Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35560200A0E511EFBDAD4B97762E951A.roa
File: 35560200A0E511EFBDAD4B97762E951A.roa (raw, json)
Hash identifier: NUL/OHrQvf8UjvoPPU6oUcb8YCNYca9SFKFVlVGf1k0=
Subject key identifier: 76:49:9D:F5:AB:C2:94:42:3F:3D:17:81:73:4E:39:38:BF:91:6D:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010C50
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35560200A0E511EFBDAD4B97762E951A.roa
Signing time: Tue 12 Nov 2024 10:59:37 +0000
ROA not before: Tue 12 Nov 2024 10:59:34 +0000
ROA not after: Fri 22 Nov 2024 10:59:34 +0000
asID: 39600
IP address blocks: 154.207.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Nov 2024 10:59:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68688 (0x10c50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 12 10:59:34 2024 GMT
Not After : Nov 22 10:59:34 2024 GMT
Subject: CN=67333519-0e68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:da:08:18:bd:c0:db:d3:d4:bc:52:2d:f8:dd:
e1:84:fb:76:f4:d8:a4:6c:ab:e0:2e:e1:c3:85:80:
e9:3a:33:cb:26:50:10:1b:4b:a6:c6:ae:e6:ac:24:
89:99:22:d3:97:d4:bb:a4:25:a2:06:79:96:5a:6a:
87:63:a6:69:2a:ea:ea:1a:b3:30:85:ab:b1:11:cb:
85:00:f3:81:9e:42:84:ed:45:de:8c:8c:73:00:95:
3c:c3:1a:13:94:02:87:da:b9:26:97:18:c6:db:93:
e7:7c:55:00:35:23:b9:82:88:39:37:13:88:38:77:
0a:e8:e6:16:07:54:d1:db:8a:eb:05:0d:d7:bb:e3:
c7:f5:f5:b9:c1:95:7f:dc:1e:6a:44:8a:64:1f:40:
be:a8:a6:49:b5:0f:8e:a0:37:5c:dd:8c:f7:d5:a8:
b1:fe:69:35:32:cd:1d:7e:1b:7d:1b:18:3a:b5:fa:
0b:08:4b:67:f8:5d:8f:4f:06:b1:9c:cb:7f:52:81:
0d:04:53:eb:1f:c1:2c:d7:3f:25:20:e7:30:f0:44:
94:f9:36:4d:d4:b4:2f:0a:fe:8d:24:40:1d:a1:21:
a6:cf:c8:76:02:f0:e2:80:be:0f:fb:e7:e2:95:09:
00:91:75:27:cd:68:58:85:11:50:af:9d:0a:82:30:
02:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:49:9D:F5:AB:C2:94:42:3F:3D:17:81:73:4E:39:38:BF:91:6D:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/35560200A0E511EFBDAD4B97762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.232.0/21
Signature Algorithm: sha256WithRSAEncryption
17:b2:be:c4:d5:cd:a6:66:36:e9:44:2b:cf:15:fb:70:47:73:
cc:c1:0a:5e:2a:4e:7d:5a:61:39:d6:bb:1e:71:ab:58:de:96:
e1:13:a2:f0:6c:fe:b2:39:c7:3d:b5:c4:4c:4e:82:be:ee:2a:
90:6d:34:25:7f:0e:27:35:88:35:d0:cb:28:50:20:51:15:dc:
fa:f7:e7:2b:4a:77:10:d3:9f:22:7c:fd:05:3d:0c:71:ed:04:
2a:7a:98:e0:f4:c7:8c:60:d3:9e:1c:f9:0d:3a:ad:7a:7a:f3:
0d:5e:1e:1e:7b:36:a0:9d:a8:4b:2d:33:a1:46:f2:54:20:15:
14:ea:0f:f8:b5:4b:a4:b9:fa:f0:6c:8a:a3:1d:92:3b:f3:65:
07:b0:25:cb:07:c3:5f:41:09:cf:0c:ba:62:78:da:8a:0c:0d:
a8:94:83:88:8a:e5:04:18:2c:b4:83:a9:48:30:e7:61:21:f5:
d5:ea:8d:b9:48:01:e0:fa:c8:7d:12:14:f5:5f:a3:86:ed:06:
58:4c:66:ef:c6:2e:a5:77:4c:eb:a1:5d:ff:bc:35:79:fa:1a:
4a:4e:af:c0:55:2f:05:e9:b5:07:00:e9:d8:16:ef:fd:8a:e3:
82:b2:15:9d:68:24:e9:31:a7:ff:18:b6:12:d5:c2:f6:06:26:
ed:39:74:bf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQxQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTEyMTA1OTM0WhcNMjQxMTIyMTA1OTM0WjAYMRYw
FAYDVQQDEw02NzMzMzUxOS0wZTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxtoIGL3A29PUvFIt+N3hhPt29NikbKvgLuHDhYDpOjPLJlAQG0umxq7m
rCSJmSLTl9S7pCWiBnmWWmqHY6ZpKurqGrMwhauxEcuFAPOBnkKE7UXejIxzAJU8
wxoTlAKH2rkmlxjG25PnfFUANSO5gog5NxOIOHcK6OYWB1TR24rrBQ3Xu+PH9fW5
wZV/3B5qRIpkH0C+qKZJtQ+OoDdc3Yz31aix/mk1Ms0dfht9Gxg6tfoLCEtn+F2P
TwaxnMt/UoENBFPrH8Es1z8lIOcw8ESU+TZN1LQvCv6NJEAdoSGmz8h2AvDigL4P
++filQkAkXUnzWhYhRFQr50KgjACxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHZJ
nfWrwpRCPz0XgXNOOTi/kW0WMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNTU2MDIwMEEwRTUxMUVGQkRBRDRCOTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDms/oMA0GCSqGSIb3DQEB
CwUAA4IBAQAXsr7E1c2mZjbpRCvPFftwR3PMwQpeKk59WmE51rsecatY3pbhE6Lw
bP6yOcc9tcRMToK+7iqQbTQlfw4nNYg10MsoUCBRFdz69+crSncQ058ifP0FPQxx
7QQqepjg9MeMYNOeHPkNOq16evMNXh4eezagnahLLTOhRvJUIBUU6g/4tUukufrw
bIqjHZI782UHsCXLB8NfQQnPDLpieNqKDA2olIOIiuUEGCy0g6lIMOdhIfXV6o25
SAHg+sh9EhT1X6OG7QZYTGbvxi6ld0zroV3/vDV5+hpKTq/AVS8F6bUHAOnYFu/9
iuOCshWdaCTpMaf/GLYS1cL2BibtOXS/
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:03 2024 by rpki-client on console-fra.rpki-client.org