Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/303E64767B2211EF99AC0FA5762E951A.roa
File: 303E64767B2211EF99AC0FA5762E951A.roa (raw, json)
Hash identifier: Or/TRtHl/5wwIuHCg+/DAgefhCKckJ0y3il5gz1qelU=
Subject key identifier: 3C:48:01:13:C3:E4:FE:3A:6B:E6:BD:96:EF:2A:53:B9:0E:5E:65:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: F35E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/303E64767B2211EF99AC0FA5762E951A.roa
Signing time: Wed 25 Sep 2024 09:40:24 +0000
ROA not before: Wed 25 Sep 2024 09:40:20 +0000
ROA not after: Tue 30 Sep 2025 09:40:20 +0000
asID: 211392
IP address blocks: 154.84.24.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62302 (0xf35e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 25 09:40:20 2024 GMT
Not After : Sep 30 09:40:20 2025 GMT
Subject: CN=66f3da88-131d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6d:e5:36:ff:ca:bb:92:2a:a7:61:58:de:29:
32:35:29:84:93:a9:d8:c4:ef:59:16:96:c9:be:0c:
4d:93:15:f4:c0:21:9f:27:0a:2a:b0:a0:ac:33:71:
02:c8:be:a5:ed:f3:08:ed:be:10:a2:a1:36:10:ca:
98:56:6f:b7:b8:64:09:3c:0a:f3:32:04:37:8f:b8:
a2:65:d8:4d:37:b0:bf:22:2a:bd:b2:50:aa:3a:81:
7d:61:3a:0b:7e:64:d0:3b:a3:e0:ce:43:37:1e:78:
d9:02:52:c4:48:be:c8:2d:50:81:7f:99:75:27:aa:
d3:72:e0:3b:95:ff:49:48:1e:ce:7f:c2:d2:cd:75:
6a:a3:f6:c2:f3:1b:d0:2e:61:69:5e:bc:c4:c7:03:
e5:a4:5c:db:21:7f:01:b2:4b:3d:95:a2:cd:a8:39:
23:f8:f4:45:5c:a3:1d:e0:c9:80:08:33:0e:e3:65:
82:00:b2:e1:b5:a9:c0:70:57:bc:fc:df:f7:1e:b8:
fe:30:5d:ec:fb:b5:ca:db:6e:8b:73:b5:9b:64:91:
fa:56:02:f9:a3:6d:0d:6e:23:37:82:e1:75:f6:2f:
b8:1d:78:72:cb:70:e6:fe:36:93:33:a0:31:72:d5:
04:09:35:ef:34:f1:f9:38:e1:a5:7f:0b:46:8f:7a:
9a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:48:01:13:C3:E4:FE:3A:6B:E6:BD:96:EF:2A:53:B9:0E:5E:65:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/303E64767B2211EF99AC0FA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.24.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:e9:ee:50:48:e4:a4:34:db:08:72:a8:01:9e:a7:25:c9:7c:
7c:43:46:d9:fc:4e:68:1b:30:91:05:3b:16:ef:7b:37:88:07:
e8:e4:c6:b1:95:93:bf:d6:5c:00:5c:b8:7c:e8:63:0c:07:f8:
23:e1:fc:53:83:45:f0:b8:db:82:b3:a5:ae:0b:0f:5f:62:d6:
5a:a6:29:2c:88:65:08:14:97:de:ef:25:b2:40:21:cd:02:1a:
76:b1:e3:c8:57:67:e7:9a:7e:0f:47:64:88:eb:6c:68:56:7f:
f3:34:aa:ae:2e:df:83:f5:77:df:5d:18:ea:6d:e2:41:c3:5d:
d5:db:1d:6f:85:2f:19:5e:75:63:c7:ea:b0:35:2c:f8:dc:6f:
cb:0b:55:37:64:56:92:b1:21:f5:24:a2:49:a0:4b:6e:3d:3a:
f2:e0:29:35:95:8f:63:9a:b3:cf:a6:48:b1:2e:92:d2:9c:bf:
ca:65:e4:46:c4:c0:6b:fc:c5:96:99:07:40:9c:bf:c1:c4:64:
09:21:25:e6:e6:2f:bf:f5:ed:8b:94:37:53:26:6e:1a:d3:3d:
f3:52:11:1f:0c:92:ed:66:ee:ce:05:5d:6f:83:d0:0f:18:be:
f8:32:ec:d4:0c:20:da:79:fc:ad:3a:d6:ca:38:40:77:bc:ab:
20:35:b7:67
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAPNeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTI1MDk0MDIwWhcNMjUwOTMwMDk0MDIwWjAYMRYw
FAYDVQQDEw02NmYzZGE4OC0xMzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4m3lNv/Ku5Iqp2FY3ikyNSmEk6nYxO9ZFpbJvgxNkxX0wCGfJwoqsKCs
M3ECyL6l7fMI7b4QoqE2EMqYVm+3uGQJPArzMgQ3j7iiZdhNN7C/Iiq9slCqOoF9
YToLfmTQO6PgzkM3HnjZAlLESL7ILVCBf5l1J6rTcuA7lf9JSB7Of8LSzXVqo/bC
8xvQLmFpXrzExwPlpFzbIX8Bsks9laLNqDkj+PRFXKMd4MmACDMO42WCALLhtanA
cFe8/N/3Hrj+MF3s+7XK226Lc7WbZJH6VgL5o20NbiM3guF19i+4HXhyy3Dm/jaT
M6AxctUECTXvNPH5OOGlfwtGj3qa6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDxI
ARPD5P46a+a9lu8qU7kOXmVoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMDNFNjQ3NjdCMjIxMUVGOTlBQzBGQTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlQYMA0GCSqGSIb3DQEB
CwUAA4IBAQAN6e5QSOSkNNsIcqgBnqclyXx8Q0bZ/E5oGzCRBTsW73s3iAfo5Max
lZO/1lwAXLh86GMMB/gj4fxTg0XwuNuCs6WuCw9fYtZapiksiGUIFJfe7yWyQCHN
Ahp2sePIV2fnmn4PR2SI62xoVn/zNKquLt+D9XffXRjqbeJBw13V2x1vhS8ZXnVj
x+qwNSz43G/LC1U3ZFaSsSH1JKJJoEtuPTry4Ck1lY9jmrPPpkixLpLSnL/KZeRG
xMBr/MWWmQdAnL/BxGQJISXm5i+/9e2LlDdTJm4a0z3zUhEfDJLtZu7OBV1vg9AP
GL74MuzUDCDaefytOtbKOEB3vKsgNbdn
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:58 2024 by rpki-client on console-ams.rpki-client.org