Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DA4FC16992D11EFA0BAEE74762E951A.roa
File: 1DA4FC16992D11EFA0BAEE74762E951A.roa (raw, json)
Hash identifier: KQJt0MPkg/WH2dOWDuLbLnMym5wDT0Sj+5YrAByJl6s=
Subject key identifier: 09:4F:04:D5:58:55:B2:C3:15:B3:BC:B3:B7:E9:11:BE:34:26:13:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0105C2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DA4FC16992D11EFA0BAEE74762E951A.roa
Signing time: Sat 02 Nov 2024 15:14:12 +0000
ROA not before: Sat 02 Nov 2024 15:14:08 +0000
ROA not after: Wed 05 Nov 2025 15:14:08 +0000
asID: 140224
IP address blocks: 154.200.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67010 (0x105c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 2 15:14:08 2024 GMT
Not After : Nov 5 15:14:08 2025 GMT
Subject: CN=672641c4-fa37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b9:05:66:e8:f1:94:64:2b:60:79:a3:8f:ce:
76:87:d1:3f:b6:e7:fa:40:ee:d0:c6:a8:f6:8e:74:
b5:b7:90:ff:c2:f3:4d:f1:37:0b:d0:3a:d2:9a:62:
c7:1f:3d:83:c3:a6:88:40:bf:f3:ae:84:41:41:0c:
f3:97:e7:65:4d:6c:b8:c0:c6:e1:69:9d:4a:f9:7d:
99:18:9c:cf:b6:eb:ab:5a:74:f4:66:f0:91:92:7d:
6c:4d:18:81:85:1f:f5:19:89:d1:e7:04:19:e2:d9:
bb:fb:b9:c0:78:6f:e4:ab:9f:e4:5a:a7:c4:cb:18:
8d:8e:f4:71:ab:24:f2:92:f6:04:d2:25:dd:1a:24:
6f:4b:33:35:fd:3e:91:d1:a5:53:45:4f:06:49:de:
30:84:85:ed:03:2b:cd:67:35:07:4e:45:ca:78:74:
7e:cd:bf:68:b9:97:2a:48:a6:f7:8a:d5:51:fa:7f:
90:33:f1:1d:29:44:78:e1:b8:da:0f:07:f7:4e:98:
40:e7:2a:24:f3:e4:ff:5a:c8:c4:56:6b:be:4d:2e:
89:de:9e:b0:e0:c5:7d:ca:b9:50:a3:24:9d:c7:a3:
4c:f2:e1:50:cc:61:29:28:56:ed:56:ab:fd:4e:68:
e4:18:e1:32:39:b9:78:7b:77:11:35:67:cd:02:f8:
7e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4F:04:D5:58:55:B2:C3:15:B3:BC:B3:B7:E9:11:BE:34:26:13:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DA4FC16992D11EFA0BAEE74762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.98.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c5:18:d4:f8:46:ce:cc:df:7a:fa:69:41:da:03:d3:a4:eb:
e3:c5:c0:9d:23:b2:5f:fd:99:47:00:18:e4:35:16:0e:da:e0:
06:5d:06:54:db:f2:e4:45:64:58:ce:6c:63:20:81:b1:b9:79:
bf:14:7b:15:ce:f8:1f:50:c0:0f:f7:84:37:8c:e5:fe:86:b9:
5e:1f:7b:59:50:12:7c:19:21:b3:02:9f:fa:87:38:b2:a8:71:
de:3e:7d:79:cd:b1:a2:63:95:6f:b7:f7:5c:a2:bc:77:11:09:
fd:a5:7e:0b:57:88:c2:64:e7:43:6e:60:d2:8c:05:05:5c:1c:
7f:ba:e6:0d:51:f7:ce:cf:0f:e6:54:dd:6d:17:de:85:1b:11:
9a:b9:ca:a9:5b:f4:3d:33:45:75:6e:85:ea:c1:0e:65:a3:ae:
fe:1f:1d:50:bc:9c:9e:73:fe:52:6e:f9:c9:44:7d:17:a4:47:
b8:01:6d:ef:f4:3d:f0:e0:6c:a5:91:89:bd:76:dc:39:71:e1:
a3:4f:9b:c5:5f:47:23:d5:4d:88:82:a6:01:ae:0a:3d:fa:f6:
80:e4:9f:06:ff:a0:b0:f8:41:f7:58:5c:dc:66:76:6a:7d:c7:
29:fc:a3:c6:b8:aa:30:7a:13:02:6b:0e:77:9a:59:43:72:e2:
8f:56:df:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQXCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTAyMTUxNDA4WhcNMjUxMTA1MTUxNDA4WjAYMRYw
FAYDVQQDEw02NzI2NDFjNC1mYTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA77kFZujxlGQrYHmjj852h9E/tuf6QO7Qxqj2jnS1t5D/wvNN8TcL0DrS
mmLHHz2Dw6aIQL/zroRBQQzzl+dlTWy4wMbhaZ1K+X2ZGJzPtuurWnT0ZvCRkn1s
TRiBhR/1GYnR5wQZ4tm7+7nAeG/kq5/kWqfEyxiNjvRxqyTykvYE0iXdGiRvSzM1
/T6R0aVTRU8GSd4whIXtAyvNZzUHTkXKeHR+zb9ouZcqSKb3itVR+n+QM/EdKUR4
4bjaDwf3TphA5yok8+T/WsjEVmu+TS6J3p6w4MV9yrlQoySdx6NM8uFQzGEpKFbt
Vqv9TmjkGOEyObl4e3cRNWfNAvh+GQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAlP
BNVYVbLDFbO8s7fpEb40JhOMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xREE0RkMxNjk5MkQxMUVGQTBCQUVFNzQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmshiMA0GCSqGSIb3DQEB
CwUAA4IBAQBlxRjU+EbOzN96+mlB2gPTpOvjxcCdI7Jf/ZlHABjkNRYO2uAGXQZU
2/LkRWRYzmxjIIGxuXm/FHsVzvgfUMAP94Q3jOX+hrleH3tZUBJ8GSGzAp/6hziy
qHHePn15zbGiY5Vvt/dcorx3EQn9pX4LV4jCZOdDbmDSjAUFXBx/uuYNUffOzw/m
VN1tF96FGxGaucqpW/Q9M0V1boXqwQ5lo67+Hx1QvJyec/5SbvnJRH0XpEe4AW3v
9D3w4GylkYm9dtw5ceGjT5vFX0cj1U2IgqYBrgo9+vaA5J8G/6Cw+EH3WFzcZnZq
fccp/KPGuKowehMCaw53mllDcuKPVt+H
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:56 2024 by rpki-client on console-ams.rpki-client.org