Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F7D8FF8A8CE11EFBD61C885762E951A.roa
File: 0F7D8FF8A8CE11EFBD61C885762E951A.roa (raw, json)
Hash identifier: ksC9oCQ1qZZJFvzGBZS9Yz8oh3tCF+oCH+IvyFsmmlM=
Subject key identifier: 0F:C4:8B:22:3E:16:4E:85:40:05:52:59:23:02:C7:76:E3:8C:97:60
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01101D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F7D8FF8A8CE11EFBD61C885762E951A.roa
Signing time: Fri 22 Nov 2024 12:34:05 +0000
ROA not before: Fri 22 Nov 2024 12:34:01 +0000
ROA not after: Sat 30 Nov 2024 12:34:01 +0000
asID: 137443
IP address blocks: 154.223.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69661 (0x1101d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 12:34:01 2024 GMT
Not After : Nov 30 12:34:01 2024 GMT
Subject: CN=67407a3d-a3a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ee:7f:7c:52:5c:8a:3f:b1:28:ec:25:52:e8:
3b:15:ce:19:87:28:9b:0a:11:46:41:ef:45:cb:e4:
6a:b6:a2:00:1a:39:5b:4b:62:82:73:61:7a:fe:73:
63:27:9e:ea:09:70:65:cb:f9:cf:6a:ef:41:77:f7:
36:34:a3:c7:43:9d:f1:cd:ed:be:f9:ba:9b:ed:c7:
0f:43:82:67:ff:a2:01:5e:f0:2d:d8:83:81:80:4c:
de:a9:cb:b5:48:4d:95:43:38:16:ee:61:20:91:7f:
7a:8b:cc:04:c0:c1:60:ef:df:12:25:26:06:76:cf:
7a:3a:b2:59:31:a2:2a:e8:bc:ba:fd:03:7b:39:37:
18:36:e3:b4:6e:6f:9f:6e:87:74:4e:ad:56:00:f7:
5b:6a:dc:d1:1f:0e:69:47:b5:18:42:3a:22:07:8c:
eb:50:c3:0d:e6:87:a7:f7:f3:6e:13:0a:24:91:ce:
99:9c:34:b2:39:f8:75:c8:9a:b3:46:4c:56:ae:f3:
d3:16:2e:7f:cf:8b:73:25:49:2d:ba:66:cc:32:83:
1d:5e:1f:bd:73:54:e7:18:4b:a8:2e:b5:73:8e:d9:
c0:48:58:81:3e:39:7e:e9:20:66:71:2c:25:e4:ed:
87:50:13:4b:0d:72:f5:b2:e0:45:33:82:85:06:05:
e7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C4:8B:22:3E:16:4E:85:40:05:52:59:23:02:C7:76:E3:8C:97:60
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F7D8FF8A8CE11EFBD61C885762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.176.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:eb:2b:72:fc:0e:38:e3:aa:6a:26:ac:f9:56:01:4a:da:65:
e7:1f:d1:73:61:cf:e2:d6:f3:e8:f8:d0:3c:e7:d5:71:a1:49:
3f:78:88:55:68:14:a7:cf:4f:aa:15:33:05:04:78:47:19:1b:
e0:53:a4:cb:a4:93:e0:db:a4:03:8c:b0:6b:46:e9:ec:28:67:
50:e9:65:2a:39:9b:4e:d9:81:fe:bf:d2:87:b6:c2:10:fa:b7:
a2:7e:20:36:6c:94:75:10:2b:6e:11:6f:c6:a0:15:6e:93:c8:
e9:f0:d9:32:a0:72:69:d7:89:36:00:56:49:cf:5e:4b:f5:5c:
d6:ef:0c:80:15:29:6c:45:ef:50:45:e0:a5:72:ac:0d:e3:87:
b0:e2:e4:6e:d2:a4:f4:ab:2d:e0:84:37:af:30:ef:fd:19:2c:
79:d2:ec:90:4a:9e:c7:43:e2:9a:fc:24:97:c4:aa:0a:a1:1e:
99:c3:1a:6f:a9:4d:96:6c:e4:66:65:1d:cf:10:ce:1e:2f:7c:
0d:b6:7f:a8:9f:e6:9b:c5:5e:25:66:3a:39:14:c3:20:3b:a6:
3d:24:02:ad:fd:44:6a:68:57:a8:c8:09:5f:a7:ef:7c:63:20:
81:33:e1:de:06:6d:67:b1:12:fb:39:bb:68:84:ad:23:f4:05:
cb:cb:c1:ae
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARAdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTIzNDAxWhcNMjQxMTMwMTIzNDAxWjAYMRYw
FAYDVQQDEw02NzQwN2EzZC1hM2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwO5/fFJcij+xKOwlUug7Fc4ZhyibChFGQe9Fy+RqtqIAGjlbS2KCc2F6
/nNjJ57qCXBly/nPau9Bd/c2NKPHQ53xze2++bqb7ccPQ4Jn/6IBXvAt2IOBgEze
qcu1SE2VQzgW7mEgkX96i8wEwMFg798SJSYGds96OrJZMaIq6Ly6/QN7OTcYNuO0
bm+fbod0Tq1WAPdbatzRHw5pR7UYQjoiB4zrUMMN5oen9/NuEwokkc6ZnDSyOfh1
yJqzRkxWrvPTFi5/z4tzJUktumbMMoMdXh+9c1TnGEuoLrVzjtnASFiBPjl+6SBm
cSwl5O2HUBNLDXL1suBFM4KFBgXnGwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA/E
iyI+Fk6FQAVSWSMCx3bjjJdgMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRjdEOEZGOEE4Q0UxMUVGQkQ2MUM4ODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+wMA0GCSqGSIb3DQEB
CwUAA4IBAQA96yty/A4446pqJqz5VgFK2mXnH9FzYc/i1vPo+NA859VxoUk/eIhV
aBSnz0+qFTMFBHhHGRvgU6TLpJPg26QDjLBrRunsKGdQ6WUqOZtO2YH+v9KHtsIQ
+reifiA2bJR1ECtuEW/GoBVuk8jp8NkyoHJp14k2AFZJz15L9VzW7wyAFSlsRe9Q
ReClcqwN44ew4uRu0qT0qy3ghDevMO/9GSx50uyQSp7HQ+Ka/CSXxKoKoR6Zwxpv
qU2WbORmZR3PEM4eL3wNtn+on+abxV4lZjo5FMMgO6Y9JAKt/URqaFeoyAlfp+98
YyCBM+HeBm1nsRL7ObtohK0j9AXLy8Gu
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:21 2024 by rpki-client on console-fra.rpki-client.org