Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09B67DE49C1E11EF8002898A762E951A.roa
File: 09B67DE49C1E11EF8002898A762E951A.roa (raw, json)
Hash identifier: NDHVBCjLOGzJTQlGhYS8vs4NOXPbeV+pQQqzQaOLg7Y=
Subject key identifier: 7A:A6:41:67:68:87:6E:77:2A:09:63:2C:BA:C0:58:81:EC:ED:8B:BE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01087C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09B67DE49C1E11EF8002898A762E951A.roa
Signing time: Wed 06 Nov 2024 09:03:50 +0000
ROA not before: Wed 06 Nov 2024 09:03:46 +0000
ROA not after: Wed 23 Dec 2026 09:03:46 +0000
asID: 133012
IP address blocks: 154.91.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67708 (0x1087c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 6 09:03:46 2024 GMT
Not After : Dec 23 09:03:46 2026 GMT
Subject: CN=672b30f6-d963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d0:7a:e3:25:0a:ee:c9:be:8f:74:f8:91:d9:
0b:fc:78:27:d9:83:ba:7c:ec:2e:aa:70:46:a0:c6:
1c:01:c1:bc:e2:dd:fb:9e:fd:80:08:b0:d0:e9:93:
03:47:4c:f5:6c:26:bc:4d:db:29:f4:c9:c3:3c:2a:
14:f5:31:4d:2d:84:35:f8:ea:c5:b9:75:2f:af:cd:
b0:d3:21:71:9c:e9:c9:28:91:98:4c:0d:11:83:b6:
7e:22:cf:41:64:1c:8e:8d:9a:fb:6c:c0:66:30:d0:
68:f6:80:62:30:f2:d1:9b:8f:f1:b1:3d:99:77:0a:
20:39:8b:67:03:29:a6:70:9e:e4:8d:c5:e7:31:5c:
d0:fb:22:54:c6:71:c5:0f:3c:59:65:43:58:ec:ea:
c9:07:79:9e:4f:ae:ae:a4:a6:1d:e8:0d:c5:1c:1e:
12:0c:7d:e9:73:6c:c1:f0:6e:4e:ab:34:a9:53:b8:
b4:75:04:d5:8d:2a:ca:82:ba:99:8a:7a:6a:72:c7:
fc:09:72:af:c4:28:f7:9f:d6:38:a7:26:0a:e3:79:
9a:2e:a7:6b:d1:0c:a7:d1:8b:21:ea:47:4c:62:0c:
03:06:9b:e8:27:b8:b3:f9:0c:c6:cd:4e:7b:b8:98:
e2:8e:63:6c:68:94:6b:fc:b6:66:f4:ca:9d:d5:61:
02:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A6:41:67:68:87:6E:77:2A:09:63:2C:BA:C0:58:81:EC:ED:8B:BE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/09B67DE49C1E11EF8002898A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.3.0/24
Signature Algorithm: sha256WithRSAEncryption
59:61:7e:2c:6e:5d:ae:57:4d:f5:d3:74:64:9c:6c:20:55:ad:
fd:c3:92:b0:2d:9a:9e:37:f9:1d:2d:63:9d:9e:38:5e:9c:35:
43:6a:55:a6:ef:c6:1a:51:25:99:c9:b3:51:1d:b0:83:23:42:
3e:5b:e0:bf:3d:41:aa:27:24:67:94:0d:94:d3:44:85:22:1d:
21:b0:6e:66:95:da:f3:83:aa:47:2d:de:05:ad:78:f0:e3:71:
3e:f0:6c:a1:50:fa:ae:54:09:93:a0:11:b3:35:09:be:71:75:
c6:3b:36:65:1d:14:dc:2f:e4:b0:96:8c:ff:b3:06:9e:ac:ec:
96:7d:07:6e:86:1b:4a:c2:8e:40:52:ad:a4:c0:cf:62:b4:02:
21:97:d6:86:eb:ae:0a:dd:95:3a:c3:51:7a:a4:7b:85:21:45:
ef:d7:dc:cc:8f:d0:c6:a6:59:8c:58:27:c2:1c:a9:8c:ed:6b:
c1:0b:83:84:ab:ed:5c:e2:f1:54:9b:a7:c9:02:30:9f:fd:9b:
a3:16:01:fc:46:21:c2:ac:19:ad:bb:50:72:95:84:09:9e:26:
3c:1b:30:9e:07:53:62:a5:da:34:34:a9:09:00:a4:b3:c9:53:
47:09:cf:4b:01:79:84:a6:30:ed:ab:92:31:3a:a0:f1:8b:8a:
c8:0d:39:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQh8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA2MDkwMzQ2WhcNMjYxMjIzMDkwMzQ2WjAYMRYw
FAYDVQQDEw02NzJiMzBmNi1kOTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvdB64yUK7sm+j3T4kdkL/Hgn2YO6fOwuqnBGoMYcAcG84t37nv2ACLDQ
6ZMDR0z1bCa8Tdsp9MnDPCoU9TFNLYQ1+OrFuXUvr82w0yFxnOnJKJGYTA0Rg7Z+
Is9BZByOjZr7bMBmMNBo9oBiMPLRm4/xsT2ZdwogOYtnAymmcJ7kjcXnMVzQ+yJU
xnHFDzxZZUNY7OrJB3meT66upKYd6A3FHB4SDH3pc2zB8G5OqzSpU7i0dQTVjSrK
grqZinpqcsf8CXKvxCj3n9Y4pyYK43maLqdr0Qyn0Ysh6kdMYgwDBpvoJ7iz+QzG
zU57uJjijmNsaJRr/LZm9Mqd1WECWwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHqm
QWdoh253KgljLLrAWIHs7Yu+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wOUI2N0RFNDlDMUUxMUVGODAwMjg5OEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlsDMA0GCSqGSIb3DQEB
CwUAA4IBAQBZYX4sbl2uV03103RknGwgVa39w5KwLZqeN/kdLWOdnjhenDVDalWm
78YaUSWZybNRHbCDI0I+W+C/PUGqJyRnlA2U00SFIh0hsG5mldrzg6pHLd4FrXjw
43E+8GyhUPquVAmToBGzNQm+cXXGOzZlHRTcL+Swloz/swaerOyWfQduhhtKwo5A
Uq2kwM9itAIhl9aG664K3ZU6w1F6pHuFIUXv19zMj9DGplmMWCfCHKmM7WvBC4OE
q+1c4vFUm6fJAjCf/ZujFgH8RiHCrBmtu1BylYQJniY8GzCeB1Nipdo0NKkJAKSz
yVNHCc9LAXmEpjDtq5IxOqDxi4rIDTnR
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:58 2024 by rpki-client on console-fra.rpki-client.org