Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DA9887296B511EF9F91F165762E951A.roa
File: 2DA9887296B511EF9F91F165762E951A.roa (raw, json)
Hash identifier: FAXNws5NZsZyHBLXQHCFU2UCERCFf+UWGupmcAJZnv0=
Subject key identifier: 7E:35:C7:CF:43:75:75:15:2D:45:DB:61:63:75:B1:B4:C5:09:32:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01041D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DA9887296B511EF9F91F165762E951A.roa
Signing time: Wed 30 Oct 2024 11:50:37 +0000
ROA not before: Wed 30 Oct 2024 11:50:33 +0000
ROA not after: Wed 11 Dec 2024 11:50:33 +0000
asID: 138915
IP address blocks: 154.203.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66589 (0x1041d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 30 11:50:33 2024 GMT
Not After : Dec 11 11:50:33 2024 GMT
Subject: CN=67221d8d-f439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:83:fd:db:9f:11:92:8e:9f:9f:46:2c:e9:69:
6e:4e:e8:60:de:39:d2:e7:3a:1d:78:bc:7d:95:36:
18:e4:8c:d9:6b:a3:49:57:0f:e0:1b:e7:7e:2c:9c:
a0:ab:dc:77:57:3c:60:ec:e1:45:4c:08:91:1b:33:
e8:eb:45:59:98:66:4d:ab:11:30:79:83:14:85:11:
b3:a0:b4:ce:9a:3d:31:26:7d:dc:27:52:03:ab:04:
a0:cf:39:26:fa:a6:49:a0:02:52:14:3c:f9:41:f0:
e0:4e:3b:e8:80:2b:f6:9b:3d:eb:5c:18:c9:c2:f8:
19:72:f5:d5:e9:df:bc:80:76:d4:e7:56:74:9f:63:
8e:0e:5e:db:b7:6b:55:a9:3e:ee:06:d5:8e:8e:90:
17:4c:63:7a:b6:b6:c7:77:2c:04:6d:1c:06:11:f3:
af:7f:ff:96:80:d0:f9:77:f0:09:fd:0b:23:43:1a:
d0:da:95:57:db:45:96:e4:41:ad:d3:9b:cb:03:0f:
38:67:ed:f2:be:b0:5a:79:62:b6:1e:df:92:8c:e7:
a7:ee:f7:0c:a3:c3:b2:e4:83:b5:93:2a:42:99:6b:
76:14:7f:39:40:d7:d5:ca:ec:c6:af:33:85:f9:ba:
f5:da:3f:92:28:89:8e:7d:8b:35:2e:ac:92:84:49:
6b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:35:C7:CF:43:75:75:15:2D:45:DB:61:63:75:B1:B4:C5:09:32:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2DA9887296B511EF9F91F165762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.142.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:56:9e:13:14:a5:42:0f:8d:e6:a8:2d:7d:18:10:01:57:d9:
24:66:41:5e:de:93:bc:f7:92:24:98:54:5c:a3:a3:6c:80:96:
f3:9b:76:d1:5e:44:da:5c:50:0d:d8:79:16:e0:78:e8:d4:89:
96:96:6b:71:d4:4d:48:12:1b:87:e1:bd:c1:17:8f:93:e0:b4:
04:e2:a2:d9:82:fa:eb:37:27:8f:d4:2b:c6:67:22:0a:77:dd:
88:aa:dd:39:dd:f5:34:a6:a4:03:37:b4:13:c9:33:09:bd:7d:
95:e3:d7:5d:30:68:ff:37:d4:89:b3:71:d5:bf:d5:15:02:35:
2c:7a:c9:21:ff:9e:d2:fe:4c:ff:47:8e:35:6d:bd:22:34:df:
9d:f0:49:4f:41:85:73:14:db:88:03:56:fb:19:c2:02:0f:49:
fa:68:08:62:2d:6d:94:ff:02:36:ab:43:e2:3f:54:a5:89:07:
4e:5f:72:8f:05:b3:a1:46:5d:33:c5:14:66:64:25:4b:09:83:
7a:c4:fa:59:74:2b:68:97:a6:b9:b9:2d:b5:85:ec:8d:d8:57:
f5:d5:80:6e:a3:cb:c8:eb:b7:62:16:72:08:46:2b:85:c9:f5:
39:e8:c4:fc:ae:f0:b1:6a:82:0c:88:80:07:29:e8:77:69:ea:
05:37:24:b9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQQdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDMwMTE1MDMzWhcNMjQxMjExMTE1MDMzWjAYMRYw
FAYDVQQDEw02NzIyMWQ4ZC1mNDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv4P9258Rko6fn0Ys6WluTuhg3jnS5zodeLx9lTYY5IzZa6NJVw/gG+d+
LJygq9x3Vzxg7OFFTAiRGzPo60VZmGZNqxEweYMUhRGzoLTOmj0xJn3cJ1IDqwSg
zzkm+qZJoAJSFDz5QfDgTjvogCv2mz3rXBjJwvgZcvXV6d+8gHbU51Z0n2OODl7b
t2tVqT7uBtWOjpAXTGN6trbHdywEbRwGEfOvf/+WgND5d/AJ/QsjQxrQ2pVX20WW
5EGt05vLAw84Z+3yvrBaeWK2Ht+SjOen7vcMo8Oy5IO1kypCmWt2FH85QNfVyuzG
rzOF+br12j+SKImOfYs1LqyShElrywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH41
x89DdXUVLUXbYWN1sbTFCTLZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yREE5ODg3Mjk2QjUxMUVGOUY5MUYxNjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsuOMA0GCSqGSIb3DQEB
CwUAA4IBAQBNVp4TFKVCD43mqC19GBABV9kkZkFe3pO895IkmFRco6NsgJbzm3bR
XkTaXFAN2HkW4Hjo1ImWlmtx1E1IEhuH4b3BF4+T4LQE4qLZgvrrNyeP1CvGZyIK
d92Iqt053fU0pqQDN7QTyTMJvX2V49ddMGj/N9SJs3HVv9UVAjUseskh/57S/kz/
R441bb0iNN+d8ElPQYVzFNuIA1b7GcICD0n6aAhiLW2U/wI2q0PiP1SliQdOX3KP
BbOhRl0zxRRmZCVLCYN6xPpZdCtol6a5uS21heyN2Ff11YBuo8vI67diFnIIRiuF
yfU56MT8rvCxaoIMiIAHKeh3aeoFNyS5
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:25 2024 by rpki-client on console-fra.rpki-client.org