Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/284CD1509F7E11EFB1796644762E951A.roa
File: 284CD1509F7E11EFB1796644762E951A.roa (raw, json)
Hash identifier: cejPSZdj/mHrd9l7fj5yjzxQfq0oyBIX5GajFoWH+Es=
Subject key identifier: 85:10:2E:B7:D2:8A:89:FA:4B:B0:83:3B:6D:12:D0:51:5C:6D:1C:AC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010B12
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/284CD1509F7E11EFB1796644762E951A.roa
Signing time: Sun 10 Nov 2024 16:09:26 +0000
ROA not before: Sun 10 Nov 2024 16:09:23 +0000
ROA not after: Fri 17 Oct 2025 16:09:23 +0000
asID: 137443
IP address blocks: 154.205.6.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68370 (0x10b12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 10 16:09:23 2024 GMT
Not After : Oct 17 16:09:23 2025 GMT
Subject: CN=6730dab6-6226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:55:12:86:93:57:d9:f0:74:ca:b8:66:02:63:
4b:3c:13:11:4e:8d:c8:ef:02:46:6c:5f:ab:46:04:
74:6e:2d:37:c7:d9:fe:e0:4f:09:ec:74:30:00:fe:
88:06:35:9e:07:cd:07:1a:c1:69:90:e5:a1:a5:5a:
eb:ac:87:ee:ff:bb:52:23:c8:f8:b2:81:57:5c:c3:
81:11:8c:15:99:99:0d:c9:10:b5:62:c5:dd:03:72:
89:53:a6:92:d0:cc:99:c1:f2:e6:9b:ee:c1:57:f3:
ba:a9:ba:92:f4:0f:16:11:78:fe:8e:13:f2:b6:b6:
a1:89:f7:0f:2e:98:c6:f6:ac:35:a2:3c:4e:35:13:
a8:9e:1e:71:e7:18:3c:73:77:7a:97:58:b8:c3:c0:
14:d6:9c:da:25:b5:1e:1e:ff:df:2b:87:1e:d3:f1:
ea:ad:00:3e:75:cc:f6:ab:a9:2d:a9:13:63:f1:05:
ef:5a:6d:dd:c4:58:6d:77:3f:15:d7:e7:07:7b:7f:
14:0a:7b:d1:af:36:f8:67:27:a4:18:44:aa:74:a9:
a1:f1:ec:4a:bd:58:bb:41:63:95:a9:f7:0c:d0:36:
2c:8a:60:e2:ce:0f:d6:d8:1f:00:1f:61:44:59:c5:
68:df:b6:72:2d:19:3b:f0:54:4e:14:3b:a0:57:92:
ba:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:10:2E:B7:D2:8A:89:FA:4B:B0:83:3B:6D:12:D0:51:5C:6D:1C:AC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/284CD1509F7E11EFB1796644762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.6.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:cd:a6:94:50:ca:f9:31:25:d4:7a:00:7b:02:36:a9:7f:65:
84:c0:c4:5d:1d:5a:b0:c6:50:ed:37:b9:c5:a2:ce:e1:46:77:
81:a4:fc:ab:00:0d:15:4a:7d:61:b2:ba:e4:5f:ca:f4:f4:57:
e2:f8:7c:1b:58:82:a8:6c:02:de:73:05:a8:db:80:bc:ba:60:
65:ac:0f:9b:89:5d:77:82:46:af:cc:48:ca:13:22:fc:d5:0a:
74:15:67:bf:0c:df:85:9b:28:e6:17:31:b7:ce:0b:48:5d:96:
ac:a6:d9:df:57:26:09:21:60:bf:6f:e8:ee:5f:a1:07:6d:a3:
f2:b2:2c:a0:ac:fa:1c:37:c7:56:c1:ae:7c:27:df:68:a9:48:
e6:c9:0a:7f:81:2f:3e:64:59:25:51:3b:bc:63:6b:d4:5e:88:
7e:29:57:32:49:46:23:48:a4:8a:53:43:a7:38:00:02:59:ae:
9c:34:46:c1:19:60:5c:6b:1d:02:a3:dc:f6:62:3b:4d:00:3f:
1a:f4:31:e8:6f:7d:2c:95:94:2e:40:b9:38:a7:c5:8c:e3:cb:
33:b7:0d:12:9a:24:a6:d4:08:89:9c:be:c0:32:ef:6b:3b:df:
15:02:5a:00:17:0a:c9:a7:ff:cc:79:ef:3b:1a:f1:30:bb:c3:
68:3c:62:4c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQsSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTEwMTYwOTIzWhcNMjUxMDE3MTYwOTIzWjAYMRYw
FAYDVQQDEw02NzMwZGFiNi02MjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArVUShpNX2fB0yrhmAmNLPBMRTo3I7wJGbF+rRgR0bi03x9n+4E8J7HQw
AP6IBjWeB80HGsFpkOWhpVrrrIfu/7tSI8j4soFXXMOBEYwVmZkNyRC1YsXdA3KJ
U6aS0MyZwfLmm+7BV/O6qbqS9A8WEXj+jhPytrahifcPLpjG9qw1ojxONROonh5x
5xg8c3d6l1i4w8AU1pzaJbUeHv/fK4ce0/HqrQA+dcz2q6ktqRNj8QXvWm3dxFht
dz8V1+cHe38UCnvRrzb4ZyekGESqdKmh8exKvVi7QWOVqfcM0DYsimDizg/W2B8A
H2FEWcVo37ZyLRk78FROFDugV5K6nwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIUQ
LrfSion6S7CDO20S0FFcbRysMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yODRDRDE1MDlGN0UxMUVGQjE3OTY2NDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms0GMA0GCSqGSIb3DQEB
CwUAA4IBAQA7zaaUUMr5MSXUegB7Ajapf2WEwMRdHVqwxlDtN7nFos7hRneBpPyr
AA0VSn1hsrrkX8r09Ffi+HwbWIKobALecwWo24C8umBlrA+biV13gkavzEjKEyL8
1Qp0FWe/DN+FmyjmFzG3zgtIXZasptnfVyYJIWC/b+juX6EHbaPysiygrPocN8dW
wa58J99oqUjmyQp/gS8+ZFklUTu8Y2vUXoh+KVcySUYjSKSKU0OnOAACWa6cNEbB
GWBcax0Co9z2YjtNAD8a9DHob30slZQuQLk4p8WM48sztw0SmiSm1AiJnL7AMu9r
O98VAloAFwrJp//Mee87GvEwu8NoPGJM
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:57 2024 by rpki-client on console-ams.rpki-client.org