Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CF0BCAC8ACB11EFB97D8058762E951A.roa
File: 2CF0BCAC8ACB11EFB97D8058762E951A.roa (raw, json)
Hash identifier: 1z/ddpWnLkexOpQmkExKy4085qNcXuNutnjmQC4c4NM=
Subject key identifier: 01:70:AC:EB:81:C7:71:23:B0:FD:FC:14:99:99:41:5B:72:3E:36:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: FE30
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CF0BCAC8ACB11EFB97D8058762E951A.roa
Signing time: Tue 15 Oct 2024 07:57:51 +0000
ROA not before: Tue 15 Oct 2024 07:57:47 +0000
ROA not after: Fri 22 Nov 2024 07:57:47 +0000
asID: 18779
IP address blocks: 154.203.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Nov 2024 07:57:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65072 (0xfe30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 15 07:57:47 2024 GMT
Not After : Nov 22 07:57:47 2024 GMT
Subject: CN=670e207f-8f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1d:d3:83:c0:ee:b8:5d:d6:cf:31:88:f4:64:
ca:06:e1:04:aa:ff:2c:be:44:be:79:ce:45:6d:a0:
58:ff:02:ec:42:ea:1f:ec:c3:ae:9e:ec:d1:6c:3d:
eb:73:d5:7c:32:8c:27:47:ab:9f:df:4d:d4:74:ce:
7a:16:21:27:bb:d2:8c:d1:de:f4:04:51:f3:e7:1d:
00:77:ee:99:d8:fd:cd:d8:fb:4b:83:3e:90:d8:f2:
2a:21:45:ec:4c:54:b2:67:e9:1c:43:38:3b:ab:b1:
f8:e6:41:17:8a:31:0b:73:f0:37:41:34:7a:7d:27:
98:ae:5e:b6:7d:26:b3:e1:d0:bb:7d:b4:b6:d5:01:
51:c7:92:de:88:11:74:a8:87:cb:21:e5:fd:1e:17:
83:7b:b4:7f:05:64:0a:5c:8f:81:cd:a3:38:79:e3:
d9:67:79:1c:1a:92:19:5e:b1:80:06:f0:4b:23:73:
0f:57:0a:cf:c3:a0:c4:b3:69:0f:d5:75:53:3f:45:
a7:9b:73:10:e9:29:c4:c9:2f:cd:68:0b:34:e2:e3:
23:2e:19:f9:09:d3:45:b9:93:00:cf:0c:17:37:4a:
91:0d:36:bc:25:8a:e5:9d:7b:48:16:64:53:12:63:
00:ba:4a:9b:f7:0a:3e:59:9f:bb:b3:24:2a:f7:e8:
d7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:70:AC:EB:81:C7:71:23:B0:FD:FC:14:99:99:41:5B:72:3E:36:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2CF0BCAC8ACB11EFB97D8058762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.51.0/24
Signature Algorithm: sha256WithRSAEncryption
48:09:d4:16:8f:da:a2:86:22:ad:bb:d4:83:52:f6:ee:46:ff:
41:bf:a5:67:3d:31:59:3a:dd:49:aa:ec:ef:ba:7d:3c:13:96:
71:4b:86:8e:d4:3f:cd:d2:ec:dd:c1:80:f4:aa:2d:a3:b9:c6:
1d:a4:dd:e1:2c:1d:c9:4c:3f:50:fb:31:6f:8c:39:df:75:c6:
be:15:4d:bb:00:53:13:2f:3c:4b:55:a0:6b:e8:7c:6a:be:e9:
c4:df:55:be:d7:c3:9c:d4:fe:a7:12:f6:68:72:8f:01:93:71:
fb:4b:32:a8:04:9b:e9:99:41:a6:7a:8c:88:50:59:c0:86:2a:
28:0e:60:d5:74:5b:e8:5a:b3:73:34:6f:38:13:1a:64:7e:74:
71:de:0a:ed:07:cd:58:a3:91:74:19:3a:a7:72:60:32:17:d8:
9e:07:5a:74:ef:be:7a:40:c4:86:30:21:7d:b0:c7:2e:27:db:
9a:8c:0c:16:21:b3:8e:ff:31:71:9a:d3:a1:34:56:09:07:20:
a2:01:32:0f:d1:b5:66:c1:13:89:6a:cf:6d:dd:ed:74:e7:2b:
a8:9c:38:e4:09:c5:f3:18:58:32:57:43:75:92:ab:5a:27:1f:
31:2e:07:6d:c4:8d:83:6e:7a:f8:3b:9c:f3:b4:68:25:e5:0b:
09:66:bc:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAP4wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDE1MDc1NzQ3WhcNMjQxMTIyMDc1NzQ3WjAYMRYw
FAYDVQQDEw02NzBlMjA3Zi04Zjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwh3Tg8DuuF3WzzGI9GTKBuEEqv8svkS+ec5FbaBY/wLsQuof7MOunuzR
bD3rc9V8MownR6uf303UdM56FiEnu9KM0d70BFHz5x0Ad+6Z2P3N2PtLgz6Q2PIq
IUXsTFSyZ+kcQzg7q7H45kEXijELc/A3QTR6fSeYrl62fSaz4dC7fbS21QFRx5Le
iBF0qIfLIeX9HheDe7R/BWQKXI+BzaM4eePZZ3kcGpIZXrGABvBLI3MPVwrPw6DE
s2kP1XVTP0Wnm3MQ6SnEyS/NaAs04uMjLhn5CdNFuZMAzwwXN0qRDTa8JYrlnXtI
FmRTEmMAukqb9wo+WZ+7syQq9+jXIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAFw
rOuBx3EjsP38FJmZQVtyPjYAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yQ0YwQkNBQzhBQ0IxMUVGQjk3RDgwNTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsszMA0GCSqGSIb3DQEB
CwUAA4IBAQBICdQWj9qihiKtu9SDUvbuRv9Bv6VnPTFZOt1Jquzvun08E5ZxS4aO
1D/N0uzdwYD0qi2jucYdpN3hLB3JTD9Q+zFvjDnfdca+FU27AFMTLzxLVaBr6Hxq
vunE31W+18Oc1P6nEvZoco8Bk3H7SzKoBJvpmUGmeoyIUFnAhiooDmDVdFvoWrNz
NG84ExpkfnRx3grtB81Yo5F0GTqncmAyF9ieB1p07756QMSGMCF9sMcuJ9uajAwW
IbOO/zFxmtOhNFYJByCiATIP0bVmwROJas9t3e105yuonDjkCcXzGFgyV0N1kqta
Jx8xLgdtxI2Dbnr4O5zztGgl5QsJZrzu
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:34 2024 by rpki-client on console-ams.rpki-client.org