Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A98DFA42E1711EF8C62DDAB762E951A.roa
File: 2A98DFA42E1711EF8C62DDAB762E951A.roa (raw, json)
Hash identifier: BcLxyRPZ28Yg2GEB4/Kfaa+6wtJuyqFKPu/Z+RXUAPs=
Subject key identifier: 71:16:AA:E0:8C:25:51:E9:96:9A:DF:0E:5C:7C:5E:9F:38:7B:E4:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C4AD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A98DFA42E1711EF8C62DDAB762E951A.roa
Signing time: Wed 19 Jun 2024 08:37:31 +0000
ROA not before: Wed 19 Jun 2024 08:37:27 +0000
ROA not after: Mon 26 May 2025 08:37:27 +0000
asID: 141109
IP address blocks: 154.209.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50349 (0xc4ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 19 08:37:27 2024 GMT
Not After : May 26 08:37:27 2025 GMT
Subject: CN=667298ca-dfd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:49:6b:dc:8d:c5:28:73:27:29:2d:bf:e0:d4:
86:5e:97:71:2a:0c:a0:5c:cc:9e:ed:9c:cf:8f:d5:
b8:64:0c:f4:0f:b3:86:2c:9b:d4:a2:61:9e:68:b0:
1a:4c:11:16:88:02:6a:d1:d5:e3:e8:77:2a:88:00:
ac:e4:9c:26:4c:af:52:5d:13:c0:51:f5:3d:23:45:
33:41:18:83:00:d6:c9:84:7b:47:de:d5:a9:8a:07:
ee:d8:8a:8b:81:b2:49:d9:0a:4d:78:1d:44:03:08:
dc:e4:9f:22:76:5e:85:a1:a6:e2:43:ab:a6:66:2e:
ff:81:4b:7c:e5:92:fb:21:b9:f2:c4:00:28:4d:25:
5d:3f:75:4f:b7:c0:e6:e9:15:1b:7c:97:71:f0:6a:
fe:54:51:0f:99:8f:58:d9:c8:2d:73:e7:15:eb:f2:
52:dc:e3:1d:f3:ae:a5:a4:23:8d:e1:7c:ef:05:48:
22:60:8e:0a:f8:ac:9a:35:44:3c:23:04:f7:83:2f:
f3:bd:11:4a:20:53:3c:bf:ee:c9:15:25:f4:1c:f9:
a0:f7:98:9e:97:6a:1d:02:9e:bc:47:41:54:31:8b:
74:9b:01:a5:44:16:c2:59:10:d3:13:97:db:69:02:
4a:f4:5e:8c:4f:a7:bc:a7:e1:e6:65:90:57:82:a6:
0e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:16:AA:E0:8C:25:51:E9:96:9A:DF:0E:5C:7C:5E:9F:38:7B:E4:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2A98DFA42E1711EF8C62DDAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.93.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:f5:c1:4b:dc:00:d3:ce:0d:a1:90:e1:2b:33:b9:90:55:0d:
88:9c:0d:b9:5f:96:db:c2:72:2d:87:01:46:92:ae:10:b3:2b:
7d:b7:c3:ef:89:42:9a:b6:3e:a0:04:e7:f4:06:9b:66:39:bf:
1d:a2:c9:41:92:6a:49:89:15:b9:81:a5:78:2b:85:60:d1:d3:
37:36:72:06:c6:e9:00:83:59:db:97:eb:c6:55:d6:a5:08:47:
bf:4b:02:6c:02:20:2f:35:1a:56:00:80:a2:c6:2f:59:5b:bf:
ee:47:37:49:74:da:69:76:25:1b:88:34:e2:6c:49:48:26:c9:
21:c7:e0:e1:0b:75:2c:75:38:3f:e4:33:a7:9a:f3:5c:a1:73:
f0:c9:55:bd:29:11:d4:72:5d:fc:e0:cb:9f:df:2b:bf:45:57:
ac:d6:07:60:a4:e3:11:77:3e:90:b7:2c:bd:28:17:da:a2:06:
a3:7b:87:cf:57:14:1f:ba:79:25:34:f7:ab:15:3c:80:4c:d9:
3b:4e:9f:5d:16:82:07:82:81:87:b0:0d:c5:ec:63:16:30:d7:
cc:98:47:41:98:e1:27:7f:14:6c:1e:1c:61:ee:96:fb:b3:c3:
59:c7:58:bc:7d:27:ed:74:14:44:60:3c:f7:89:76:07:b9:ca:
ef:c7:e4:62
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMStMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjE5MDgzNzI3WhcNMjUwNTI2MDgzNzI3WjAYMRYw
FAYDVQQDEw02NjcyOThjYS1kZmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArUlr3I3FKHMnKS2/4NSGXpdxKgygXMye7ZzPj9W4ZAz0D7OGLJvUomGe
aLAaTBEWiAJq0dXj6HcqiACs5JwmTK9SXRPAUfU9I0UzQRiDANbJhHtH3tWpigfu
2IqLgbJJ2QpNeB1EAwjc5J8idl6FoabiQ6umZi7/gUt85ZL7IbnyxAAoTSVdP3VP
t8Dm6RUbfJdx8Gr+VFEPmY9Y2cgtc+cV6/JS3OMd866lpCON4XzvBUgiYI4K+Kya
NUQ8IwT3gy/zvRFKIFM8v+7JFSX0HPmg95iel2odAp68R0FUMYt0mwGlRBbCWRDT
E5fbaQJK9F6MT6e8p+HmZZBXgqYO+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHEW
quCMJVHplprfDlx8Xp84e+S7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQTk4REZBNDJFMTcxMUVGOEM2MkREQUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtFdMA0GCSqGSIb3DQEB
CwUAA4IBAQCx9cFL3ADTzg2hkOErM7mQVQ2InA25X5bbwnIthwFGkq4Qsyt9t8Pv
iUKatj6gBOf0BptmOb8doslBkmpJiRW5gaV4K4Vg0dM3NnIGxukAg1nbl+vGVdal
CEe/SwJsAiAvNRpWAICixi9ZW7/uRzdJdNppdiUbiDTibElIJskhx+DhC3UsdTg/
5DOnmvNcoXPwyVW9KRHUcl384Muf3yu/RVes1gdgpOMRdz6Qtyy9KBfaogaje4fP
VxQfunklNPerFTyATNk7Tp9dFoIHgoGHsA3F7GMWMNfMmEdBmOEnfxRsHhxh7pb7
s8NZx1i8fSftdBREYDz3iXYHucrvx+Ri
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:01 2024 by rpki-client on console-ams.rpki-client.org