Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2801BE74A4CC11EFA63D745A762E951A.roa
File: 2801BE74A4CC11EFA63D745A762E951A.roa (raw, json)
Hash identifier: zKE11LGiTc60Ghp0ux7wrHd3GJU0oKnHtNGt+Ce+GVw=
Subject key identifier: DA:65:02:AA:9E:8E:EB:64:A8:0A:DA:56:54:8E:0E:D5:CD:C1:73:CD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010E92
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2801BE74A4CC11EFA63D745A762E951A.roa
Signing time: Sun 17 Nov 2024 10:10:22 +0000
ROA not before: Sun 17 Nov 2024 10:10:19 +0000
ROA not after: Mon 25 Nov 2024 10:10:19 +0000
asID: 9009
IP address blocks: 154.194.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 08:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69266 (0x10e92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 17 10:10:19 2024 GMT
Not After : Nov 25 10:10:19 2024 GMT
Subject: CN=6739c10e-d867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:de:a0:ae:c9:d6:aa:2d:7a:da:4b:a6:9c:2e:
a9:42:a3:3c:db:8d:6d:fb:b9:a0:03:b5:36:18:be:
2d:6d:94:aa:6e:96:f0:ab:00:75:ac:d5:4c:fb:98:
cd:e5:ac:b7:31:b5:fc:1b:57:b3:45:14:dc:63:6f:
0a:c8:f0:00:44:05:19:cb:41:31:90:c1:2a:d8:6e:
76:96:78:ac:a0:90:25:24:41:08:8f:b3:e7:97:05:
ef:ec:4c:3f:44:81:68:c4:7f:b1:9f:e0:00:92:ec:
5e:c9:a4:48:12:e9:f8:34:74:8c:07:2c:87:6a:b2:
73:3f:2b:ad:4e:b6:20:a3:63:9a:41:08:54:90:65:
1a:50:b0:5e:ad:02:a7:d0:69:63:8d:7d:0a:32:9d:
49:0c:db:9c:f9:f5:b0:bc:9d:1d:30:a2:59:ff:c1:
ad:97:e7:07:ba:d3:d9:a5:7a:6a:e3:f8:07:d2:29:
59:d5:dc:7a:c4:0d:fd:99:72:5d:1b:d9:9a:e9:aa:
2a:7e:fe:d5:f9:2b:1b:64:c9:21:9c:05:54:86:7f:
97:df:82:29:e8:52:30:2d:a1:99:67:71:e3:2b:0b:
10:20:ab:2d:27:83:23:10:7f:95:94:6c:75:0c:67:
01:d3:25:c3:2b:61:1b:b5:92:28:78:e7:50:1d:4e:
03:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:65:02:AA:9E:8E:EB:64:A8:0A:DA:56:54:8E:0E:D5:CD:C1:73:CD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2801BE74A4CC11EFA63D745A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.10.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:38:b6:f1:9a:e9:45:9c:d0:56:f0:8b:d7:38:3d:dc:47:38:
5f:f7:15:e1:99:f6:c9:c5:0d:e7:0a:26:17:a0:7c:7b:85:9b:
3c:72:71:c5:d0:ca:df:3b:96:b8:27:0b:35:d6:76:86:66:71:
06:8e:3c:ff:65:e5:f1:4e:1f:d0:4c:dc:76:e6:c6:66:6c:de:
1d:36:bb:12:c1:82:c5:00:47:92:fe:0d:03:48:29:cf:d2:18:
a5:e8:2a:f6:e4:d0:3b:92:74:11:39:ea:9f:d0:cc:8d:63:9c:
b8:77:88:76:1d:66:46:15:32:55:9d:4a:89:10:7e:bc:55:08:
48:55:14:df:6d:3d:51:d3:66:23:c1:a9:7d:d9:f4:ad:39:49:
1e:7b:d4:ad:99:08:1f:23:0c:ae:82:8c:90:a7:f5:5c:a8:5a:
84:75:b2:10:b7:da:77:2b:63:59:95:99:ac:b2:f0:af:5b:3c:
bf:31:26:02:ec:10:41:0d:4b:59:7f:4f:59:76:ab:b3:72:75:
2b:02:b3:17:11:22:13:56:c3:0f:b6:a1:85:aa:ab:f2:95:c8:
05:35:f6:d6:b2:8e:3d:6b:ee:5a:50:c0:21:c2:e2:4b:ed:b9:
40:95:5e:45:45:af:1b:70:ff:0c:17:9f:6b:2e:7c:f2:62:ce:
e4:ca:67:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ6SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE3MTAxMDE5WhcNMjQxMTI1MTAxMDE5WjAYMRYw
FAYDVQQDEw02NzM5YzEwZS1kODY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0t6grsnWqi162kumnC6pQqM8241t+7mgA7U2GL4tbZSqbpbwqwB1rNVM
+5jN5ay3MbX8G1ezRRTcY28KyPAARAUZy0ExkMEq2G52lnisoJAlJEEIj7PnlwXv
7Ew/RIFoxH+xn+AAkuxeyaRIEun4NHSMByyHarJzPyutTrYgo2OaQQhUkGUaULBe
rQKn0GljjX0KMp1JDNuc+fWwvJ0dMKJZ/8Gtl+cHutPZpXpq4/gH0ilZ1dx6xA39
mXJdG9ma6aoqfv7V+SsbZMkhnAVUhn+X34Ip6FIwLaGZZ3HjKwsQIKstJ4MjEH+V
lGx1DGcB0yXDK2EbtZIoeOdQHU4DqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNpl
AqqejutkqAraVlSODtXNwXPNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yODAxQkU3NEE0Q0MxMUVGQTYzRDc0NUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIKMA0GCSqGSIb3DQEB
CwUAA4IBAQAuOLbxmulFnNBW8IvXOD3cRzhf9xXhmfbJxQ3nCiYXoHx7hZs8cnHF
0MrfO5a4Jws11naGZnEGjjz/ZeXxTh/QTNx25sZmbN4dNrsSwYLFAEeS/g0DSCnP
0hil6Cr25NA7knQROeqf0MyNY5y4d4h2HWZGFTJVnUqJEH68VQhIVRTfbT1R02Yj
wal92fStOUkee9StmQgfIwyugoyQp/VcqFqEdbIQt9p3K2NZlZmssvCvWzy/MSYC
7BBBDUtZf09ZdquzcnUrArMXESITVsMPtqGFqqvylcgFNfbWso49a+5aUMAhwuJL
7blAlV5FRa8bcP8MF59rLnzyYs7kymfE
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:40 2024 by rpki-client on console-fra.rpki-client.org