Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20B94486D6E411EEABDAA2B4775412E6.roa
File: 20B94486D6E411EEABDAA2B4775412E6.roa (raw, json)
Hash identifier: 18nPuGvgcj54nNLgOue87byCwWAYFUgsmzlY0JOQjr0=
Subject key identifier: B4:D1:7C:30:C1:76:4D:72:15:9B:40:59:0B:71:11:EC:3D:8A:20:FD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 9345
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20B94486D6E411EEABDAA2B4775412E6.roa
Signing time: Thu 29 Feb 2024 09:22:58 +0000
ROA not before: Thu 29 Feb 2024 09:22:55 +0000
ROA not after: Mon 03 Mar 2025 09:22:55 +0000
asID: 141389
IP address blocks: 154.196.246.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37701 (0x9345)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 29 09:22:55 2024 GMT
Not After : Mar 3 09:22:55 2025 GMT
Subject: CN=65e04cf2-5f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:74:bf:1a:b3:9f:75:b7:3d:57:0b:2f:90:ab:
3d:54:5a:97:86:b0:3e:42:42:d2:4a:bb:9d:ef:f8:
69:63:d1:7d:94:9b:7d:c5:7e:b7:a2:e4:94:62:c1:
56:0f:8c:72:aa:94:bd:9a:f1:90:66:5f:e7:3e:94:
3a:fe:21:ea:09:c5:3c:6b:83:b0:04:62:b3:ee:9c:
e2:af:97:31:d4:28:a5:33:0b:66:da:94:de:a1:77:
74:96:56:47:90:69:17:be:e2:29:a8:da:58:97:e4:
3e:32:68:94:7f:6b:2d:43:13:d8:41:85:b8:f5:34:
4a:38:23:94:03:7a:a6:24:3c:41:70:45:7f:3e:6a:
2b:b3:49:3c:17:14:61:41:e2:f3:a6:2b:a5:05:5c:
78:0c:bc:ce:ca:9f:8e:e6:e3:e0:ff:8b:a0:f4:29:
97:06:c8:9f:9b:0f:a3:58:bb:94:ea:10:0c:e9:f1:
ef:fb:db:00:db:2b:5c:b4:3f:0b:db:22:c8:28:b0:
03:11:0f:ec:79:07:25:09:cb:75:0a:09:cf:c7:5e:
6d:0c:67:34:45:6e:92:93:2c:d6:9e:68:0f:23:f4:
17:f3:d1:43:d9:d0:fa:70:ca:38:01:b7:60:a0:e1:
37:1b:fb:aa:7a:82:dd:af:06:67:ce:3e:e0:ce:58:
73:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D1:7C:30:C1:76:4D:72:15:9B:40:59:0B:71:11:EC:3D:8A:20:FD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/20B94486D6E411EEABDAA2B4775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.246.0/23
Signature Algorithm: sha256WithRSAEncryption
99:dc:35:e9:55:4f:43:a4:f2:df:74:2b:9e:55:c3:f0:5e:3f:
e7:5f:58:fd:0e:3d:fb:91:43:d3:75:b7:d2:68:a2:69:bf:9f:
0b:77:72:86:3d:43:72:64:fd:7c:eb:e3:3d:52:5d:f4:e3:65:
b0:52:65:63:c3:0e:8c:72:79:85:e6:ec:a0:3b:be:15:99:9a:
cc:89:17:de:eb:43:5c:f7:0e:54:a0:82:48:8f:01:06:71:bc:
4f:9b:97:17:37:b6:81:90:1d:4a:02:89:be:ee:db:9d:75:34:
55:a9:55:30:dc:86:a1:73:8a:fb:07:0f:7a:84:a2:7b:85:1e:
e4:26:b4:ec:e4:97:99:82:01:2b:80:e2:51:97:98:7e:e7:bd:
e4:95:2c:de:e1:f5:af:14:b2:2b:54:c4:da:6b:40:c7:a8:4a:
06:a3:9d:69:92:bf:5c:5f:98:ec:90:f5:25:1d:7f:02:ec:dd:
c6:c7:1d:3a:f8:66:e7:9c:d2:f8:ce:fd:c3:d7:7d:1f:65:44:
a0:34:0c:3a:81:50:f0:14:d1:56:6a:2d:44:0f:30:f2:f9:f7:
75:ee:a1:36:ce:33:6b:24:cb:ca:3e:73:3c:7d:69:20:bb:29:
6d:9f:3c:a4:f5:2a:97:04:35:0a:ca:3c:3b:4c:a7:cf:b2:f6:
f8:cf:8b:f0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAJNFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjI5MDkyMjU1WhcNMjUwMzAzMDkyMjU1WjAYMRYw
FAYDVQQDEw02NWUwNGNmMi01ZjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo3S/GrOfdbc9VwsvkKs9VFqXhrA+QkLSSrud7/hpY9F9lJt9xX63ouSU
YsFWD4xyqpS9mvGQZl/nPpQ6/iHqCcU8a4OwBGKz7pzir5cx1CilMwtm2pTeoXd0
llZHkGkXvuIpqNpYl+Q+MmiUf2stQxPYQYW49TRKOCOUA3qmJDxBcEV/Pmors0k8
FxRhQeLzpiulBVx4DLzOyp+O5uPg/4ug9CmXBsifmw+jWLuU6hAM6fHv+9sA2ytc
tD8L2yLIKLADEQ/seQclCct1CgnPx15tDGc0RW6SkyzWnmgPI/QX89FD2dD6cMo4
AbdgoOE3G/uqeoLdrwZnzj7gzlhzZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLTR
fDDBdk1yFZtAWQtxEew9iiD9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMEI5NDQ4NkQ2RTQxMUVFQUJEQUEyQjQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsT2MA0GCSqGSIb3DQEB
CwUAA4IBAQCZ3DXpVU9DpPLfdCueVcPwXj/nX1j9Dj37kUPTdbfSaKJpv58Ld3KG
PUNyZP186+M9Ul3042WwUmVjww6McnmF5uygO74VmZrMiRfe60Nc9w5UoIJIjwEG
cbxPm5cXN7aBkB1KAom+7tuddTRVqVUw3Iahc4r7Bw96hKJ7hR7kJrTs5JeZggEr
gOJRl5h+573klSze4fWvFLIrVMTaa0DHqEoGo51pkr9cX5jskPUlHX8C7N3Gxx06
+GbnnNL4zv3D130fZUSgNAw6gVDwFNFWai1EDzDy+fd17qE2zjNrJMvKPnM8fWkg
uyltnzyk9SqXBDUKyjw7TKfPsvb4z4vw
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:33:14 2024 by rpki-client on console-fra.rpki-client.org