Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12C9C89EA9C211EFA2B1C184762E951A.roa
File: 12C9C89EA9C211EFA2B1C184762E951A.roa (raw, json)
Hash identifier: ia8hWm+Y1plIE+dlYV72B9oS1C+A7ClsgBKXItoXZ9s=
Subject key identifier: D9:CC:F2:0C:70:86:E4:9B:9F:2D:D5:D9:68:E9:CE:65:F0:83:98:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0111C6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12C9C89EA9C211EFA2B1C184762E951A.roa
Signing time: Sat 23 Nov 2024 17:40:47 +0000
ROA not before: Sat 23 Nov 2024 17:40:44 +0000
ROA not after: Mon 09 Dec 2024 17:40:44 +0000
asID: 5065
IP address blocks: 154.206.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70086 (0x111c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 23 17:40:44 2024 GMT
Not After : Dec 9 17:40:44 2024 GMT
Subject: CN=6742139f-98c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f5:2b:61:a2:f1:22:f3:33:07:27:ed:ca:db:
3f:f7:92:98:fa:24:94:9d:34:b6:33:21:e4:d7:05:
5a:61:b2:f8:7e:95:72:11:9a:05:ba:fe:da:00:4e:
d2:2b:e0:54:19:f0:17:73:6b:52:90:8a:25:7a:4b:
30:51:d3:1c:89:55:95:c9:75:d1:4d:a9:98:0b:8c:
e8:f8:e0:6b:69:66:b4:7d:3b:f1:7e:5b:60:c8:88:
17:f2:44:d6:b7:ff:fb:41:cc:49:57:a2:24:3e:ed:
40:6a:e4:7c:51:03:2c:f0:9f:e4:49:bc:58:aa:41:
06:45:fb:b0:5c:60:a9:37:bc:6f:21:5c:61:30:92:
7c:5f:73:dd:67:75:0c:ab:15:a0:43:97:32:d4:7a:
c6:04:1f:6f:fd:25:92:b7:e8:91:24:5d:25:60:d8:
74:cc:8b:1d:c3:d9:49:ff:e5:36:62:e0:e2:2f:d1:
01:3e:e3:0c:32:d1:f1:07:7f:0d:09:7b:09:33:f9:
a2:6f:63:f5:39:66:54:ae:c8:be:27:56:d7:36:dc:
10:59:57:5c:23:10:be:3d:3d:5b:69:30:76:e3:1d:
98:4f:b6:70:b6:bf:2e:0c:d3:eb:f8:78:8b:05:74:
f1:31:38:e8:d7:f9:4f:3a:9b:2b:dc:12:bf:25:f2:
79:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:CC:F2:0C:70:86:E4:9B:9F:2D:D5:D9:68:E9:CE:65:F0:83:98:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/12C9C89EA9C211EFA2B1C184762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.35.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:3b:53:fa:b1:d5:c6:51:34:f5:cc:17:86:ae:2e:0f:2e:52:
a7:36:a9:c3:f6:ef:aa:c2:11:98:c6:98:8a:1a:a4:96:77:fe:
37:ee:62:22:05:de:b7:ee:96:5a:81:49:89:10:a3:f9:44:cd:
b5:aa:9c:94:ff:b0:e9:9a:69:12:81:2f:af:b0:40:4f:54:de:
f4:8f:3f:f2:13:b6:37:16:67:91:63:cd:7d:60:07:eb:88:4b:
1e:71:57:74:73:1e:56:f9:03:29:74:6b:7d:2b:74:0a:d8:52:
49:34:36:69:33:ba:5d:ca:0a:ee:eb:f9:ed:8b:b6:5a:d3:6f:
6a:28:b3:a4:71:24:fc:b6:5e:8e:9a:55:7f:1f:c1:15:80:1c:
66:bf:db:ea:79:fc:14:01:13:69:18:e0:b8:e5:3b:38:d6:82:
2e:66:cf:bb:a4:ab:fc:7e:d7:2d:9b:d8:0d:3b:1e:06:09:08:
30:43:ae:4b:c8:96:92:78:58:b1:6e:ec:ea:22:2c:34:54:73:
76:2c:0e:26:07:3a:9f:9d:01:e0:ee:2c:e0:3d:07:43:25:c2:
91:e5:c9:2c:4c:3b:67:da:d1:f3:43:d7:6f:f4:a0:13:73:c9:
91:61:1a:6b:ea:ca:2e:c5:03:ca:6c:b2:5c:0f:b3:5c:95:39:
dc:1e:34:d4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARHGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIzMTc0MDQ0WhcNMjQxMjA5MTc0MDQ0WjAYMRYw
FAYDVQQDEw02NzQyMTM5Zi05OGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsfUrYaLxIvMzByftyts/95KY+iSUnTS2MyHk1wVaYbL4fpVyEZoFuv7a
AE7SK+BUGfAXc2tSkIolekswUdMciVWVyXXRTamYC4zo+OBraWa0fTvxfltgyIgX
8kTWt//7QcxJV6IkPu1AauR8UQMs8J/kSbxYqkEGRfuwXGCpN7xvIVxhMJJ8X3Pd
Z3UMqxWgQ5cy1HrGBB9v/SWSt+iRJF0lYNh0zIsdw9lJ/+U2YuDiL9EBPuMMMtHx
B38NCXsJM/mib2P1OWZUrsi+J1bXNtwQWVdcIxC+PT1baTB24x2YT7Zwtr8uDNPr
+HiLBXTxMTjo1/lPOpsr3BK/JfJ5xQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNnM
8gxwhuSbny3V2WjpzmXwg5hAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMkM5Qzg5RUE5QzIxMUVGQTJCMUMxODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4jMA0GCSqGSIb3DQEB
CwUAA4IBAQDQO1P6sdXGUTT1zBeGri4PLlKnNqnD9u+qwhGYxpiKGqSWd/437mIi
Bd637pZagUmJEKP5RM21qpyU/7DpmmkSgS+vsEBPVN70jz/yE7Y3FmeRY819YAfr
iEsecVd0cx5W+QMpdGt9K3QK2FJJNDZpM7pdygru6/nti7Za029qKLOkcST8tl6O
mlV/H8EVgBxmv9vqefwUARNpGOC45Ts41oIuZs+7pKv8ftctm9gNOx4GCQgwQ65L
yJaSeFixbuzqIiw0VHN2LA4mBzqfnQHg7izgPQdDJcKR5cksTDtn2tHzQ9dv9KAT
c8mRYRpr6souxQPKbLJcD7NclTncHjTU
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:33:57 2024 by rpki-client on console-ams.rpki-client.org