Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14F2B130A19D11EFBCDD664B762E951A.roa
File: 14F2B130A19D11EFBCDD664B762E951A.roa (raw, json)
Hash identifier: YJbd2brRYvnSHwG7S3Gac6v50bHAPuhKQdb8RSu8F0g=
Subject key identifier: 4D:22:7D:6F:70:B1:9B:8B:E1:34:CE:0A:7F:E0:1A:E2:72:07:F7:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010CC9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14F2B130A19D11EFBCDD664B762E951A.roa
Signing time: Wed 13 Nov 2024 08:55:50 +0000
ROA not before: Wed 13 Nov 2024 08:55:47 +0000
ROA not after: Sat 23 Nov 2024 08:55:47 +0000
asID: 136778
IP address blocks: 154.212.144.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 08:55:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68809 (0x10cc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 13 08:55:47 2024 GMT
Not After : Nov 23 08:55:47 2024 GMT
Subject: CN=67346996-9053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:88:2d:21:57:1b:c6:d0:98:f5:8c:da:02:76:
0b:80:ed:55:38:7a:f0:58:94:1c:73:74:49:db:30:
dc:e3:cd:9f:5c:ab:e8:6a:6a:76:53:56:26:0b:96:
26:72:d4:22:9a:5f:3b:27:29:f6:74:13:40:29:e4:
74:0a:bc:3a:da:9b:0d:71:1c:bc:58:21:ad:b3:53:
56:6d:33:95:ee:84:4d:f5:bd:5e:d0:28:45:06:fc:
4a:1a:4a:0d:39:55:0e:73:9e:5e:dc:bf:ca:ec:2d:
83:78:e2:2e:f3:42:54:57:97:a0:57:3b:fb:ef:87:
21:e9:ed:43:d0:a5:c5:41:2d:0f:b2:7a:92:0a:70:
2c:1a:3f:f0:cb:88:28:78:ed:d6:eb:56:c1:8a:0a:
40:bf:38:b1:9b:97:b5:b8:ab:2e:98:c9:ab:77:4e:
e3:8d:3f:62:10:19:5c:11:6c:de:d8:8f:f5:80:84:
f7:f2:cb:da:4d:02:01:ea:1b:a9:9d:d1:c2:24:0d:
a6:9e:71:69:bf:4d:12:33:37:95:6d:b5:08:d9:9c:
be:b1:12:f8:1a:2a:c7:1c:72:d0:ea:49:27:50:3a:
b0:17:db:bc:f3:50:91:a5:49:53:ae:ca:98:45:f1:
8b:0e:7c:b0:3c:20:5b:68:e4:23:3b:be:15:6d:6d:
c7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:22:7D:6F:70:B1:9B:8B:E1:34:CE:0A:7F:E0:1A:E2:72:07:F7:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14F2B130A19D11EFBCDD664B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.144.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:53:76:76:f4:5d:89:ba:c0:fc:60:1f:db:b1:33:86:fa:99:
e1:1f:cf:2e:15:65:16:d3:b0:7c:65:8c:65:61:1c:1e:a2:70:
94:10:f0:f8:e1:7f:4a:6e:1a:2b:58:77:d5:97:93:88:37:10:
db:72:68:29:2d:5c:23:2f:06:c6:c5:ea:76:b3:69:68:d8:e7:
af:99:80:88:1d:26:d8:82:ee:1a:8d:8b:13:82:85:63:8d:1b:
00:d7:35:4d:83:63:cc:cf:a4:62:c0:1c:96:42:36:0b:0d:54:
b3:94:68:cf:68:c1:56:15:72:ec:42:6f:6e:4c:e9:63:2a:54:
68:15:ad:b0:ea:45:50:2d:fa:cd:da:6d:78:5e:ae:fe:6a:75:
50:43:7b:f2:2d:c1:71:95:14:9a:57:2e:97:ad:a5:f1:10:33:
93:c3:da:47:26:fd:96:20:e7:f9:11:80:81:fd:12:66:d3:8b:
0d:75:bb:93:03:b7:0e:db:4b:5a:f3:1f:5f:64:3e:0f:37:f1:
fe:01:1a:fc:06:a4:ef:3f:8a:c6:ac:f1:cd:45:35:d1:4d:a0:
01:54:c4:cf:50:df:61:db:2d:01:49:44:49:58:5d:f6:33:3d:
b3:cc:62:4b:d1:83:43:03:13:23:3a:11:50:c0:5a:8b:7e:3d:
b5:33:5e:16
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQzJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTEzMDg1NTQ3WhcNMjQxMTIzMDg1NTQ3WjAYMRYw
FAYDVQQDEw02NzM0Njk5Ni05MDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmogtIVcbxtCY9YzaAnYLgO1VOHrwWJQcc3RJ2zDc482fXKvoamp2U1Ym
C5YmctQiml87Jyn2dBNAKeR0Crw62psNcRy8WCGts1NWbTOV7oRN9b1e0ChFBvxK
GkoNOVUOc55e3L/K7C2DeOIu80JUV5egVzv774ch6e1D0KXFQS0PsnqSCnAsGj/w
y4goeO3W61bBigpAvzixm5e1uKsumMmrd07jjT9iEBlcEWze2I/1gIT38svaTQIB
6hupndHCJA2mnnFpv00SMzeVbbUI2Zy+sRL4GirHHHLQ6kknUDqwF9u881CRpUlT
rsqYRfGLDnywPCBbaOQjO74VbW3H7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE0i
fW9wsZuL4TTOCn/gGuJyB/euMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNEYyQjEzMEExOUQxMUVGQkNERDY2NEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtSQMA0GCSqGSIb3DQEB
CwUAA4IBAQAKU3Z29F2JusD8YB/bsTOG+pnhH88uFWUW07B8ZYxlYRweonCUEPD4
4X9KbhorWHfVl5OINxDbcmgpLVwjLwbGxep2s2lo2OevmYCIHSbYgu4ajYsTgoVj
jRsA1zVNg2PMz6RiwByWQjYLDVSzlGjPaMFWFXLsQm9uTOljKlRoFa2w6kVQLfrN
2m14Xq7+anVQQ3vyLcFxlRSaVy6XraXxEDOTw9pHJv2WIOf5EYCB/RJm04sNdbuT
A7cO20ta8x9fZD4PN/H+ARr8BqTvP4rGrPHNRTXRTaABVMTPUN9h2y0BSURJWF32
Mz2zzGJL0YNDAxMjOhFQwFqLfj21M14W
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:59 2024 by rpki-client on console-fra.rpki-client.org