Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3665909802D911EF97CD6D1E017001B1.roa
File: 3665909802D911EF97CD6D1E017001B1.roa (raw, json)
Hash identifier: bWIcgdBI3o9dJlYoRE4Sqg8WDmfJVRT7NmbBTT4eK0A=
Subject key identifier: CF:08:8E:EA:D6:A6:C8:EF:9A:CB:76:B7:95:22:80:BD:04:0D:94:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B03F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3665909802D911EF97CD6D1E017001B1.roa
Signing time: Thu 25 Apr 2024 07:55:42 +0000
ROA not before: Thu 25 Apr 2024 07:55:38 +0000
ROA not after: Sun 02 Feb 2025 07:55:38 +0000
asID: 132839
IP address blocks: 154.92.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45119 (0xb03f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 07:55:38 2024 GMT
Not After : Feb 2 07:55:38 2025 GMT
Subject: CN=662a0c7d-32fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:47:9a:b2:c6:55:47:d5:9b:f3:8c:ce:8d:0c:
a2:19:24:67:ef:72:02:da:67:ce:01:50:47:e2:dc:
7c:8a:19:e7:38:42:0f:dc:cd:f9:e3:76:d4:9c:bb:
ff:3a:d2:1f:ed:43:b5:4e:17:e1:99:b1:64:3d:3d:
e2:4d:d3:a5:c7:33:38:db:f5:e6:41:d1:ed:7d:5a:
a0:4c:f1:f8:63:19:a4:ab:78:06:86:11:4a:c6:da:
47:bf:50:78:1f:b4:f2:f3:8a:5d:dc:1e:5e:84:99:
c4:22:90:7a:77:20:37:2d:0b:d7:1b:ea:9f:2d:37:
2e:11:6c:fe:06:58:c3:3a:97:38:a2:60:0c:7b:41:
7d:91:26:3e:73:4a:dd:bc:72:6c:62:bb:2f:98:94:
fb:15:0d:f1:c9:22:01:77:e2:31:1b:88:bc:97:50:
1e:ac:8e:5c:e0:95:56:4e:89:ca:2a:8c:0e:c0:5a:
46:f8:d6:ed:56:8b:64:f9:d7:57:96:5d:bc:78:45:
77:20:3d:b1:b3:57:e7:70:e5:fb:06:b8:5a:2e:13:
2c:89:7e:91:f7:1c:72:c3:19:45:e5:eb:8b:2c:c4:
c8:d9:a5:52:1a:09:80:ee:84:e9:10:48:e1:de:cd:
da:b2:9e:98:d0:e9:4c:6d:e5:2c:28:76:d4:c6:7d:
25:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:08:8E:EA:D6:A6:C8:EF:9A:CB:76:B7:95:22:80:BD:04:0D:94:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3665909802D911EF97CD6D1E017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.64.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:f5:f0:54:a0:fa:e4:04:ff:36:85:38:e1:fd:28:7a:ba:56:
08:ac:c5:3e:3f:24:e5:ab:50:c6:5a:04:e0:ca:e6:4a:2b:d2:
22:6f:b4:81:b0:8c:bd:27:00:bc:0c:d1:85:df:e9:3e:40:04:
4c:28:dc:d6:ac:85:d8:63:bc:4e:40:30:64:fc:99:23:6d:d5:
3e:cb:90:e9:3a:c8:52:7c:fd:52:3d:55:53:72:28:e2:05:a2:
17:f2:47:9e:1e:97:8e:79:3d:7d:b1:ef:a8:0a:a9:f0:2b:b5:
ba:08:57:af:8d:33:03:e5:08:e1:b8:b3:24:09:81:f8:74:3d:
f5:e5:60:dd:be:e6:32:b8:27:23:47:9c:d0:fd:cc:64:19:71:
fc:f7:2e:cc:3e:4b:ae:c2:c6:5f:d8:06:c7:1d:37:a9:7f:bf:
8b:16:d7:a1:12:76:16:8b:0e:a7:d1:c6:6c:b6:87:ba:d9:26:
6e:e2:35:87:6d:62:80:67:3a:42:24:ee:41:3f:21:bf:da:11:
6f:c7:76:0a:5b:dc:a6:00:49:cf:7e:42:67:f5:36:ee:27:92:
9a:ac:af:9b:ef:e5:5a:38:3a:2b:8d:c2:a1:6d:30:d6:9c:cb:
12:d7:d1:7c:04:f3:9d:24:23:18:15:2b:03:e4:8b:29:de:38:
a3:1d:89:de
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALA/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNDI1MDc1NTM4WhcNMjUwMjAyMDc1NTM4WjAYMRYw
FAYDVQQDEw02NjJhMGM3ZC0zMmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxUeassZVR9Wb84zOjQyiGSRn73IC2mfOAVBH4tx8ihnnOEIP3M3543bU
nLv/OtIf7UO1ThfhmbFkPT3iTdOlxzM42/XmQdHtfVqgTPH4Yxmkq3gGhhFKxtpH
v1B4H7Ty84pd3B5ehJnEIpB6dyA3LQvXG+qfLTcuEWz+BljDOpc4omAMe0F9kSY+
c0rdvHJsYrsvmJT7FQ3xySIBd+IxG4i8l1AerI5c4JVWTonKKowOwFpG+NbtVotk
+ddXll28eEV3ID2xs1fncOX7BrhaLhMsiX6R9xxywxlF5euLLMTI2aVSGgmA7oTp
EEjh3s3asp6Y0OlMbeUsKHbUxn0lFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM8I
jurWpsjvmst2t5UigL0EDZRLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNjY1OTA5ODAyRDkxMUVGOTdDRDZEMUUwMTcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlxAMA0GCSqGSIb3DQEB
CwUAA4IBAQCp9fBUoPrkBP82hTjh/Sh6ulYIrMU+PyTlq1DGWgTgyuZKK9Iib7SB
sIy9JwC8DNGF3+k+QARMKNzWrIXYY7xOQDBk/JkjbdU+y5DpOshSfP1SPVVTciji
BaIX8keeHpeOeT19se+oCqnwK7W6CFevjTMD5QjhuLMkCYH4dD315WDdvuYyuCcj
R5zQ/cxkGXH89y7MPkuuwsZf2AbHHTepf7+LFtehEnYWiw6n0cZstoe62SZu4jWH
bWKAZzpCJO5BPyG/2hFvx3YKW9ymAEnPfkJn9TbuJ5KarK+b7+VaODorjcKhbTDW
nMsS19F8BPOdJCMYFSsD5Isp3jijHYne
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:00 2024 by rpki-client on console-ams.rpki-client.org