Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13447BA6A15D11EFB2950C4A762E951A.roa
File: 13447BA6A15D11EFB2950C4A762E951A.roa (raw, json)
Hash identifier: efQJYi7yY7zyzyFV86EnD/OPzGIbuLTTp/PXy/Ti6Rw=
Subject key identifier: 03:50:A5:F5:A0:61:6C:5F:8A:1A:05:38:39:6A:CE:26:D5:EA:48:14
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010C77
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13447BA6A15D11EFB2950C4A762E951A.roa
Signing time: Wed 13 Nov 2024 01:17:40 +0000
ROA not before: Wed 13 Nov 2024 01:17:36 +0000
ROA not after: Sat 12 Jul 2025 01:17:36 +0000
asID: 55967
IP address blocks: 154.85.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68727 (0x10c77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 13 01:17:36 2024 GMT
Not After : Jul 12 01:17:36 2025 GMT
Subject: CN=6733fe34-0460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:85:dc:7a:ac:c0:4f:ec:bf:cc:ad:e6:90:5f:
af:dd:fe:84:10:8e:8d:16:24:68:ab:bf:d8:aa:36:
4a:8d:70:81:51:63:42:a7:4d:fd:a8:2d:3d:75:5f:
b3:e0:24:6a:60:ce:29:24:e1:2f:f9:5f:04:51:4f:
19:dc:13:3d:4d:87:fd:65:23:e4:0b:3a:7e:c4:68:
4f:ae:d5:75:70:20:47:86:0f:e8:0f:9d:51:aa:0c:
8d:1c:0d:56:50:b2:bf:90:eb:2d:ef:08:48:6b:8f:
51:0e:3e:19:4f:15:8f:51:c3:f9:b3:2f:90:30:e4:
ad:98:eb:f7:a7:6f:0a:8f:e6:2f:cb:e4:86:8b:59:
61:2a:e0:3e:49:f8:07:ac:08:7d:c4:c5:52:f1:d5:
e2:4f:63:90:a6:d7:71:07:8f:52:ec:64:cc:05:28:
2b:53:4b:40:fc:16:33:dc:61:b1:d4:e2:04:61:cb:
cc:48:85:8e:76:13:26:70:5d:6b:94:fa:f0:5e:b8:
e3:a1:ee:f9:c5:85:4e:1b:0c:6e:4c:48:11:a6:8b:
56:e6:a5:5e:23:74:88:30:ea:d1:48:07:ab:b4:19:
26:76:2d:c2:b2:9f:e3:cc:ee:b1:e1:3d:b6:6a:55:
79:05:28:a7:f3:f0:d2:6a:47:3f:c5:ed:3a:55:86:
48:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:50:A5:F5:A0:61:6C:5F:8A:1A:05:38:39:6A:CE:26:D5:EA:48:14
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/13447BA6A15D11EFB2950C4A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.40.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:f6:e8:b6:2d:5a:5e:34:ea:b6:6e:6e:bd:bb:70:00:e1:a1:
e6:9b:e8:30:0e:05:72:23:72:30:5d:2d:42:04:91:a6:34:54:
8a:d9:64:05:26:b8:65:f8:ee:07:a2:4f:9b:a4:1f:54:48:5d:
7b:c0:a6:4d:15:67:2d:79:3e:cf:bf:88:b7:db:06:de:f1:7e:
0d:6c:1d:e3:a5:96:d3:9d:2d:5b:fa:20:0e:2a:d7:ff:0d:22:
4a:64:7b:6c:45:4b:dd:fd:b3:01:e7:c7:6c:9a:70:65:f1:e1:
8e:cd:d6:20:ac:16:aa:09:1f:ed:de:28:4d:09:e4:29:68:7e:
e4:83:98:79:f1:47:50:c0:6c:48:59:82:3c:5e:1d:0c:d0:e3:
72:ea:b1:74:ce:13:47:dc:d8:63:a3:11:ee:b6:63:cb:ba:da:
7d:1a:04:29:71:ad:44:d3:99:db:5c:7b:ba:f7:92:19:5f:81:
d4:fe:f9:48:9a:4e:9c:4c:36:3c:b7:54:14:5b:24:bf:ea:b2:
b3:00:6e:ca:22:c5:b0:89:8d:4c:3d:3d:58:53:10:62:db:b2:
d4:62:f4:a2:c8:79:7b:9b:eb:8b:55:db:ff:67:fd:6f:97:e7:
82:54:3e:cb:a3:35:52:e0:06:35:31:dd:c4:c5:92:46:d9:b7:
5c:ed:7a:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQx3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTEzMDExNzM2WhcNMjUwNzEyMDExNzM2WjAYMRYw
FAYDVQQDEw02NzMzZmUzNC0wNDYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAloXceqzAT+y/zK3mkF+v3f6EEI6NFiRoq7/YqjZKjXCBUWNCp039qC09
dV+z4CRqYM4pJOEv+V8EUU8Z3BM9TYf9ZSPkCzp+xGhPrtV1cCBHhg/oD51RqgyN
HA1WULK/kOst7whIa49RDj4ZTxWPUcP5sy+QMOStmOv3p28Kj+Yvy+SGi1lhKuA+
SfgHrAh9xMVS8dXiT2OQptdxB49S7GTMBSgrU0tA/BYz3GGx1OIEYcvMSIWOdhMm
cF1rlPrwXrjjoe75xYVOGwxuTEgRpotW5qVeI3SIMOrRSAertBkmdi3Csp/jzO6x
4T22alV5BSin8/DSakc/xe06VYZIBwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFANQ
pfWgYWxfihoFODlqzibV6kgUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMzQ0N0JBNkExNUQxMUVGQjI5NTBDNEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlUoMA0GCSqGSIb3DQEB
CwUAA4IBAQCP9ui2LVpeNOq2bm69u3AA4aHmm+gwDgVyI3IwXS1CBJGmNFSK2WQF
Jrhl+O4Hok+bpB9USF17wKZNFWcteT7Pv4i32wbe8X4NbB3jpZbTnS1b+iAOKtf/
DSJKZHtsRUvd/bMB58dsmnBl8eGOzdYgrBaqCR/t3ihNCeQpaH7kg5h58UdQwGxI
WYI8Xh0M0ONy6rF0zhNH3NhjoxHutmPLutp9GgQpca1E05nbXHu695IZX4HU/vlI
mk6cTDY8t1QUWyS/6rKzAG7KIsWwiY1MPT1YUxBi27LUYvSiyHl7m+uLVdv/Z/1v
l+eCVD7LozVS4AY1Md3ExZJG2bdc7XrA
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:22 2024 by rpki-client on console-fra.rpki-client.org