Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174A0EF07F1111EFA2C9F95D762E951A.roa
File: 174A0EF07F1111EFA2C9F95D762E951A.roa (raw, json)
Hash identifier: 7hsD1PC7ma8DCyQl4IKOERv/eICsoGIeN0zBnNdfrHM=
Subject key identifier: B1:31:2E:5C:3F:C8:67:D2:BD:ED:C1:75:97:EF:35:36:F6:D1:00:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: F5C6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174A0EF07F1111EFA2C9F95D762E951A.roa
Signing time: Mon 30 Sep 2024 09:48:05 +0000
ROA not before: Mon 30 Sep 2024 09:48:02 +0000
ROA not after: Sat 30 Nov 2024 09:48:02 +0000
asID: 138915
IP address blocks: 154.94.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62918 (0xf5c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 30 09:48:02 2024 GMT
Not After : Nov 30 09:48:02 2024 GMT
Subject: CN=66fa73d5-f3b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:48:24:67:69:ee:78:15:df:f7:b8:e7:6b:94:
42:a9:26:48:d7:0b:fe:fe:9b:65:be:bd:b9:9c:2f:
90:75:b4:78:42:e2:54:5d:b4:41:1d:14:0e:68:88:
d5:68:4f:4e:2f:01:0e:94:24:32:59:f3:bc:56:d4:
27:7e:d7:0c:52:8d:ec:16:9d:0f:30:9f:b7:f4:10:
6c:f4:df:69:b9:3b:8f:20:70:af:77:2d:fd:1d:ef:
76:77:a0:6a:69:fe:3c:1f:5b:f4:0b:5c:ce:dd:b8:
29:ba:ac:cd:4f:a8:36:b8:96:83:3f:f5:7c:d1:6e:
4a:14:c5:08:5a:07:ec:24:b4:79:67:f9:c6:f7:d2:
4b:f1:33:bd:cd:33:d0:ef:f5:1a:7b:fa:6e:80:ad:
d8:23:86:56:79:ae:94:5c:50:07:a4:d6:0e:30:03:
8d:6c:39:28:9c:e6:e4:7f:8e:14:ac:4f:4e:1d:b7:
52:b7:dd:ac:ed:5b:49:1f:ff:04:5b:c7:a2:1f:4d:
bb:33:54:94:62:0b:df:67:6c:52:79:8a:9c:57:2e:
aa:bb:e4:8e:63:73:7e:ec:ed:82:b9:6f:ff:0a:de:
35:74:2e:42:df:17:bb:43:c9:7d:37:cf:f3:19:80:
ec:3f:74:5d:44:f0:4c:8c:59:8a:be:e9:19:a8:bc:
11:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:31:2E:5C:3F:C8:67:D2:BD:ED:C1:75:97:EF:35:36:F6:D1:00:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/174A0EF07F1111EFA2C9F95D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.125.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:82:fa:1a:7a:92:f4:00:04:c5:bb:5e:ac:a4:fd:1a:45:6b:
d9:72:83:da:76:58:1e:c0:cd:eb:6a:41:fd:78:20:e9:a6:a3:
bf:ef:cc:93:fb:f3:d1:81:7f:2f:d0:eb:7a:91:d4:41:74:15:
41:27:ab:ad:95:5d:e3:0c:48:16:63:9c:04:2b:04:e6:6d:88:
58:03:c9:ed:bc:f2:f8:ea:ae:0e:e0:c8:a5:0a:df:9c:b4:27:
40:91:31:a5:57:e2:a7:87:a9:d5:98:8b:cc:17:71:b4:15:af:
b1:98:1c:7f:cf:5e:bf:c8:6e:09:cd:1d:9d:86:6f:74:31:dc:
63:66:e9:9b:de:eb:2c:2d:23:ba:7e:f9:b1:e2:c9:7e:89:e4:
ce:d8:6c:a8:a0:89:a2:db:1a:1f:95:2e:93:db:3c:fc:cc:56:
a5:f7:dc:e2:42:b2:c3:03:19:0b:96:ff:4e:6e:b8:af:f2:41:
db:a0:c1:fd:4d:cc:d1:d2:47:db:88:91:d1:d0:cf:54:68:00:
3f:55:64:59:41:90:8f:11:a9:2e:b7:85:30:08:9c:c6:38:6c:
72:60:3c:bc:39:36:95:45:50:d5:be:32:02:38:86:38:ec:8f:
f7:e0:0a:28:ba:4f:e3:32:2d:c3:33:fe:c6:47:ea:45:74:3f:
59:ef:c3:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAPXGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTMwMDk0ODAyWhcNMjQxMTMwMDk0ODAyWjAYMRYw
FAYDVQQDEw02NmZhNzNkNS1mM2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5UgkZ2nueBXf97jna5RCqSZI1wv+/ptlvr25nC+QdbR4QuJUXbRBHRQO
aIjVaE9OLwEOlCQyWfO8VtQnftcMUo3sFp0PMJ+39BBs9N9puTuPIHCvdy39He92
d6Bqaf48H1v0C1zO3bgpuqzNT6g2uJaDP/V80W5KFMUIWgfsJLR5Z/nG99JL8TO9
zTPQ7/Uae/pugK3YI4ZWea6UXFAHpNYOMAONbDkonObkf44UrE9OHbdSt92s7VtJ
H/8EW8eiH027M1SUYgvfZ2xSeYqcVy6qu+SOY3N+7O2CuW//Ct41dC5C3xe7Q8l9
N8/zGYDsP3RdRPBMjFmKvukZqLwRmwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLEx
Llw/yGfSve3BdZfvNTb20QDvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNzRBMEVGMDdGMTExMUVGQTJDOUY5NUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml59MA0GCSqGSIb3DQEB
CwUAA4IBAQCggvoaepL0AATFu16spP0aRWvZcoPadlgewM3rakH9eCDppqO/78yT
+/PRgX8v0Ot6kdRBdBVBJ6utlV3jDEgWY5wEKwTmbYhYA8ntvPL46q4O4MilCt+c
tCdAkTGlV+Knh6nVmIvMF3G0Fa+xmBx/z16/yG4JzR2dhm90MdxjZumb3ussLSO6
fvmx4sl+ieTO2GyooImi2xoflS6T2zz8zFal99ziQrLDAxkLlv9Obriv8kHboMH9
TczR0kfbiJHR0M9UaAA/VWRZQZCPEakut4UwCJzGOGxyYDy8OTaVRVDVvjICOIY4
7I/34Aoouk/jMi3DM/7GR+pFdD9Z78No
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:22 2024 by rpki-client on console-fra.rpki-client.org