Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29EC028A8F8C11EFABD2354B762E951A.roa
File: 29EC028A8F8C11EFABD2354B762E951A.roa (raw, json)
Hash identifier: bHKYNNrIFwnetLgWFZLIP/lgiRvF4sHCKi4OKp0ogE8=
Subject key identifier: AC:74:25:C3:12:C4:08:AA:02:35:12:B4:E8:40:A4:46:98:FD:18:BD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01003E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29EC028A8F8C11EFABD2354B762E951A.roa
Signing time: Mon 21 Oct 2024 09:09:23 +0000
ROA not before: Mon 21 Oct 2024 09:09:20 +0000
ROA not after: Tue 26 Nov 2024 09:09:20 +0000
asID: 62240
IP address blocks: 154.194.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 09:09:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65598 (0x1003e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 21 09:09:20 2024 GMT
Not After : Nov 26 09:09:20 2024 GMT
Subject: CN=67161a43-c4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:48:f8:19:7a:72:7b:d7:44:c1:1b:73:d4:68:
e3:40:d0:56:53:5e:17:ec:85:72:b4:02:2d:3a:c5:
e3:b6:4b:a9:1e:87:93:fb:9a:58:2b:98:09:66:07:
ba:09:a6:86:97:f8:82:43:2e:3c:06:d4:56:7a:06:
bc:52:9e:cf:a2:c4:28:48:6a:d2:01:f3:14:d2:df:
c1:b9:dd:66:a4:51:6a:72:38:03:e1:d1:8d:f6:20:
c9:19:0d:c6:7c:17:49:ae:11:86:a7:da:96:58:9f:
c2:d1:72:fd:6d:bb:bb:40:a5:17:5e:27:5e:b3:f7:
d3:96:78:8a:5d:37:37:93:b2:17:fc:8c:57:48:e7:
ea:ef:d3:1a:eb:82:29:ee:2d:ae:c8:84:23:d9:5a:
20:30:a4:d6:a9:7a:98:07:53:ac:f9:12:de:9c:fd:
27:49:90:8e:02:55:b0:8f:84:89:17:ab:95:f7:69:
eb:e6:a3:01:dd:51:68:86:81:23:c5:81:5f:aa:cd:
ad:55:38:7a:da:a8:3c:78:e6:1a:54:7a:b5:41:b4:
c0:2b:bb:6d:d8:d1:eb:3a:70:10:c9:27:cf:0e:df:
80:e0:19:5d:64:3d:9a:5c:9f:49:e3:75:0d:0f:7b:
79:1f:79:b4:fa:92:19:25:03:e3:78:dc:8f:fb:31:
2f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:74:25:C3:12:C4:08:AA:02:35:12:B4:E8:40:A4:46:98:FD:18:BD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/29EC028A8F8C11EFABD2354B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.38.0/24
Signature Algorithm: sha256WithRSAEncryption
01:43:e4:5a:1f:cb:be:48:ff:6b:57:d0:4f:17:19:14:62:9c:
82:fd:a2:bf:10:26:cc:7a:db:9f:e2:36:e1:47:6b:3f:17:b3:
f3:87:5e:2a:06:f1:66:3f:de:b0:06:30:97:4d:2f:13:de:86:
4b:b8:f2:be:0d:05:4c:00:8a:82:9c:08:a8:9f:2c:75:da:69:
ab:66:fc:e5:9e:36:f5:5e:d7:d4:1a:e0:ee:be:02:49:80:13:
53:b8:70:7c:ee:9d:e4:d2:cb:2b:94:a0:13:86:9b:51:73:28:
ac:fb:48:8c:4b:3c:66:e6:c6:5f:51:db:bd:76:59:36:10:02:
be:b5:24:47:f1:dd:38:19:28:49:d1:eb:37:b7:cb:9c:57:dd:
5d:0a:f1:95:36:ff:79:53:08:8c:d4:50:7f:01:19:7a:34:6c:
0a:19:86:78:31:80:7e:29:87:15:be:ad:ac:c4:d2:f7:07:e5:
a4:60:07:71:1a:ae:b3:81:71:32:34:a7:91:ff:3e:fc:4f:ff:
c2:d9:41:a6:88:03:5d:51:1a:d0:6f:71:80:4c:e5:13:17:7f:
dd:21:57:65:a6:41:01:9d:84:a5:97:08:44:43:e2:9b:37:30:
72:b5:bb:4a:f0:85:57:82:9f:25:71:d7:9a:a6:55:ef:e6:9a:
28:28:89:e5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQA+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDIxMDkwOTIwWhcNMjQxMTI2MDkwOTIwWjAYMRYw
FAYDVQQDEw02NzE2MWE0My1jNGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3kj4GXpye9dEwRtz1GjjQNBWU14X7IVytAItOsXjtkupHoeT+5pYK5gJ
Zge6CaaGl/iCQy48BtRWega8Up7PosQoSGrSAfMU0t/Bud1mpFFqcjgD4dGN9iDJ
GQ3GfBdJrhGGp9qWWJ/C0XL9bbu7QKUXXides/fTlniKXTc3k7IX/IxXSOfq79Ma
64Ip7i2uyIQj2VogMKTWqXqYB1Os+RLenP0nSZCOAlWwj4SJF6uV92nr5qMB3VFo
hoEjxYFfqs2tVTh62qg8eOYaVHq1QbTAK7tt2NHrOnAQySfPDt+A4BldZD2aXJ9J
43UND3t5H3m0+pIZJQPjeNyP+zEvVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKx0
JcMSxAiqAjUStOhApEaY/Ri9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOUVDMDI4QThGOEMxMUVGQUJEMjM1NEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsImMA0GCSqGSIb3DQEB
CwUAA4IBAQABQ+RaH8u+SP9rV9BPFxkUYpyC/aK/ECbMetuf4jbhR2s/F7Pzh14q
BvFmP96wBjCXTS8T3oZLuPK+DQVMAIqCnAionyx12mmrZvzlnjb1XtfUGuDuvgJJ
gBNTuHB87p3k0ssrlKAThptRcyis+0iMSzxm5sZfUdu9dlk2EAK+tSRH8d04GShJ
0es3t8ucV91dCvGVNv95UwiM1FB/ARl6NGwKGYZ4MYB+KYcVvq2sxNL3B+WkYAdx
Gq6zgXEyNKeR/z78T//C2UGmiANdURrQb3GATOUTF3/dIVdlpkEBnYSllwhEQ+Kb
NzBytbtK8IVXgp8lcdeaplXv5pooKInl
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:29 2024 by rpki-client on console-ams.rpki-client.org