Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AE114C092E211EFA0F20F48762E951A.roa
File: 1AE114C092E211EFA0F20F48762E951A.roa (raw, json)
Hash identifier: kl4BvJ7rM0zqaJFGbsxwfO6y4oSPeoZqTZUL0MpwARs=
Subject key identifier: E0:2B:26:E2:F1:42:A5:1A:9C:75:ED:31:DC:2D:97:5E:8B:85:4D:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01025A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AE114C092E211EFA0F20F48762E951A.roa
Signing time: Fri 25 Oct 2024 15:02:08 +0000
ROA not before: Fri 25 Oct 2024 15:02:03 +0000
ROA not after: Sun 01 Dec 2024 15:02:03 +0000
asID: 49505
IP address blocks: 154.209.220.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66138 (0x1025a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 25 15:02:03 2024 GMT
Not After : Dec 1 15:02:03 2024 GMT
Subject: CN=671bb2f0-2f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:76:00:be:45:a9:84:03:69:8c:b9:f4:9e:fd:
da:c0:58:4b:46:73:ff:ea:c8:9b:f0:c0:cb:5c:05:
b8:fe:6f:13:42:80:11:78:6c:11:54:dc:a1:95:83:
68:7c:c2:dd:a3:c1:44:61:5c:f4:81:30:36:c3:22:
75:22:c0:51:68:b9:55:e9:83:9d:13:d0:93:f4:6a:
67:3d:9d:ff:86:a2:d0:44:3b:5f:89:f7:38:d6:8a:
cb:53:39:88:3a:88:46:2b:a2:40:c9:29:0a:ee:ff:
f0:9f:9d:79:98:e4:d2:a0:22:f5:e8:7a:4a:16:f8:
2d:b2:ba:03:46:16:58:33:d9:e2:4e:b7:76:e9:57:
43:26:de:14:19:53:97:9e:1a:a9:1d:05:9e:a0:4b:
d4:c1:c1:e2:7b:85:2e:1e:ee:c7:77:c0:34:54:16:
08:7e:51:c9:72:8a:25:f0:d8:3a:da:26:65:1a:97:
ff:c7:42:28:3a:46:87:a8:4d:dc:bc:3b:11:56:c7:
d8:06:6b:b2:64:28:87:ce:65:9e:4b:aa:e7:d4:90:
c7:c2:7b:38:a4:32:b1:44:5d:8d:36:1a:3b:ce:1c:
70:e3:f9:f4:f1:e7:09:5f:bf:a8:3c:27:8f:13:1d:
ec:4c:72:3e:56:27:4c:a3:f8:d0:9f:12:10:7e:e2:
52:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2B:26:E2:F1:42:A5:1A:9C:75:ED:31:DC:2D:97:5E:8B:85:4D:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1AE114C092E211EFA0F20F48762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.220.0/23
Signature Algorithm: sha256WithRSAEncryption
41:5b:8e:f4:ef:6b:31:f5:3b:5c:ad:08:ed:f1:a9:25:b4:e0:
23:35:68:a8:69:d4:d1:a9:9e:72:99:f4:2c:29:62:cb:bd:d7:
94:87:26:e7:2a:13:50:4a:ef:e3:b6:36:46:85:0e:bb:f4:6c:
90:03:c6:b1:e5:ed:8c:4d:c2:f2:fc:a0:24:fe:97:5b:5e:d5:
b6:0b:93:ff:d3:65:e3:fb:1d:ed:32:d0:17:33:04:bd:92:5a:
0e:29:7e:0d:a4:43:48:40:22:69:3f:01:5b:71:81:94:fd:92:
d8:d6:16:30:d8:ac:36:a9:97:86:fd:55:2e:f1:04:8f:d4:14:
25:eb:a7:8d:02:a2:17:09:59:fb:af:bd:29:e3:56:e1:49:8c:
39:19:31:fe:62:73:80:b4:a8:c1:e1:57:55:84:72:4a:41:e0:
1c:da:6e:fd:21:ac:2d:ec:b7:70:e4:2b:a8:58:bd:f7:91:50:
0c:01:80:c5:50:e0:53:13:b8:63:66:40:c4:95:b8:9e:17:f6:
a9:2e:1b:98:ab:cb:2f:49:01:d9:2a:26:40:ef:20:5d:b5:45:
b0:62:f2:1b:00:f2:85:96:cd:aa:df:77:63:45:9e:c5:4e:15:
60:15:b9:fd:59:a9:c8:ef:fc:b9:c6:b7:cc:47:ca:fe:ee:4f:
90:5f:d5:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQJaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDI1MTUwMjAzWhcNMjQxMjAxMTUwMjAzWjAYMRYw
FAYDVQQDEw02NzFiYjJmMC0yZjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1XYAvkWphANpjLn0nv3awFhLRnP/6sib8MDLXAW4/m8TQoAReGwRVNyh
lYNofMLdo8FEYVz0gTA2wyJ1IsBRaLlV6YOdE9CT9GpnPZ3/hqLQRDtfifc41orL
UzmIOohGK6JAySkK7v/wn515mOTSoCL16HpKFvgtsroDRhZYM9niTrd26VdDJt4U
GVOXnhqpHQWeoEvUwcHie4UuHu7Hd8A0VBYIflHJcool8Ng62iZlGpf/x0IoOkaH
qE3cvDsRVsfYBmuyZCiHzmWeS6rn1JDHwns4pDKxRF2NNho7zhxw4/n08ecJX7+o
PCePEx3sTHI+VidMo/jQnxIQfuJSgQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOAr
JuLxQqUanHXtMdwtl16LhU3kMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQUUxMTRDMDkyRTIxMUVGQTBGMjBGNDg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtHcMA0GCSqGSIb3DQEB
CwUAA4IBAQBBW47072sx9TtcrQjt8akltOAjNWioadTRqZ5ymfQsKWLLvdeUhybn
KhNQSu/jtjZGhQ679GyQA8ax5e2MTcLy/KAk/pdbXtW2C5P/02Xj+x3tMtAXMwS9
kloOKX4NpENIQCJpPwFbcYGU/ZLY1hYw2Kw2qZeG/VUu8QSP1BQl66eNAqIXCVn7
r70p41bhSYw5GTH+YnOAtKjB4VdVhHJKQeAc2m79Iawt7Ldw5CuoWL33kVAMAYDF
UOBTE7hjZkDElbieF/apLhuYq8svSQHZKiZA7yBdtUWwYvIbAPKFls2q33djRZ7F
ThVgFbn9WanI7/y5xrfMR8r+7k+QX9XW
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:33:13 2024 by rpki-client on console-fra.rpki-client.org