Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1157EF94A8DD11EF9259E363762E951A.roa
File: 1157EF94A8DD11EF9259E363762E951A.roa (raw, json)
Hash identifier: JfG+EKb6qNa0jdVP5EZBBU2Hx2XD0CszQSUa6/sFg/s=
Subject key identifier: 07:8A:BB:48:54:2C:7C:05:BF:20:44:75:3D:A3:44:35:C6:75:8D:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011063
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1157EF94A8DD11EF9259E363762E951A.roa
Signing time: Fri 22 Nov 2024 14:21:30 +0000
ROA not before: Fri 22 Nov 2024 14:21:27 +0000
ROA not after: Mon 09 Dec 2024 14:21:27 +0000
asID: 5065
IP address blocks: 154.206.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69731 (0x11063)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 14:21:27 2024 GMT
Not After : Dec 9 14:21:27 2024 GMT
Subject: CN=6740936a-c74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0e:6d:fe:e5:f2:c2:44:a1:f2:ba:47:68:2c:
f7:cf:a4:07:22:ed:91:06:54:66:98:fd:67:02:b6:
35:94:a2:87:70:e0:a6:00:e6:a7:43:bd:92:99:44:
6e:16:d8:46:a9:4b:46:e1:cf:96:29:59:e1:cb:69:
47:79:fb:41:87:3e:6c:f3:d7:8e:a4:56:29:0e:1f:
f9:bb:57:ac:17:2d:02:c7:79:a7:4d:82:b4:94:9f:
69:dd:06:f2:2d:4c:c1:17:b4:5e:d8:a8:c8:36:b3:
5c:a9:e7:f5:d7:9e:af:9b:5f:51:18:69:6c:9f:35:
d7:25:76:a9:45:48:2f:17:09:cd:b6:ae:02:42:d6:
ab:ad:4b:4f:e5:20:b2:5a:c0:7c:31:56:0c:4b:54:
eb:9e:00:f1:06:2a:37:9d:94:6a:29:fb:cc:c8:e6:
06:90:23:34:83:ba:31:7e:8b:d0:04:f8:4f:19:44:
20:c7:09:dc:63:f9:2b:45:08:6f:61:00:2e:7a:d3:
62:ef:5e:46:fb:aa:bd:42:89:6a:aa:fa:e8:e4:6e:
98:5b:42:cf:a2:3a:8b:61:bf:29:fa:83:bd:17:d9:
34:d5:84:80:6c:96:d3:bb:d9:bc:90:ac:65:fa:45:
b9:df:6e:4d:b8:de:3b:69:66:e8:75:c0:ce:b5:4e:
6a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8A:BB:48:54:2C:7C:05:BF:20:44:75:3D:A3:44:35:C6:75:8D:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1157EF94A8DD11EF9259E363762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.41.0/24
Signature Algorithm: sha256WithRSAEncryption
05:e5:72:87:62:d9:7e:7a:6a:fc:91:9f:df:40:c3:73:a4:6e:
73:ac:23:9c:72:79:62:fb:f3:a1:90:9b:36:12:57:a6:6c:66:
1b:80:01:95:5d:5b:f1:af:1f:b1:db:62:a6:5a:5e:a0:62:f0:
7d:45:81:8e:34:cb:ca:17:5f:7e:49:1f:38:01:ea:f3:df:ab:
5b:d6:8d:ae:54:9b:ba:38:b3:95:47:25:86:e4:6b:08:78:0a:
68:ed:3e:d0:62:cd:e4:b3:fb:7f:24:69:23:29:38:4b:c9:7f:
ee:f3:dd:78:ec:1c:6c:e6:fd:32:a1:f1:85:9a:c2:d5:54:77:
d6:a8:1e:f2:12:06:bf:24:30:ee:2d:d6:58:e6:50:0c:d9:0f:
ab:0a:c8:79:92:5b:ba:e1:11:5c:5f:e8:f7:2f:38:a6:d8:8e:
89:20:ae:e9:64:4f:93:7f:48:95:59:b1:50:b9:a9:3c:c8:bb:
70:02:50:3a:ae:7c:44:4b:34:85:46:b2:cb:3c:92:a5:a9:e9:
fd:17:59:f2:3c:c0:0d:b8:86:a0:5b:44:33:82:f8:0e:2f:82:
4f:1f:78:b7:fc:b4:93:44:26:bd:be:20:80:8d:fe:09:87:59:
2e:60:c4:f7:9d:a9:54:f6:bf:23:4b:91:24:c7:b8:3a:30:ef:
1a:fc:50:12
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARBjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTQyMTI3WhcNMjQxMjA5MTQyMTI3WjAYMRYw
FAYDVQQDEw02NzQwOTM2YS1jNzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtg5t/uXywkSh8rpHaCz3z6QHIu2RBlRmmP1nArY1lKKHcOCmAOanQ72S
mURuFthGqUtG4c+WKVnhy2lHeftBhz5s89eOpFYpDh/5u1esFy0Cx3mnTYK0lJ9p
3QbyLUzBF7Re2KjINrNcqef1156vm19RGGlsnzXXJXapRUgvFwnNtq4CQtarrUtP
5SCyWsB8MVYMS1TrngDxBio3nZRqKfvMyOYGkCM0g7oxfovQBPhPGUQgxwncY/kr
RQhvYQAuetNi715G+6q9Qolqqvro5G6YW0LPojqLYb8p+oO9F9k01YSAbJbTu9m8
kKxl+kW5325NuN47aWbodcDOtU5qfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAeK
u0hULHwFvyBEdT2jRDXGdY1SMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMTU3RUY5NEE4REQxMUVGOTI1OUUzNjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4pMA0GCSqGSIb3DQEB
CwUAA4IBAQAF5XKHYtl+emr8kZ/fQMNzpG5zrCOccnli+/OhkJs2ElembGYbgAGV
XVvxrx+x22KmWl6gYvB9RYGONMvKF19+SR84Aerz36tb1o2uVJu6OLOVRyWG5GsI
eApo7T7QYs3ks/t/JGkjKThLyX/u89147Bxs5v0yofGFmsLVVHfWqB7yEga/JDDu
LdZY5lAM2Q+rCsh5klu64RFcX+j3Lzim2I6JIK7pZE+Tf0iVWbFQuak8yLtwAlA6
rnxESzSFRrLLPJKlqen9F1nyPMANuIagW0QzgvgOL4JPH3i3/LSTRCa9viCAjf4J
h1kuYMT3nalU9r8jS5Ekx7g6MO8a/FAS
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:22 2024 by rpki-client on console-fra.rpki-client.org