Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C289A309C0311EF8EC0E663762E951A.roa
File: 2C289A309C0311EF8EC0E663762E951A.roa (raw, json)
Hash identifier: LvjO3S7uO3ojadeWJ2TJCrno/pjBiy4hV5/YP5u39Nk=
Subject key identifier: 2C:C9:C6:A6:26:6B:DD:3A:8C:3B:66:D9:46:73:93:89:5A:08:2A:C1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010846
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C289A309C0311EF8EC0E663762E951A.roa
Signing time: Wed 06 Nov 2024 05:51:31 +0000
ROA not before: Wed 06 Nov 2024 05:51:27 +0000
ROA not after: Sat 08 Nov 2025 05:51:27 +0000
asID: 214156
IP address blocks: 154.86.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67654 (0x10846)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 6 05:51:27 2024 GMT
Not After : Nov 8 05:51:27 2025 GMT
Subject: CN=672b03e3-a0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d1:b9:3a:94:a1:be:06:e8:17:c9:f2:f2:c8:
27:09:ac:16:7e:48:48:38:7c:39:1e:8f:dc:c8:29:
93:d5:dd:07:f2:e6:52:00:20:42:cc:4d:f3:21:99:
50:73:cf:be:a6:c4:ae:b4:c1:db:7b:f8:5c:cd:7f:
1e:2c:e5:36:cf:4b:35:2b:a2:bc:0f:ad:90:12:ba:
4e:2b:c4:53:db:39:c8:44:c2:9e:af:54:7d:fd:f0:
d4:69:57:71:0b:16:2a:82:6c:a0:43:12:77:af:3a:
86:20:56:40:11:6a:26:94:cc:5c:13:18:38:c7:aa:
b8:49:38:9f:bc:57:a6:70:bb:8f:6b:9f:db:e9:d8:
38:50:da:73:66:bb:e7:8a:6f:98:e8:a4:ce:22:fb:
0a:1a:d4:b3:51:6a:b5:b2:68:44:c9:75:0f:c2:65:
64:42:3c:48:1c:7b:68:44:86:8c:c6:e2:bd:88:b9:
39:f8:a5:fd:e4:d6:61:18:51:1d:b7:a2:2a:ec:eb:
59:de:5d:62:d7:c9:e4:6f:f6:ea:9a:89:cf:fa:9b:
1d:e0:4d:dd:bb:e5:86:c9:ba:3f:f9:27:01:1e:86:
7e:74:15:7e:fb:da:7e:71:10:5d:71:36:34:cd:0b:
f1:78:24:52:d1:4b:cc:8f:fa:60:e7:ae:84:ab:42:
6b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C9:C6:A6:26:6B:DD:3A:8C:3B:66:D9:46:73:93:89:5A:08:2A:C1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2C289A309C0311EF8EC0E663762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.1.0/24
Signature Algorithm: sha256WithRSAEncryption
24:a8:ed:33:40:c2:67:b6:f2:3b:89:ea:50:41:41:a1:2d:00:
aa:24:fb:8d:80:ec:1b:6f:c6:a4:ac:2c:4c:b2:56:aa:5d:bf:
ae:c7:be:85:15:fe:71:49:25:c6:31:56:34:43:77:a1:99:f9:
f6:90:4e:c0:aa:3d:0c:e1:13:8b:b0:7d:cd:24:97:af:5b:ab:
c3:69:c1:b8:69:c0:06:5b:5d:7c:57:44:52:47:1d:2f:18:6c:
02:ca:d6:46:4f:4f:67:af:a0:a2:58:4c:bc:b1:6e:88:c3:88:
2c:11:fa:f0:be:c3:07:99:b5:fb:af:8d:a0:af:10:f8:7e:3b:
81:0d:2d:dc:e9:93:7c:07:8d:48:9e:46:a0:8b:ea:67:09:be:
21:6c:9b:2a:a6:84:f2:61:4e:51:ea:1a:fd:68:87:1b:59:16:
aa:91:0a:8c:eb:a6:60:02:8c:21:d3:1b:49:b2:99:c8:23:bc:
b7:90:cd:00:62:4c:ea:d7:19:f7:13:09:ac:cd:3c:1b:b9:fa:
1b:3a:60:f4:e2:fe:08:2d:8b:90:fe:3d:7b:63:38:1d:28:20:
2d:a7:d2:f0:01:e1:0f:61:32:41:fe:de:4c:80:27:20:a3:94:
16:f5:c7:f4:3b:fd:bb:40:c7:78:3d:0d:9b:33:32:6a:5e:45:
60:e1:d9:b6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQhGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA2MDU1MTI3WhcNMjUxMTA4MDU1MTI3WjAYMRYw
FAYDVQQDEw02NzJiMDNlMy1hMGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmNG5OpShvgboF8ny8sgnCawWfkhIOHw5Ho/cyCmT1d0H8uZSACBCzE3z
IZlQc8++psSutMHbe/hczX8eLOU2z0s1K6K8D62QErpOK8RT2znIRMKer1R9/fDU
aVdxCxYqgmygQxJ3rzqGIFZAEWomlMxcExg4x6q4STifvFemcLuPa5/b6dg4UNpz
Zrvnim+Y6KTOIvsKGtSzUWq1smhEyXUPwmVkQjxIHHtoRIaMxuK9iLk5+KX95NZh
GFEdt6Iq7OtZ3l1i18nkb/bqmonP+psd4E3du+WGybo/+ScBHoZ+dBV++9p+cRBd
cTY0zQvxeCRS0UvMj/pg566Eq0JraQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCzJ
xqYma906jDtm2UZzk4laCCrBMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQzI4OUEzMDlDMDMxMUVGOEVDMEU2NjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlYBMA0GCSqGSIb3DQEB
CwUAA4IBAQAkqO0zQMJntvI7iepQQUGhLQCqJPuNgOwbb8akrCxMslaqXb+ux76F
Ff5xSSXGMVY0Q3ehmfn2kE7Aqj0M4ROLsH3NJJevW6vDacG4acAGW118V0RSRx0v
GGwCytZGT09nr6CiWEy8sW6Iw4gsEfrwvsMHmbX7r42grxD4fjuBDS3c6ZN8B41I
nkagi+pnCb4hbJsqpoTyYU5R6hr9aIcbWRaqkQqM66ZgAowh0xtJspnII7y3kM0A
Ykzq1xn3EwmszTwbufobOmD04v4ILYuQ/j17YzgdKCAtp9LwAeEPYTJB/t5MgCcg
o5QW9cf0O/27QMd4PQ2bMzJqXkVg4dm2
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:25 2024 by rpki-client on console-fra.rpki-client.org