Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3223E50CA00E11EFA686AA55762E951A.roa
File: 3223E50CA00E11EFA686AA55762E951A.roa (raw, json)
Hash identifier: pXXlB42wJVqWC4iIvzI2WeUTdVaB2iwj9AR5mKIuojw=
Subject key identifier: CE:32:52:60:3B:55:7A:20:DC:60:C6:3A:C6:7A:95:AC:E6:16:67:AB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010BE7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3223E50CA00E11EFA686AA55762E951A.roa
Signing time: Mon 11 Nov 2024 09:20:30 +0000
ROA not before: Mon 11 Nov 2024 09:20:27 +0000
ROA not after: Fri 22 Nov 2024 09:20:27 +0000
asID: 51396
IP address blocks: 154.213.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Nov 2024 09:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68583 (0x10be7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 11 09:20:27 2024 GMT
Not After : Nov 22 09:20:27 2024 GMT
Subject: CN=6731cc5e-57cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:29:d2:80:54:e9:b8:2e:ce:6e:11:7c:c7:a3:
b8:34:3d:e1:06:7b:c3:3a:8c:c4:06:9e:4b:99:2e:
ef:cb:91:6a:53:37:8c:57:a8:b7:51:d0:b9:75:fc:
3b:22:14:52:be:0e:cd:c7:a2:a6:d0:05:0d:db:1d:
62:8a:fd:49:79:e5:82:b3:db:4c:36:14:ec:28:99:
3f:b7:41:6c:b8:a7:53:bb:90:f1:77:81:d1:30:14:
38:13:46:18:77:76:f1:b2:2e:82:35:e8:cc:37:1d:
cc:78:de:cd:06:c1:1e:91:b4:69:79:96:02:cc:85:
2c:8f:5b:03:62:df:fd:c5:07:8e:71:19:e7:18:f8:
58:78:e1:2a:87:fe:a1:0e:92:59:d7:91:2f:36:7f:
29:38:c9:ab:05:8d:66:06:24:67:eb:9d:5d:b1:8c:
a7:7b:aa:46:a6:28:6f:d3:9a:e7:04:f6:a2:89:08:
df:83:e0:af:2d:92:bb:79:8c:5a:8d:d2:53:56:7c:
1c:27:cf:bb:72:f7:20:9d:7a:e0:75:85:77:4c:ab:
57:0e:48:3c:57:23:da:27:98:f0:ec:2e:87:4f:5f:
19:ff:14:07:60:d2:d2:b8:5f:ea:2c:e2:3d:58:39:
ba:ec:1d:cb:c4:a3:b3:99:3e:78:da:42:86:d7:1b:
f7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:32:52:60:3B:55:7A:20:DC:60:C6:3A:C6:7A:95:AC:E6:16:67:AB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3223E50CA00E11EFA686AA55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.184.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:b3:ac:68:b5:bf:97:22:73:50:fa:9f:82:5f:ed:fb:71:8a:
e8:d1:31:71:7f:7b:1a:90:e2:c8:ad:d2:0a:3d:23:a3:e5:20:
96:78:fe:49:96:72:04:e4:b0:0a:68:34:ec:98:0e:0d:bd:98:
1d:0b:e7:a2:a5:cc:61:87:48:c8:c1:a4:1f:e2:e7:9d:ac:b4:
28:9b:47:3c:21:3e:87:79:86:84:ee:c8:3e:c2:49:68:d2:ba:
16:83:80:c0:49:92:2b:a2:c4:59:a7:0c:b5:fd:43:2d:9e:02:
8d:4f:48:8b:32:60:9e:53:77:71:18:3c:60:fc:8f:a0:99:f8:
e1:bf:71:6c:32:86:d2:67:8a:38:3e:d2:77:9b:a5:16:37:fc:
4b:4f:92:91:ba:b0:99:4a:c8:57:db:f6:aa:7e:df:8a:4c:42:
35:8d:7e:5f:fc:49:8d:9b:40:a3:4a:35:1a:a9:9a:c0:be:a6:
98:13:2f:91:0f:96:56:a3:b1:f2:eb:c3:21:b5:88:ea:56:94:
ba:ec:01:60:90:98:9c:ef:5d:0c:4c:c4:18:8c:10:49:da:7b:
a1:18:3a:38:3b:8b:cc:e1:b4:9c:15:7e:74:fd:24:42:74:17:
54:82:9b:21:b4:be:91:82:44:56:23:1a:bc:f3:48:0c:a3:ad:
86:02:ba:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQvnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTExMDkyMDI3WhcNMjQxMTIyMDkyMDI3WjAYMRYw
FAYDVQQDEw02NzMxY2M1ZS01N2NjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuynSgFTpuC7ObhF8x6O4ND3hBnvDOozEBp5LmS7vy5FqUzeMV6i3UdC5
dfw7IhRSvg7Nx6Km0AUN2x1iiv1JeeWCs9tMNhTsKJk/t0FsuKdTu5Dxd4HRMBQ4
E0YYd3bxsi6CNejMNx3MeN7NBsEekbRpeZYCzIUsj1sDYt/9xQeOcRnnGPhYeOEq
h/6hDpJZ15EvNn8pOMmrBY1mBiRn651dsYyne6pGpihv05rnBPaiiQjfg+CvLZK7
eYxajdJTVnwcJ8+7cvcgnXrgdYV3TKtXDkg8VyPaJ5jw7C6HT18Z/xQHYNLSuF/q
LOI9WDm67B3LxKOzmT542kKG1xv3DwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM4y
UmA7VXog3GDGOsZ6lazmFmerMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMjIzRTUwQ0EwMEUxMUVGQTY4NkFBNTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtW4MA0GCSqGSIb3DQEB
CwUAA4IBAQAfs6xotb+XInNQ+p+CX+37cYro0TFxf3sakOLIrdIKPSOj5SCWeP5J
lnIE5LAKaDTsmA4NvZgdC+eipcxhh0jIwaQf4uedrLQom0c8IT6HeYaE7sg+wklo
0roWg4DASZIrosRZpwy1/UMtngKNT0iLMmCeU3dxGDxg/I+gmfjhv3FsMobSZ4o4
PtJ3m6UWN/xLT5KRurCZSshX2/aqft+KTEI1jX5f/EmNm0CjSjUaqZrAvqaYEy+R
D5ZWo7Hy68MhtYjqVpS67AFgkJic710MTMQYjBBJ2nuhGDo4O4vM4bScFX50/SRC
dBdUgpshtL6RgkRWIxq880gMo62GAroV
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:42 2024 by rpki-client on console-fra.rpki-client.org