Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08663AF29B8211EFAD03EBAB762E951A.roa
File: 08663AF29B8211EFAD03EBAB762E951A.roa (raw, json)
Hash identifier: PkHVwb0XDjn11m3BuzUjsLRSg1547/QaHlZmWcCZitM=
Subject key identifier: A6:8B:76:15:C6:FD:B9:DF:7B:7F:E9:45:B1:66:D1:0B:F4:B3:5C:A4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107F3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08663AF29B8211EFAD03EBAB762E951A.roa
Signing time: Tue 05 Nov 2024 14:27:07 +0000
ROA not before: Tue 05 Nov 2024 14:26:44 +0000
ROA not after: Mon 20 Jan 2025 14:26:44 +0000
asID: 135097
IP address blocks: 154.213.80.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67571 (0x107f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 5 14:26:44 2024 GMT
Not After : Jan 20 14:26:44 2025 GMT
Subject: CN=672a2b3b-9eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e8:37:ae:40:00:d5:2e:0c:d4:b8:9c:7c:66:
b1:f3:00:25:29:d3:15:de:43:36:b0:fd:08:10:5a:
28:26:b8:54:9a:4a:f3:c3:53:d2:74:d4:d2:a8:c5:
6b:42:09:0b:d4:93:2d:9b:d7:4d:6e:c8:4c:db:f7:
6c:d6:0a:23:ab:22:35:a9:bf:22:5c:60:01:a1:3c:
86:f1:87:56:cf:5f:72:50:d2:47:f4:c8:c6:e9:db:
15:a6:e2:a4:20:94:78:9b:64:bb:e8:48:49:e5:a1:
6e:26:d2:6b:25:29:da:34:9b:54:6a:1b:60:07:b7:
e2:8b:ff:f4:05:4e:5b:f1:85:50:c9:32:47:6f:dc:
c6:6c:96:18:28:03:ec:dc:84:7f:55:89:75:80:1b:
ea:86:de:c2:14:01:25:e1:3d:2e:fa:73:b3:af:82:
65:89:64:7f:e8:d6:29:97:e3:65:94:ec:5c:53:13:
c3:4c:85:35:81:c8:64:ab:01:c6:69:63:be:b0:80:
ce:0c:7a:c3:a8:8a:e8:eb:d9:37:95:8e:e7:ca:2a:
e9:19:22:53:b1:de:47:38:a0:9b:ab:9d:2c:ea:4c:
8d:6a:4a:d6:44:34:b3:fb:d7:b0:b0:f9:dc:63:3a:
fd:05:27:3e:84:c5:f1:a0:e2:fd:36:08:97:22:a4:
fe:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8B:76:15:C6:FD:B9:DF:7B:7F:E9:45:B1:66:D1:0B:F4:B3:5C:A4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/08663AF29B8211EFAD03EBAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.80.0/20
Signature Algorithm: sha256WithRSAEncryption
cb:5e:bc:40:92:69:4e:82:86:21:b1:a2:38:f5:3d:76:c2:af:
01:22:fa:15:82:85:58:91:69:8a:75:2a:71:88:f9:dc:cb:11:
f1:c4:bf:f9:38:97:e9:2d:a3:4b:ba:20:39:62:15:60:5a:c7:
d6:19:76:73:de:5b:db:d1:c5:5d:63:d1:25:b9:8c:04:38:c6:
6b:ad:2c:03:df:a6:6b:ba:1a:64:2d:29:ad:c5:48:8b:4a:85:
52:99:ee:90:10:61:4c:e7:4c:93:2e:07:15:87:a3:84:64:c4:
b4:63:9a:f7:8a:0c:d6:d8:54:35:eb:7b:a8:8a:af:38:26:81:
97:86:16:aa:4c:b7:bc:17:ff:cc:b8:7a:75:be:71:0d:c7:4d:
93:2f:9e:bc:d4:e9:ef:4f:3d:17:8d:f0:1e:fd:52:4e:24:de:
0d:3e:28:6c:38:4b:0b:34:cc:f9:ea:06:a0:f2:30:fe:c5:35:
4b:00:5d:3f:2b:b4:5a:69:87:3b:f3:84:d7:5b:6e:b0:2d:0a:
b9:bd:65:7b:c0:b8:1c:d1:55:47:ee:dc:ec:4b:68:e0:30:39:
91:22:63:a0:71:78:da:fd:e7:be:35:b2:e1:b3:b1:f5:a5:48:
0e:c1:c3:88:10:41:e6:b9:48:77:a4:9d:71:86:cf:aa:24:ef:
c5:41:3c:72
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQfzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTQyNjQ0WhcNMjUwMTIwMTQyNjQ0WjAYMRYw
FAYDVQQDEw02NzJhMmIzYi05ZWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtug3rkAA1S4M1LicfGax8wAlKdMV3kM2sP0IEFooJrhUmkrzw1PSdNTS
qMVrQgkL1JMtm9dNbshM2/ds1gojqyI1qb8iXGABoTyG8YdWz19yUNJH9MjG6dsV
puKkIJR4m2S76EhJ5aFuJtJrJSnaNJtUahtgB7fii//0BU5b8YVQyTJHb9zGbJYY
KAPs3IR/VYl1gBvqht7CFAEl4T0u+nOzr4JliWR/6NYpl+NllOxcUxPDTIU1gchk
qwHGaWO+sIDODHrDqIro69k3lY7nyirpGSJTsd5HOKCbq50s6kyNakrWRDSz+9ew
sPncYzr9BSc+hMXxoOL9NgiXIqT+YwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKaL
dhXG/bnfe3/pRbFm0Qv0s1ykMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wODY2M0FGMjlCODIxMUVGQUQwM0VCQUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtVQMA0GCSqGSIb3DQEB
CwUAA4IBAQDLXrxAkmlOgoYhsaI49T12wq8BIvoVgoVYkWmKdSpxiPncyxHxxL/5
OJfpLaNLuiA5YhVgWsfWGXZz3lvb0cVdY9EluYwEOMZrrSwD36ZruhpkLSmtxUiL
SoVSme6QEGFM50yTLgcVh6OEZMS0Y5r3igzW2FQ163uoiq84JoGXhhaqTLe8F//M
uHp1vnENx02TL5681OnvTz0XjfAe/VJOJN4NPihsOEsLNMz56gag8jD+xTVLAF0/
K7RaaYc784TXW26wLQq5vWV7wLgc0VVH7tzsS2jgMDmRImOgcXja/ee+NbLhs7H1
pUgOwcOIEEHmuUh3pJ1xhs+qJO/FQTxy
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:58 2024 by rpki-client on console-fra.rpki-client.org