Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/209A8D84952F11EF8DB05F47762E951A.roa
File: 209A8D84952F11EF8DB05F47762E951A.roa (raw, json)
Hash identifier: LUPG7lqEalC1XEL32INd5wyCiyTx6ixydggjmeDHM/k=
Subject key identifier: B9:36:72:D2:E9:6F:01:25:4F:2E:96:40:C8:72:6D:96:BA:2E:4C:7E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0102D9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/209A8D84952F11EF8DB05F47762E951A.roa
Signing time: Mon 28 Oct 2024 13:18:31 +0000
ROA not before: Mon 28 Oct 2024 13:18:28 +0000
ROA not after: Sun 01 Dec 2024 13:18:28 +0000
asID: 202656
IP address blocks: 154.222.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66265 (0x102d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 28 13:18:28 2024 GMT
Not After : Dec 1 13:18:28 2024 GMT
Subject: CN=671f8f27-9b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:36:c6:e4:e8:59:06:e1:ea:d8:93:87:bc:55:
62:96:27:6b:92:4f:53:82:96:42:35:3d:30:2c:61:
c6:50:4f:8d:c4:9a:b8:db:46:c9:73:95:60:42:22:
6a:6e:fe:d1:15:c2:42:bb:66:2b:a3:b1:21:1a:46:
1c:03:1a:af:21:bd:10:4c:48:2d:94:97:ac:10:0d:
e4:1d:90:0f:78:8e:06:81:0c:53:cc:cf:c2:33:dd:
55:85:2d:8b:a4:06:90:62:80:72:df:b1:c2:62:72:
16:d7:e3:54:ba:38:bb:92:83:d6:5e:a4:18:84:51:
65:80:7f:84:42:78:07:ed:19:52:05:60:b1:3b:cf:
1b:1e:0e:97:fc:73:2c:89:57:8b:2f:3f:58:ad:24:
be:47:cb:55:93:36:a1:f4:37:7f:1f:13:eb:e8:0f:
5f:5b:c9:7d:9c:ee:81:59:28:fd:f2:cf:8d:1b:3c:
1a:79:cb:81:1f:15:be:5c:69:ad:40:e7:d8:4a:08:
7e:72:a3:62:a3:fb:a7:41:df:29:c9:85:70:fb:53:
1f:47:66:80:14:40:18:06:d9:fc:da:99:e1:6d:0e:
97:6d:58:e0:7f:48:2b:62:43:97:af:d3:fc:93:0f:
18:5e:ad:03:98:95:dc:a2:b0:c7:27:9d:b5:e7:bf:
64:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:36:72:D2:E9:6F:01:25:4F:2E:96:40:C8:72:6D:96:BA:2E:4C:7E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/209A8D84952F11EF8DB05F47762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.193.0/24
Signature Algorithm: sha256WithRSAEncryption
86:3e:74:d6:46:f8:f2:1f:ff:23:2f:c8:01:49:12:ea:9b:16:
e6:d1:94:eb:57:6c:31:9b:aa:d9:4d:83:67:76:8f:5f:dd:2f:
12:bc:b6:0c:ed:c4:f5:16:60:5f:ae:c7:ec:7a:7a:e4:16:85:
1e:59:d2:b3:f5:78:b2:a8:3a:84:fa:92:84:ea:51:12:8f:4f:
b8:63:b5:c0:0f:0a:6a:99:ab:39:1a:d4:fd:e6:c3:ba:8d:46:
86:14:4c:4e:d2:17:f1:45:ef:c1:01:03:9b:e8:26:de:81:34:
e6:a4:0e:a4:65:f8:7a:08:4c:55:47:f6:ac:d4:98:46:ca:b8:
83:60:4b:de:29:0c:d6:c7:85:3c:63:da:61:2e:07:5b:f5:6c:
13:90:cc:41:5a:ac:cd:5c:79:28:a3:48:ab:a1:ba:6e:60:b2:
52:0b:96:6c:5c:9f:b7:fa:1f:02:7f:a2:78:d5:c1:78:bc:9f:
8a:72:23:0a:63:ff:ee:e6:38:a6:d9:44:6b:63:3b:18:83:15:
68:a9:2f:b5:c1:52:b7:fc:da:27:bc:e2:68:98:23:9c:af:78:
e1:85:ae:7f:e9:2f:c8:24:04:15:f8:6d:7a:f4:02:fe:60:f7:
75:ca:64:de:d7:14:cc:25:35:b3:3d:d4:c8:1a:ea:13:a5:9a:
28:35:4b:0f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQLZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDI4MTMxODI4WhcNMjQxMjAxMTMxODI4WjAYMRYw
FAYDVQQDEw02NzFmOGYyNy05YjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2DbG5OhZBuHq2JOHvFVilidrkk9TgpZCNT0wLGHGUE+NxJq420bJc5Vg
QiJqbv7RFcJCu2Yro7EhGkYcAxqvIb0QTEgtlJesEA3kHZAPeI4GgQxTzM/CM91V
hS2LpAaQYoBy37HCYnIW1+NUuji7koPWXqQYhFFlgH+EQngH7RlSBWCxO88bHg6X
/HMsiVeLLz9YrSS+R8tVkzah9Dd/HxPr6A9fW8l9nO6BWSj98s+NGzwaecuBHxW+
XGmtQOfYSgh+cqNio/unQd8pyYVw+1MfR2aAFEAYBtn82pnhbQ6XbVjgf0grYkOX
r9P8kw8YXq0DmJXcorDHJ521579kewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLk2
ctLpbwElTy6WQMhybZa6Lkx+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMDlBOEQ4NDk1MkYxMUVGOERCMDVGNDc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt7BMA0GCSqGSIb3DQEB
CwUAA4IBAQCGPnTWRvjyH/8jL8gBSRLqmxbm0ZTrV2wxm6rZTYNndo9f3S8SvLYM
7cT1FmBfrsfsenrkFoUeWdKz9XiyqDqE+pKE6lESj0+4Y7XADwpqmas5GtT95sO6
jUaGFExO0hfxRe/BAQOb6CbegTTmpA6kZfh6CExVR/as1JhGyriDYEveKQzWx4U8
Y9phLgdb9WwTkMxBWqzNXHkoo0irobpuYLJSC5ZsXJ+3+h8Cf6J41cF4vJ+KciMK
Y//u5jim2URrYzsYgxVoqS+1wVK3/NonvOJomCOcr3jhha5/6S/IJAQV+G169AL+
YPd1ymTe1xTMJTWzPdTIGuoTpZooNUsP
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:24 2024 by rpki-client on console-fra.rpki-client.org