90:87:58:b2:ae:16:
57:cb:bd:c2:58:ca:39:c5:56:1e:37:53:89:58:7d:d6:c6:ef:
99:ec:25:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQlTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MTQ0NjAxWhcNMjUxMTA1MTQ0NjAxWjAYMRYw
FAYDVQQDEw02NzJjZDJhYy1iNGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvHUEOsaOO5MNfwhNj9VkVQ6lyMqWcuY/WUNU3sBwJQz+d2YZXc3sQqA2
n/pOPhtujMPfRJilq5qOltPnY0IrlXYhd+FAxigUMw1T3dYOB4epJMHrj9trB3/D
r/vSZhNA1nvcZVbuh/Bp76qDJSdQCRRnKheIk7Wroe1pTXJfNxl+E+HjzvAxW8RO
/eKhya64H3ijEzuiyJ6wh6LIGJVzRcJrxn3hr7PU8I2sp27ZkDBvQpzB0SUg6oxf
DPLp/QbEZVidlZdBVj4cBtLwmkbjKbp2pyzqlk8jJN2pQiHotwXRQnDcnYlOmOR7
Mt3LMZHAs+7OcUZX5f5j+52ucueW5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIVA
azP+nF1F3bWIo1drSE74ArIvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wM0JCRDQ2MjlEMTcxMUVGOTE2NzY1QTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlwEMA0GCSqGSIb3DQEB
CwUAA4IBAQCZ0TY2aUq6uAsfrvmVX5VPsQ5GzzS+L+ZBiQ2bmEAs44wSbNtxDplo
HCeKHbPlwc0hBEsuLBOeI5Ay/mtBZD/6UE8dTeGBLvcZdWlmwQr0VgrePdJqt6ws
PclNYnvcl4I7LNEBg69vqaLrQo4cCJ009FHU4SEGcmfj3cYGLKY8JQJiEiC2puwV
oA+ozy3REh5dk7aQHi7URUAFQJE+tStLyJZGf3WdTCLPpqTcshmkk6wW7I6Ik/C5
RWR5ndVAxpgpVsl+0MYaMRTdOjM9forjlVkI2+i2Y9U5haGlmvvdyW/DMbiQh1iy
rhZXy73CWMo5xVYeN1OJWH3Wxu+Z7CWV
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:20 2024 by rpki-client on console-fra.rpki-client.org