Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21BF92A4A33011EF82C8E740762E951A.roa
File: 21BF92A4A33011EF82C8E740762E951A.roa (raw, json)
Hash identifier: c8vYflD1HO0qM1WtcG7yX2uGpivGp6Z+06mER0T0IdU=
Subject key identifier: 63:A8:BF:3E:E0:0B:C2:B3:79:E2:38:45:F2:33:D7:EE:9F:FB:F7:DC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010D68
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21BF92A4A33011EF82C8E740762E951A.roa
Signing time: Fri 15 Nov 2024 09:00:59 +0000
ROA not before: Fri 15 Nov 2024 09:00:55 +0000
ROA not after: Sun 22 Dec 2024 09:00:55 +0000
asID: 18779
IP address blocks: 154.203.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68968 (0x10d68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 15 09:00:55 2024 GMT
Not After : Dec 22 09:00:55 2024 GMT
Subject: CN=67370dcb-3049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:11:74:f3:e6:6d:d9:00:56:61:39:c5:94:c5:
2c:f1:b4:74:89:ad:46:8e:6f:56:c8:a2:21:26:35:
52:76:3c:da:d7:68:20:f6:c8:b7:45:08:fb:cf:7f:
c7:90:6a:35:e2:1f:07:48:4f:dc:e1:8f:69:91:c2:
b4:d8:6c:82:a6:e8:12:6c:2a:d7:af:19:70:3c:12:
62:60:04:ba:03:57:ae:ec:11:0e:5d:55:ac:d1:f1:
e5:bb:2b:69:d1:b7:e7:48:dd:7f:42:3e:9e:38:ec:
9c:67:d0:3b:74:73:a7:18:0a:fa:bd:2a:13:bb:63:
73:01:ed:9f:1f:48:9b:0e:8a:fa:e3:0f:9c:36:ad:
a4:74:a2:1a:95:2a:a9:0d:51:d9:bc:b1:63:49:84:
45:b7:58:f8:b3:ba:58:43:29:0d:02:bf:8f:c2:96:
93:ca:9f:ef:80:3e:df:38:38:29:9f:6a:5d:08:04:
30:3d:da:0f:72:75:8c:85:dc:06:cd:b8:c8:c3:b4:
1e:90:f4:b4:5b:fd:1c:96:e1:a9:55:a8:63:42:45:
9e:52:a9:7b:bc:84:31:39:84:56:44:2c:70:ef:58:
fd:57:a2:95:a1:bb:fc:f2:d4:10:ed:9a:09:14:ea:
41:63:06:09:78:07:63:be:67:8f:92:ca:d3:c5:16:
90:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A8:BF:3E:E0:0B:C2:B3:79:E2:38:45:F2:33:D7:EE:9F:FB:F7:DC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/21BF92A4A33011EF82C8E740762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.52.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:ce:27:ec:c3:e6:39:cb:f5:f5:7f:2d:c0:7d:1c:cd:98:ea:
1c:9f:6f:cd:80:6c:cc:c1:7a:40:42:46:89:e8:0b:b9:16:c4:
6c:81:1e:c2:fa:fa:06:4e:54:8c:05:62:2c:5b:50:55:85:d4:
7c:41:c6:37:2b:e9:43:28:9f:c3:32:77:a3:d9:9a:3c:e1:66:
10:62:7e:bf:af:58:1e:16:4d:15:99:05:85:50:f6:66:dc:ba:
46:3f:df:fc:05:05:ec:ab:0c:dd:2b:68:b8:b1:1e:f1:6c:50:
cf:c3:65:d4:33:d1:f8:5d:72:d9:be:96:3d:4f:71:3f:ff:8b:
8a:32:01:95:14:c8:ff:90:e9:f0:35:a7:12:4b:08:46:4f:bd:
5c:9f:6a:fe:54:5c:4e:84:f0:6d:a1:94:71:dc:e8:a7:9e:d9:
e9:b7:f6:88:7f:c1:2f:17:bc:97:37:1c:8f:44:ba:30:d7:65:
98:6f:be:58:48:37:15:8d:14:6b:16:eb:9b:26:fd:19:34:62:
62:16:5f:67:9b:e9:9f:1b:8c:e6:16:71:d3:ea:09:85:08:67:
88:53:61:4c:a4:e6:bb:92:09:f5:a5:9c:30:00:aa:0f:e5:e0:
4f:51:c9:9a:22:1d:70:4a:79:c6:9c:3c:8f:22:04:4b:8c:d7:
89:4f:8c:7d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ1oMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE1MDkwMDU1WhcNMjQxMjIyMDkwMDU1WjAYMRYw
FAYDVQQDEw02NzM3MGRjYi0zMDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxhF08+Zt2QBWYTnFlMUs8bR0ia1Gjm9WyKIhJjVSdjza12gg9si3RQj7
z3/HkGo14h8HSE/c4Y9pkcK02GyCpugSbCrXrxlwPBJiYAS6A1eu7BEOXVWs0fHl
uytp0bfnSN1/Qj6eOOycZ9A7dHOnGAr6vSoTu2NzAe2fH0ibDor64w+cNq2kdKIa
lSqpDVHZvLFjSYRFt1j4s7pYQykNAr+PwpaTyp/vgD7fODgpn2pdCAQwPdoPcnWM
hdwGzbjIw7QekPS0W/0cluGpVahjQkWeUql7vIQxOYRWRCxw71j9V6KVobv88tQQ
7ZoJFOpBYwYJeAdjvmePksrTxRaQaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGOo
vz7gC8KzeeI4RfIz1+6f+/fcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMUJGOTJBNEEzMzAxMUVGODJDOEU3NDA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmss0MA0GCSqGSIb3DQEB
CwUAA4IBAQBMzifsw+Y5y/X1fy3AfRzNmOocn2/NgGzMwXpAQkaJ6Au5FsRsgR7C
+voGTlSMBWIsW1BVhdR8QcY3K+lDKJ/DMnej2Zo84WYQYn6/r1geFk0VmQWFUPZm
3LpGP9/8BQXsqwzdK2i4sR7xbFDPw2XUM9H4XXLZvpY9T3E//4uKMgGVFMj/kOnw
NacSSwhGT71cn2r+VFxOhPBtoZRx3Oinntnpt/aIf8EvF7yXNxyPRLow12WYb75Y
SDcVjRRrFuubJv0ZNGJiFl9nm+mfG4zmFnHT6gmFCGeIU2FMpOa7kgn1pZwwAKoP
5eBPUcmaIh1wSnnGnDyPIgRLjNeJT4x9
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:01 2024 by rpki-client on console-fra.rpki-client.org