Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2E9B791EA32311EF8D04F76F762E951A.roa
File: 2E9B791EA32311EF8D04F76F762E951A.roa (raw, json)
Hash identifier: i+0Nohan7wnt+wEMc6kDbqkEfAET96nb/V08m8a2aIs=
Subject key identifier: 37:F0:21:30:4E:C5:88:1C:EF:32:77:C3:15:20:96:31:02:CA:AE:CB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010D2E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2E9B791EA32311EF8D04F76F762E951A.roa
Signing time: Fri 15 Nov 2024 07:28:17 +0000
ROA not before: Fri 15 Nov 2024 07:28:13 +0000
ROA not after: Thu 12 Dec 2024 07:28:13 +0000
asID: 394432
IP address blocks: 154.196.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68910 (0x10d2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 15 07:28:13 2024 GMT
Not After : Dec 12 07:28:13 2024 GMT
Subject: CN=6736f811-974e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:cc:3d:68:d1:23:d6:10:ba:ec:df:96:20:fe:
65:fa:4a:84:3b:18:36:26:29:79:a9:b3:98:80:be:
a1:1a:23:94:83:af:f2:47:dd:e8:fb:2c:5f:83:f0:
0c:9a:78:ab:37:7f:11:f9:e9:1e:b6:3d:de:67:23:
c8:ea:72:14:25:4e:52:bb:cd:b7:cd:9b:75:87:63:
60:ce:f7:32:aa:65:42:ce:ed:ad:22:fe:db:51:42:
15:bb:d6:5d:c6:e7:3a:fe:fe:97:2a:e5:e4:07:cf:
45:4b:1c:8f:e4:cc:bb:37:66:b0:dc:2e:2a:e0:23:
fa:00:5b:73:2e:27:e0:34:7f:29:a9:ae:5f:1b:4c:
45:71:7b:32:1b:d4:10:f5:0b:0a:d0:db:72:72:9e:
0c:38:c5:de:12:16:b8:e3:a6:b7:2a:4b:20:0b:71:
98:1b:cd:e5:70:3c:63:46:b6:fa:12:c8:f1:a1:07:
08:b3:3b:e4:c5:a8:4a:e4:76:8b:30:6f:70:1d:87:
a1:fc:48:c3:07:05:a2:ba:bc:66:ec:6d:40:70:b7:
42:bf:e1:eb:b4:ae:1e:8a:db:f1:21:80:ca:39:ca:
d2:25:8f:f1:e9:ee:6d:36:50:65:0d:d4:f6:ac:c7:
f2:74:fb:db:8d:9f:61:54:27:c1:ee:ac:8a:8b:a2:
67:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F0:21:30:4E:C5:88:1C:EF:32:77:C3:15:20:96:31:02:CA:AE:CB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2E9B791EA32311EF8D04F76F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.192.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:01:e5:47:56:82:75:25:ca:da:94:93:69:5e:f8:10:55:c5:
74:43:4d:20:c0:d5:a8:4f:06:0d:4d:19:f1:02:65:ef:18:a4:
07:fb:29:78:c0:64:0a:ca:77:5e:3f:13:fd:92:a4:51:b9:44:
b6:eb:57:63:ca:b5:3a:a4:f1:ef:05:db:f9:5b:04:e8:95:5b:
85:48:14:cf:fd:0b:5d:c0:0a:c6:de:7f:c5:2d:8c:13:11:c5:
59:90:9f:d0:5f:4e:e1:5a:fe:02:58:2e:70:27:fb:de:79:95:
38:d2:62:0c:82:a4:84:f0:73:09:eb:fd:09:f0:01:2b:e2:b1:
3a:e7:d4:3e:58:87:0f:20:1d:0f:b5:b9:e2:74:50:7b:8b:d8:
bf:28:28:fa:ec:1a:f9:16:2f:ee:f9:19:8c:f4:c1:fd:92:72:
72:78:d3:32:70:1d:3b:7b:0c:dc:39:8c:5b:7f:9d:c7:30:b9:
76:cd:c2:f6:e7:5f:a3:ed:ca:80:67:82:69:b8:58:e3:cd:a7:
03:f7:bc:35:92:ed:2a:c4:bf:6b:ce:56:bc:17:3f:e7:38:37:
34:5b:47:bb:5b:42:c6:9a:a2:51:4f:22:8f:d3:35:e5:17:71:
92:e4:b6:d8:0e:da:07:47:ea:75:ee:7d:89:a3:23:12:37:6a:
a6:e0:f7:f8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ0uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE1MDcyODEzWhcNMjQxMjEyMDcyODEzWjAYMRYw
FAYDVQQDEw02NzM2ZjgxMS05NzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxMw9aNEj1hC67N+WIP5l+kqEOxg2Jil5qbOYgL6hGiOUg6/yR93o+yxf
g/AMmnirN38R+eketj3eZyPI6nIUJU5Su823zZt1h2NgzvcyqmVCzu2tIv7bUUIV
u9Zdxuc6/v6XKuXkB89FSxyP5My7N2aw3C4q4CP6AFtzLifgNH8pqa5fG0xFcXsy
G9QQ9QsK0Ntycp4MOMXeEha446a3KksgC3GYG83lcDxjRrb6EsjxoQcIszvkxahK
5HaLMG9wHYeh/EjDBwWiurxm7G1AcLdCv+HrtK4eitvxIYDKOcrSJY/x6e5tNlBl
DdT2rMfydPvbjZ9hVCfB7qyKi6Jn7wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDfw
ITBOxYgc7zJ3wxUgljECyq7LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRTlCNzkxRUEzMjMxMUVGOEQwNEY3NkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsTAMA0GCSqGSIb3DQEB
CwUAA4IBAQDLAeVHVoJ1JcralJNpXvgQVcV0Q00gwNWoTwYNTRnxAmXvGKQH+yl4
wGQKyndePxP9kqRRuUS261djyrU6pPHvBdv5WwTolVuFSBTP/QtdwArG3n/FLYwT
EcVZkJ/QX07hWv4CWC5wJ/veeZU40mIMgqSE8HMJ6/0J8AEr4rE659Q+WIcPIB0P
tbnidFB7i9i/KCj67Br5Fi/u+RmM9MH9knJyeNMycB07ewzcOYxbf53HMLl2zcL2
51+j7cqAZ4JpuFjjzacD97w1ku0qxL9rzla8Fz/nODc0W0e7W0LGmqJRTyKP0zXl
F3GS5LbYDtoHR+p17n2JoyMSN2qm4Pf4
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:59:50 2024 by rpki-client on console-fra.rpki-client.org