Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/294C3D6A9CE611EFB34F8F7A762E951A.roa
File: 294C3D6A9CE611EFB34F8F7A762E951A.roa (raw, json)
Hash identifier: GuhB7czXHc58a9D7mnlN0dSHtEBK3Vcg/YPZU1vYBXA=
Subject key identifier: 96:E6:47:02:44:E4:80:0E:51:EC:3B:BE:69:BD:0F:E4:99:32:06:17
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01092D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/294C3D6A9CE611EFB34F8F7A762E951A.roa
Signing time: Thu 07 Nov 2024 08:56:22 +0000
ROA not before: Thu 07 Nov 2024 08:56:18 +0000
ROA not after: Tue 07 Jan 2025 08:56:18 +0000
asID: 18004
IP address blocks: 154.85.80.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67885 (0x1092d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 08:56:18 2024 GMT
Not After : Jan 7 08:56:18 2025 GMT
Subject: CN=672c80b6-d345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:00:5f:6c:d9:be:f7:eb:8c:2f:a8:5d:87:4d:
1c:00:0e:8a:1a:22:ea:2c:b3:64:42:b0:92:0a:d1:
e2:69:21:26:d7:30:09:db:ac:ac:3d:7a:6e:7c:30:
05:d0:f7:3f:de:76:8d:1c:df:c5:8a:6f:57:70:3e:
e4:59:12:32:e7:ff:b6:1b:04:4c:13:5d:4c:ae:47:
3d:17:12:d6:e9:48:de:34:b5:22:b7:d3:10:58:e8:
c1:36:a1:d5:16:10:42:ff:f6:3e:28:37:66:36:e8:
29:69:f1:16:fe:26:3f:6c:78:87:9a:e3:16:d5:98:
7b:81:75:c9:13:f6:97:e9:0f:c4:90:73:ac:6b:26:
dd:c4:92:57:dd:5a:6b:4e:21:c9:f5:de:ed:b4:b7:
67:cd:16:df:fe:39:2c:9f:a6:37:7a:36:b1:f2:c0:
34:b6:78:39:58:ab:b4:23:3f:2c:69:ba:60:03:5c:
f4:29:95:48:3e:8c:29:fc:bd:5f:2e:ac:26:b3:54:
14:fa:58:6d:72:5e:f8:f3:a3:a1:36:f3:23:29:16:
72:60:ce:94:6c:bf:ce:ee:4d:8a:d8:e0:d8:e9:57:
62:f9:d0:eb:bd:e2:90:e1:1f:1f:0d:d1:22:36:26:
94:f4:16:49:bd:75:d2:9b:70:19:55:49:f0:c2:2b:
83:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E6:47:02:44:E4:80:0E:51:EC:3B:BE:69:BD:0F:E4:99:32:06:17
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/294C3D6A9CE611EFB34F8F7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.80.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:25:f6:e4:b9:49:7b:4f:34:dd:0c:7e:d4:a6:15:55:13:2e:
f5:15:7a:29:03:e1:a9:a8:e1:df:2f:54:40:d1:03:05:0b:dd:
c2:a3:4d:77:f4:7d:1e:f2:b8:02:3c:a1:fa:e9:70:9a:a6:a1:
44:50:41:d5:23:db:de:44:7f:fa:43:c8:91:a8:fe:9e:76:d4:
57:54:9c:02:ef:11:26:39:50:57:55:71:06:4d:2a:3c:66:25:
49:93:16:aa:d7:37:69:38:f2:96:a4:6a:e0:ca:40:5d:11:0c:
d0:bd:07:4e:68:0a:42:2f:69:a1:9f:41:bd:4c:3e:8e:6f:f6:
32:58:b9:c9:77:9d:04:b8:b7:88:73:d9:fa:52:c8:92:c1:08:
ed:c5:a1:3c:dd:0c:9f:0a:90:aa:d8:42:7d:dd:4a:e8:ed:a6:
be:3a:33:af:87:ac:d8:bd:a8:49:55:db:4e:5f:be:5b:26:dd:
68:96:63:ea:4b:72:b2:5e:60:9c:40:48:42:07:9d:90:99:50:
05:cf:87:c3:0d:f1:80:df:64:11:9a:8f:a6:f9:b5:98:72:73:
96:96:55:a6:96:8b:29:03:b2:f4:77:ed:84:d4:7c:93:17:3c:
3d:65:8e:db:56:3a:6c:cf:9a:dc:fb:54:72:f0:d3:85:1f:13:
d6:2d:9d:31
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQktMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MDg1NjE4WhcNMjUwMTA3MDg1NjE4WjAYMRYw
FAYDVQQDEw02NzJjODBiNi1kMzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAugBfbNm+9+uML6hdh00cAA6KGiLqLLNkQrCSCtHiaSEm1zAJ26ysPXpu
fDAF0Pc/3naNHN/Fim9XcD7kWRIy5/+2GwRME11Mrkc9FxLW6UjeNLUit9MQWOjB
NqHVFhBC//Y+KDdmNugpafEW/iY/bHiHmuMW1Zh7gXXJE/aX6Q/EkHOsaybdxJJX
3VprTiHJ9d7ttLdnzRbf/jksn6Y3ejax8sA0tng5WKu0Iz8sabpgA1z0KZVIPowp
/L1fLqwms1QU+lhtcl7486OhNvMjKRZyYM6UbL/O7k2K2ODY6Vdi+dDrveKQ4R8f
DdEiNiaU9BZJvXXSm3AZVUnwwiuDEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJbm
RwJE5IAOUew7vmm9D+SZMgYXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTRDM0Q2QTlDRTYxMUVGQjM0RjhGN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlVQMA0GCSqGSIb3DQEB
CwUAA4IBAQC1JfbkuUl7TzTdDH7UphVVEy71FXopA+GpqOHfL1RA0QMFC93Co013
9H0e8rgCPKH66XCapqFEUEHVI9veRH/6Q8iRqP6edtRXVJwC7xEmOVBXVXEGTSo8
ZiVJkxaq1zdpOPKWpGrgykBdEQzQvQdOaApCL2mhn0G9TD6Ob/YyWLnJd50EuLeI
c9n6UsiSwQjtxaE83QyfCpCq2EJ93Uro7aa+OjOvh6zYvahJVdtOX75bJt1olmPq
S3KyXmCcQEhCB52QmVAFz4fDDfGA32QRmo+m+bWYcnOWllWmlospA7L0d+2E1HyT
Fzw9ZY7bVjpsz5rc+1Ry8NOFHxPWLZ0x
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:02 2024 by rpki-client on console-fra.rpki-client.org