Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C49786AA26F11EFBABF4C6E762E951A.roa
File: 1C49786AA26F11EFBABF4C6E762E951A.roa (raw, json)
Hash identifier: NtXoylg8+t1gbHO41azUvfPAFxgJ/Kxrwo4lY+yteSo=
Subject key identifier: A4:0F:8D:88:55:4A:42:81:48:BE:73:36:36:B3:BE:E9:0F:DC:9A:55
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010D0A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C49786AA26F11EFBABF4C6E762E951A.roa
Signing time: Thu 14 Nov 2024 09:59:17 +0000
ROA not before: Thu 14 Nov 2024 09:59:14 +0000
ROA not after: Sat 23 Nov 2024 09:59:14 +0000
asID: 137443
IP address blocks: 154.223.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 09:59:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68874 (0x10d0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 14 09:59:14 2024 GMT
Not After : Nov 23 09:59:14 2024 GMT
Subject: CN=6735c9f5-0b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0c:23:b6:f4:df:12:da:2c:3b:28:ff:e8:8d:
de:71:1f:c4:7c:71:1b:ab:4a:d2:91:fe:24:ba:a3:
91:d9:96:e8:98:f4:c1:bf:3c:50:d6:14:11:c0:cf:
ba:f9:d5:d0:ad:28:f7:d1:ea:61:21:2b:3f:d6:af:
5e:b0:bf:5e:1e:c2:90:a7:28:42:60:76:ca:c7:b4:
43:46:36:dd:de:de:0e:1a:31:11:67:7b:2d:3f:4d:
e0:7d:b6:d0:c0:ff:8d:f2:a7:fe:0d:10:19:6f:09:
40:e4:eb:ba:a5:b8:88:4c:d0:50:5a:f8:93:76:65:
6e:d7:74:4f:ce:93:04:29:45:a3:69:97:bf:55:46:
a0:0a:01:e9:bd:b9:0a:18:33:fb:0e:fa:b8:7c:85:
07:fa:93:8f:7e:dd:c4:c2:b9:6d:3f:eb:0d:7f:24:
9e:ad:ff:0b:93:9d:78:26:c2:11:1c:27:4f:f8:bd:
e7:cf:f9:19:13:dd:88:52:6b:0a:57:51:09:b0:1c:
3d:c1:20:8e:3f:fc:06:c2:af:4c:cc:eb:74:a2:2a:
46:41:bf:f0:e5:ed:c6:01:97:ba:1e:4f:87:ac:91:
01:f8:a0:50:bc:1e:51:51:ef:98:8f:52:fc:d7:90:
54:6e:52:6f:17:a0:c5:34:f0:45:2e:b8:5e:06:af:
30:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0F:8D:88:55:4A:42:81:48:BE:73:36:36:B3:BE:E9:0F:DC:9A:55
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1C49786AA26F11EFBABF4C6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.168.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:3c:8f:ee:c0:19:c1:e8:6b:fb:57:13:92:73:9f:43:be:7e:
3c:c2:81:92:db:b9:dc:5f:00:c1:69:7f:f0:d5:85:fb:4d:85:
0b:5a:13:0d:b7:47:aa:83:79:2f:85:4b:e6:a8:65:af:cd:99:
4d:06:9e:8a:97:4c:be:ff:a5:25:fc:bb:ba:96:fb:2d:fe:99:
17:42:37:fe:e4:79:5d:2d:d9:9a:8f:cd:e9:77:a5:73:04:49:
ca:43:25:1d:23:39:40:01:71:a4:d4:06:42:fe:49:60:d0:e3:
6a:03:18:ba:1a:2c:90:d5:66:78:a9:48:cc:50:32:b0:f1:26:
2d:75:e6:d6:2f:14:8f:42:f8:e2:69:c8:5b:0b:c9:04:49:bc:
2b:bb:74:c3:ce:24:0c:90:f7:ea:a2:46:39:69:04:23:b3:0b:
7d:b9:01:e4:55:15:4d:14:08:ff:e5:03:30:16:50:3a:7d:0a:
0b:41:dd:61:7a:89:14:f8:4e:ff:20:d0:8b:b9:05:d4:52:b3:
53:9f:64:4b:ff:c2:f3:e0:85:98:a2:20:fa:fc:7b:45:9a:c3:
9c:c9:2f:69:0d:1c:d2:d6:74:97:81:c9:52:8e:a0:d3:9a:f1:
d0:29:4f:3f:81:81:26:fc:20:bb:84:2e:8e:d2:2c:97:09:44:
61:f1:77:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ0KMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE0MDk1OTE0WhcNMjQxMTIzMDk1OTE0WjAYMRYw
FAYDVQQDEw02NzM1YzlmNS0wYjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0QwjtvTfEtosOyj/6I3ecR/EfHEbq0rSkf4kuqOR2ZbomPTBvzxQ1hQR
wM+6+dXQrSj30ephISs/1q9esL9eHsKQpyhCYHbKx7RDRjbd3t4OGjERZ3stP03g
fbbQwP+N8qf+DRAZbwlA5Ou6pbiITNBQWviTdmVu13RPzpMEKUWjaZe/VUagCgHp
vbkKGDP7Dvq4fIUH+pOPft3EwrltP+sNfySerf8Lk514JsIRHCdP+L3nz/kZE92I
UmsKV1EJsBw9wSCOP/wGwq9MzOt0oipGQb/w5e3GAZe6Hk+HrJEB+KBQvB5RUe+Y
j1L815BUblJvF6DFNPBFLrheBq8wVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKQP
jYhVSkKBSL5zNjazvukP3JpVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQzQ5Nzg2QUEyNkYxMUVGQkFCRjRDNkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt+oMA0GCSqGSIb3DQEB
CwUAA4IBAQC8PI/uwBnB6Gv7VxOSc59Dvn48woGS27ncXwDBaX/w1YX7TYULWhMN
t0eqg3kvhUvmqGWvzZlNBp6Kl0y+/6Ul/Lu6lvst/pkXQjf+5HldLdmaj83pd6Vz
BEnKQyUdIzlAAXGk1AZC/klg0ONqAxi6GiyQ1WZ4qUjMUDKw8SYtdebWLxSPQvji
achbC8kESbwru3TDziQMkPfqokY5aQQjswt9uQHkVRVNFAj/5QMwFlA6fQoLQd1h
eokU+E7/INCLuQXUUrNTn2RL/8Lz4IWYoiD6/HtFmsOcyS9pDRzS1nSXgclSjqDT
mvHQKU8/gYEm/CC7hC6O0iyXCURh8XcI
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:00 2024 by rpki-client on console-fra.rpki-client.org