Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CEF14DC767711EF8D6C4DB3762E951A.roa
File: 2CEF14DC767711EF8D6C4DB3762E951A.roa (raw, json)
Hash identifier: k5tH1WPcZAI/pa+/zok6McsTvviqrD0Hzzd6LlUX2lc=
Subject key identifier: DE:31:A4:75:22:E5:88:19:B8:C4:70:02:DB:CA:E3:D0:48:A7:12:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: F075
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CEF14DC767711EF8D6C4DB3762E951A.roa
Signing time: Thu 19 Sep 2024 11:06:10 +0000
ROA not before: Thu 19 Sep 2024 11:06:07 +0000
ROA not after: Fri 08 Aug 2025 11:06:07 +0000
asID: 133861
IP address blocks: 154.204.60.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61557 (0xf075)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 19 11:06:07 2024 GMT
Not After : Aug 8 11:06:07 2025 GMT
Subject: CN=66ec05a2-def4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:16:c9:14:75:59:bb:ed:98:c3:ae:56:42:cf:
3f:fd:ca:97:51:95:4d:4e:ce:5f:4d:55:9a:46:65:
81:a0:37:d5:e1:c1:4f:7a:b6:ba:28:81:3a:8d:2b:
ea:7e:1a:6d:f6:68:d6:c9:a1:fd:b4:2f:37:26:1b:
51:86:aa:0e:6c:7d:24:6c:cd:c7:95:9d:c6:16:87:
20:2a:81:ad:66:39:17:6a:92:e6:8d:24:9f:ad:26:
05:d0:80:82:b9:fc:40:af:a8:0c:e6:87:00:1d:8d:
67:5b:24:51:a8:63:6d:ff:f8:97:c9:ee:e3:a3:6c:
1b:6e:9c:a2:4e:ff:7a:47:12:d4:3b:aa:f3:b3:a9:
32:98:da:57:8e:9b:eb:8b:77:e7:09:3e:83:f8:a1:
2c:65:c6:80:4a:a9:9d:60:d6:c2:8d:df:14:8f:22:
b3:2b:f3:a7:8b:76:64:51:f6:df:82:f0:28:2f:06:
27:c0:77:79:a9:ef:3c:60:e8:d8:6c:92:f4:28:79:
e0:7d:74:ec:03:f0:54:02:e1:c4:71:db:97:55:88:
f2:47:63:bb:29:c1:a0:64:f3:ae:0b:c9:2c:7f:2d:
a9:34:5b:fd:ad:33:72:b0:a6:34:09:ff:6e:db:79:
b7:da:69:54:35:14:f6:60:44:9b:da:96:cc:d8:1a:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:31:A4:75:22:E5:88:19:B8:C4:70:02:DB:CA:E3:D0:48:A7:12:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CEF14DC767711EF8D6C4DB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.204.60.0/23
Signature Algorithm: sha256WithRSAEncryption
99:48:15:55:46:37:b1:16:88:8a:2f:44:6f:62:71:fd:9e:77:
4c:80:2d:42:2c:ea:dd:6b:87:07:e6:b1:41:7b:65:41:67:bd:
1a:b8:2d:45:57:c3:65:f5:af:c3:d4:99:bf:81:70:4a:6a:a3:
cd:91:ca:20:cf:6e:d9:87:9e:17:ad:42:f8:78:65:15:51:d4:
fe:6f:17:f1:3e:c4:d2:94:8f:28:c1:15:57:6d:45:c5:e1:4f:
48:e9:b7:9d:c6:80:54:be:b3:f4:4e:59:36:18:d8:61:c0:1d:
99:1b:c5:8b:1b:46:7f:07:b7:3a:32:a3:70:5f:3a:40:82:27:
97:60:62:41:ef:d7:f4:9e:19:64:c3:50:bd:b2:c7:ef:4d:72:
a1:91:cc:f7:44:ca:c7:8d:ec:c5:fd:01:23:a0:af:a5:39:90:
0f:1f:75:57:d8:36:0f:98:b7:31:dd:7e:ed:67:7b:6a:b4:26:
93:4d:08:04:33:3b:91:f2:b6:ea:77:64:d9:c4:ca:3a:75:1a:
d7:8f:ee:b9:77:d0:fb:c7:7d:77:b1:18:95:e8:a8:99:1f:96:
29:86:52:25:2c:8e:8e:34:0a:dd:cf:99:7a:fd:1b:c9:4b:9f:
3a:51:32:0e:54:95:ab:a8:83:e9:e7:8d:7f:3d:90:99:af:70:
6f:7f:a9:d6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAPB1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTE5MTEwNjA3WhcNMjUwODA4MTEwNjA3WjAYMRYw
FAYDVQQDEw02NmVjMDVhMi1kZWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvxbJFHVZu+2Yw65WQs8//cqXUZVNTs5fTVWaRmWBoDfV4cFPera6KIE6
jSvqfhpt9mjWyaH9tC83JhtRhqoObH0kbM3HlZ3GFocgKoGtZjkXapLmjSSfrSYF
0ICCufxAr6gM5ocAHY1nWyRRqGNt//iXye7jo2wbbpyiTv96RxLUO6rzs6kymNpX
jpvri3fnCT6D+KEsZcaASqmdYNbCjd8UjyKzK/Oni3ZkUfbfgvAoLwYnwHd5qe88
YOjYbJL0KHngfXTsA/BUAuHEcduXVYjyR2O7KcGgZPOuC8ksfy2pNFv9rTNysKY0
Cf9u23m32mlUNRT2YESb2pbM2BpHmwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN4x
pHUi5YgZuMRwAtvK49BIpxK8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0VGMTREQzc2NzcxMUVGOEQ2QzREQjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsw8MA0GCSqGSIb3DQEB
CwUAA4IBAQCZSBVVRjexFoiKL0RvYnH9nndMgC1CLOrda4cH5rFBe2VBZ70auC1F
V8Nl9a/D1Jm/gXBKaqPNkcogz27Zh54XrUL4eGUVUdT+bxfxPsTSlI8owRVXbUXF
4U9I6bedxoBUvrP0Tlk2GNhhwB2ZG8WLG0Z/B7c6MqNwXzpAgieXYGJB79f0nhlk
w1C9ssfvTXKhkcz3RMrHjezF/QEjoK+lOZAPH3VX2DYPmLcx3X7tZ3tqtCaTTQgE
MzuR8rbqd2TZxMo6dRrXj+65d9D7x313sRiV6KiZH5YphlIlLI6ONArdz5l6/RvJ
S586UTIOVJWrqIPp541/PZCZr3Bvf6nW
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:58 2024 by rpki-client on console-ams.rpki-client.org