Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0473B42AA73911EFB885C58E762E951A.roa
File: 0473B42AA73911EFB885C58E762E951A.roa (raw, json)
Hash identifier: m5Nr0194ZJlDjPNsajlFJ+TBWyX99fRaM15baBqwYyQ=
Subject key identifier: A9:BC:78:AC:18:F1:27:34:5E:C5:3F:5E:C3:19:6D:0E:2F:20:96:EB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010F8D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0473B42AA73911EFB885C58E762E951A.roa
Signing time: Wed 20 Nov 2024 12:14:40 +0000
ROA not before: Wed 20 Nov 2024 12:14:36 +0000
ROA not after: Tue 13 May 2025 12:14:36 +0000
asID: 137951
IP address blocks: 154.218.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69517 (0x10f8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 20 12:14:36 2024 GMT
Not After : May 13 12:14:36 2025 GMT
Subject: CN=673dd2b0-b629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:49:76:81:47:61:6d:10:65:eb:eb:c0:ef:c7:
c5:42:e7:84:35:d9:b0:1b:cb:88:da:ca:0a:e6:de:
b8:be:24:c4:9c:d6:08:1d:d7:65:e2:f1:3a:9f:76:
34:d0:f8:30:42:37:e7:43:56:f8:0f:f1:6e:0c:9a:
80:f3:cd:01:5a:5e:88:9c:ec:c5:e9:22:c4:37:c2:
08:85:9d:e9:96:2b:30:23:c4:23:d9:41:bc:ef:f3:
a8:fe:7c:1f:07:a6:6c:e5:e7:1d:23:b2:d8:ac:b4:
77:0d:43:12:5b:72:c8:14:f2:e9:b4:bf:b2:6b:b6:
63:99:a3:0e:8a:36:6c:92:7d:10:3b:f8:36:01:c2:
7a:ec:07:dc:39:2f:65:ec:a2:ed:fa:fa:a8:d2:ff:
e6:0e:ea:1e:94:b1:be:48:ce:5c:76:82:5c:da:ce:
fd:a6:43:96:22:76:3e:21:74:2c:ae:c1:b3:07:d0:
0a:bd:aa:26:f5:86:85:f2:fb:8b:44:1d:84:90:43:
54:bc:1b:84:8c:81:06:80:35:11:f9:7c:80:66:01:
9f:64:75:64:a6:0e:a8:61:6e:d5:f9:92:fd:50:02:
63:20:c5:c6:a6:a4:69:3d:f1:fc:1f:a2:7c:3b:b9:
10:42:fc:86:74:c5:a6:ae:a5:01:3b:68:d1:99:ca:
75:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BC:78:AC:18:F1:27:34:5E:C5:3F:5E:C3:19:6D:0E:2F:20:96:EB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0473B42AA73911EFB885C58E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.128.0/18
Signature Algorithm: sha256WithRSAEncryption
73:dc:d9:c6:c9:cd:e9:15:fc:80:d1:bc:bf:cd:2a:14:d0:8e:
2d:03:b4:30:14:43:d4:09:3e:63:59:79:3b:92:ac:68:00:dc:
ab:e0:2a:1b:2c:17:2d:ae:6e:24:93:c4:f6:2b:c2:0e:34:b8:
62:6f:9d:7d:d1:61:17:9e:8a:5b:6b:f7:07:db:d8:57:70:05:
6d:95:86:2d:12:cb:ef:92:f2:49:03:b7:92:d4:be:7d:36:73:
cb:5a:47:bb:f2:88:37:a3:a5:6e:19:8f:84:fc:ca:12:78:49:
21:4b:94:f4:2d:12:94:04:e6:12:87:10:ae:62:4a:9d:e7:40:
a4:b8:c4:ac:1a:f9:27:e4:93:85:45:e7:73:d1:ad:c3:a6:85:
b5:98:82:04:78:ea:ee:58:12:9f:40:07:67:e8:8d:e1:8d:12:
00:6c:8f:dd:d3:49:ca:b1:92:52:f4:25:92:39:46:d3:cb:e3:
79:7e:c2:ef:4b:6b:43:1a:83:20:c0:ed:68:b7:5f:68:97:0b:
c6:2f:17:ff:91:17:98:a1:82:dd:fa:51:eb:6e:6b:4f:82:e1:
60:28:a4:b4:bf:90:1d:12:00:54:4e:bf:fc:1e:55:71:4d:dd:
32:12:86:08:09:45:be:c0:44:f4:c1:0e:f2:5b:89:3d:a2:32:
18:f1:54:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ+NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMTIxNDM2WhcNMjUwNTEzMTIxNDM2WjAYMRYw
FAYDVQQDEw02NzNkZDJiMC1iNjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3El2gUdhbRBl6+vA78fFQueENdmwG8uI2soK5t64viTEnNYIHddl4vE6
n3Y00PgwQjfnQ1b4D/FuDJqA880BWl6InOzF6SLEN8IIhZ3pliswI8Qj2UG87/Oo
/nwfB6Zs5ecdI7LYrLR3DUMSW3LIFPLptL+ya7ZjmaMOijZskn0QO/g2AcJ67Afc
OS9l7KLt+vqo0v/mDuoelLG+SM5cdoJc2s79pkOWInY+IXQsrsGzB9AKvaom9YaF
8vuLRB2EkENUvBuEjIEGgDUR+XyAZgGfZHVkpg6oYW7V+ZL9UAJjIMXGpqRpPfH8
H6J8O7kQQvyGdMWmrqUBO2jRmcp13wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKm8
eKwY8Sc0XsU/XsMZbQ4vIJbrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNDczQjQyQUE3MzkxMUVGQjg4NUM1OEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtqAMA0GCSqGSIb3DQEB
CwUAA4IBAQBz3NnGyc3pFfyA0by/zSoU0I4tA7QwFEPUCT5jWXk7kqxoANyr4Cob
LBctrm4kk8T2K8IONLhib5190WEXnopba/cH29hXcAVtlYYtEsvvkvJJA7eS1L59
NnPLWke78og3o6VuGY+E/MoSeEkhS5T0LRKUBOYShxCuYkqd50CkuMSsGvkn5JOF
Redz0a3DpoW1mIIEeOruWBKfQAdn6I3hjRIAbI/d00nKsZJS9CWSOUbTy+N5fsLv
S2tDGoMgwO1ot19olwvGLxf/kReYoYLd+lHrbmtPguFgKKS0v5AdEgBUTr/8HlVx
Td0yEoYICUW+wET0wQ7yW4k9ojIY8VTL
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:53 2024 by rpki-client on console-ams.rpki-client.org