Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0410BE40A71D11EFA97B4361762E951A.roa
File: 0410BE40A71D11EFA97B4361762E951A.roa (raw, json)
Hash identifier: jgbrskNGzRM5JeVa20AJqfNC3khFmj44sJdnLLg/2Vs=
Subject key identifier: 4C:BA:A6:5D:C5:7C:D4:4E:EF:ED:11:F8:19:65:12:09:51:09:7E:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010F41
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0410BE40A71D11EFA97B4361762E951A.roa
Signing time: Wed 20 Nov 2024 08:54:14 +0000
ROA not before: Wed 20 Nov 2024 08:54:10 +0000
ROA not after: Thu 05 Dec 2024 08:54:10 +0000
asID: 21859
IP address blocks: 154.94.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 08:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69441 (0x10f41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 20 08:54:10 2024 GMT
Not After : Dec 5 08:54:10 2024 GMT
Subject: CN=673da3b5-86d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7a:d2:60:cc:f0:df:ee:62:4b:eb:ce:50:00:
89:d3:3b:a8:d0:e3:b8:2e:24:9d:63:18:6b:e5:28:
92:91:b1:94:84:b4:02:14:e1:34:d7:28:e7:cf:f9:
80:1f:da:46:9d:0a:9f:1c:f1:e7:a1:b0:47:1d:bb:
dc:50:5c:11:d9:77:f7:aa:45:b9:37:93:15:fc:49:
a5:63:6d:de:d7:59:93:80:a3:ce:e1:5f:55:c8:27:
76:97:19:39:1a:d6:cb:ea:3a:e4:78:83:00:8d:2e:
71:53:8c:4f:30:04:07:2f:ec:17:11:2e:8f:54:54:
5f:2a:b0:71:41:31:94:4d:98:04:14:92:0e:b0:f3:
1e:7b:36:e4:1e:07:8d:44:54:2e:d8:ce:33:a6:2c:
77:1a:00:14:a3:0a:0c:d5:76:31:8c:cb:99:f5:56:
16:11:c6:45:db:bf:02:e9:4a:14:d5:0e:01:2b:8b:
89:61:b8:b2:8b:bd:66:91:5d:c4:2c:78:d4:b7:d8:
c5:c6:0f:1e:22:f7:bd:19:c7:79:3c:73:a2:3c:70:
9e:de:cd:0b:71:ee:1c:d0:92:ef:96:fb:02:1b:d2:
e8:11:30:e8:f9:16:fd:45:c2:c0:2f:12:1c:a9:cf:
be:99:68:cb:8a:08:7b:c6:8a:82:32:23:ff:2a:38:
00:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:BA:A6:5D:C5:7C:D4:4E:EF:ED:11:F8:19:65:12:09:51:09:7E:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0410BE40A71D11EFA97B4361762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.35.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:91:47:01:7d:b2:65:b5:e2:54:83:f6:c9:c1:2d:a8:01:6a:
04:88:b5:c5:04:d0:19:7f:98:24:8d:ae:be:4d:c2:fd:0a:2c:
a3:27:ef:c2:b0:ba:be:14:db:ed:86:28:cb:26:7d:80:7c:bb:
23:c3:91:ce:4d:af:c8:49:94:6c:a5:69:66:d6:e2:ea:42:b1:
cb:a4:4b:53:98:5e:e2:e9:df:6c:28:3f:e4:8e:8d:2f:de:93:
54:05:6d:56:f4:38:7d:b8:15:54:f8:c8:55:49:28:72:28:b1:
4b:d1:aa:29:57:7e:51:6a:ab:53:7c:df:c6:c8:1d:55:47:e4:
b6:2d:1a:71:d2:98:44:6d:2c:e1:6a:86:b0:47:5b:67:bd:4b:
f1:95:e6:d0:f5:cd:25:7a:82:33:c0:90:0e:a2:62:6d:74:fd:
88:bb:24:b6:8e:1d:72:8b:a6:12:47:77:31:29:da:e4:d9:eb:
60:8b:61:42:be:b6:bf:75:f7:ab:56:de:ed:6a:99:27:28:77:
3c:2f:36:7a:3f:89:22:f3:e5:ef:c0:43:ed:3b:64:fc:b4:be:
b0:10:e9:b1:4d:12:72:f3:f8:54:b6:36:94:b0:cd:4a:78:2f:
34:57:eb:4a:64:cb:3e:18:e6:af:36:a8:8d:8a:85:1b:7d:2e:
6c:62:8a:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ9BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMDg1NDEwWhcNMjQxMjA1MDg1NDEwWjAYMRYw
FAYDVQQDEw02NzNkYTNiNS04NmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzHrSYMzw3+5iS+vOUACJ0zuo0OO4LiSdYxhr5SiSkbGUhLQCFOE01yjn
z/mAH9pGnQqfHPHnobBHHbvcUFwR2Xf3qkW5N5MV/EmlY23e11mTgKPO4V9VyCd2
lxk5GtbL6jrkeIMAjS5xU4xPMAQHL+wXES6PVFRfKrBxQTGUTZgEFJIOsPMeezbk
HgeNRFQu2M4zpix3GgAUowoM1XYxjMuZ9VYWEcZF278C6UoU1Q4BK4uJYbiyi71m
kV3ELHjUt9jFxg8eIve9Gcd5PHOiPHCe3s0Lce4c0JLvlvsCG9LoETDo+Rb9RcLA
LxIcqc++mWjLigh7xoqCMiP/KjgAiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEy6
pl3FfNRO7+0R+BllEglRCX6mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNDEwQkU0MEE3MUQxMUVGQTk3QjQzNjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4jMA0GCSqGSIb3DQEB
CwUAA4IBAQDEkUcBfbJlteJUg/bJwS2oAWoEiLXFBNAZf5gkja6+TcL9CiyjJ+/C
sLq+FNvthijLJn2AfLsjw5HOTa/ISZRspWlm1uLqQrHLpEtTmF7i6d9sKD/kjo0v
3pNUBW1W9Dh9uBVU+MhVSShyKLFL0aopV35RaqtTfN/GyB1VR+S2LRpx0phEbSzh
aoawR1tnvUvxlebQ9c0leoIzwJAOomJtdP2IuyS2jh1yi6YSR3cxKdrk2etgi2FC
vra/dferVt7tapknKHc8LzZ6P4ki8+XvwEPtO2T8tL6wEOmxTRJy8/hUtjaUsM1K
eC80V+tKZMs+GOavNqiNioUbfS5sYoro
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:29 2024 by rpki-client on console-ams.rpki-client.org