Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BE7F7BEA73D11EFAEC26DA8762E951A.roa
File: 3BE7F7BEA73D11EFAEC26DA8762E951A.roa (raw, json)
Hash identifier: QMH1fgF9cqJuIlrG6uh1JhXuvOHrIUm6oHmQOe6cqqE=
Subject key identifier: 05:51:C7:D6:57:DB:96:29:91:1D:1F:D2:91:12:DC:83:FF:DB:8F:BA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010FA7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BE7F7BEA73D11EFAEC26DA8762E951A.roa
Signing time: Wed 20 Nov 2024 12:44:51 +0000
ROA not before: Wed 20 Nov 2024 12:44:47 +0000
ROA not after: Sat 30 Nov 2024 12:44:47 +0000
asID: 139471
IP address blocks: 154.220.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 08:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69543 (0x10fa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 20 12:44:47 2024 GMT
Not After : Nov 30 12:44:47 2024 GMT
Subject: CN=673dd9c3-6a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5c:c7:23:10:bd:1f:e8:4e:23:55:40:c6:3d:
1a:4a:d4:c9:7b:e5:7c:e0:79:3f:b2:81:ef:1e:a2:
a7:61:a1:cf:dd:d6:85:07:a5:1d:38:b5:be:fe:75:
aa:eb:a8:c7:c1:b2:27:41:30:d3:fc:f3:68:62:3d:
93:f6:29:f8:3a:0e:ff:75:70:3f:6f:85:6a:95:f0:
72:e0:9d:cd:48:87:e0:30:d7:0a:36:ef:ea:b0:16:
e9:ff:38:a3:86:2e:ac:91:85:8a:5e:a0:44:82:eb:
fb:65:90:8f:43:35:26:21:db:9a:95:d7:8d:fd:4d:
63:a0:9f:80:f6:19:6c:dd:24:f1:c0:af:ee:6a:b8:
a5:89:b5:55:0e:2e:80:d7:11:07:26:b8:1c:e6:8b:
a0:21:cd:d0:b4:2f:7c:ce:81:78:53:97:48:c7:4a:
f4:31:5d:36:2b:45:d7:df:8a:ec:d4:d1:c1:65:ce:
f3:d6:34:37:59:75:88:3d:02:39:d8:1e:05:6e:58:
ae:c3:99:e4:64:57:b5:0e:d1:78:0a:8b:e9:aa:ae:
8d:3b:f9:c6:d8:38:cc:02:fd:c7:e5:81:de:ce:72:
50:ad:8f:a0:71:f3:d5:36:0a:95:e3:18:57:54:ca:
ef:f7:4d:6e:64:a9:8a:9f:24:ae:23:90:15:67:67:
03:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:51:C7:D6:57:DB:96:29:91:1D:1F:D2:91:12:DC:83:FF:DB:8F:BA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3BE7F7BEA73D11EFAEC26DA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:94:3e:b5:93:1c:24:0c:e2:d5:8d:6e:7d:3a:1a:02:b3:a4:
4a:91:20:43:eb:d1:51:43:96:7d:c0:7a:26:fe:96:82:2c:42:
ae:08:f4:a2:57:21:73:19:4e:cb:af:1f:18:1f:26:f7:56:80:
46:3c:c4:59:c6:3f:f3:0a:96:75:a2:61:bc:08:d9:f3:52:09:
b1:ef:d9:c5:9d:cc:23:5c:e8:ab:e0:99:6f:53:80:e7:e3:b6:
83:7b:76:9f:63:ec:f3:bd:5a:4c:1b:8b:45:dc:50:9c:af:5f:
2d:32:31:2b:5c:45:5d:2b:40:aa:9f:a7:ee:b9:00:a8:2c:b6:
cb:2b:d4:a2:3a:bd:12:49:65:41:27:db:7f:ef:0a:aa:26:f5:
4c:d6:4e:bd:fb:7c:e8:c3:5a:a5:36:8b:36:d2:69:e7:78:44:
7d:8c:30:be:37:c2:66:a9:56:a0:53:93:8b:95:68:56:2b:36:
a1:34:99:8a:d1:83:3a:08:a2:7d:0e:98:c2:cf:19:c9:14:48:
13:ba:f2:d3:e6:6a:3b:3c:ba:35:8d:b0:50:7e:7b:87:a1:49:
ed:4c:8d:cc:c4:1c:1d:5e:4e:4f:da:2b:9e:01:6e:59:6d:60:
94:9f:43:72:76:43:79:b0:d8:cd:f8:a1:be:76:0c:a1:e5:a9:
2b:48:d2:4e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ+nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMTI0NDQ3WhcNMjQxMTMwMTI0NDQ3WjAYMRYw
FAYDVQQDEw02NzNkZDljMy02YTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxlzHIxC9H+hOI1VAxj0aStTJe+V84Hk/soHvHqKnYaHP3daFB6UdOLW+
/nWq66jHwbInQTDT/PNoYj2T9in4Og7/dXA/b4VqlfBy4J3NSIfgMNcKNu/qsBbp
/zijhi6skYWKXqBEguv7ZZCPQzUmIdualdeN/U1joJ+A9hls3STxwK/uarilibVV
Di6A1xEHJrgc5ougIc3QtC98zoF4U5dIx0r0MV02K0XX34rs1NHBZc7z1jQ3WXWI
PQI52B4Fbliuw5nkZFe1DtF4Covpqq6NO/nG2DjMAv3H5YHeznJQrY+gcfPVNgqV
4xhXVMrv901uZKmKnySuI5AVZ2cD2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAVR
x9ZX25YpkR0f0pES3IP/24+6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zQkU3RjdCRUE3M0QxMUVGQUVDMjZEQTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtzgMA0GCSqGSIb3DQEB
CwUAA4IBAQBPlD61kxwkDOLVjW59OhoCs6RKkSBD69FRQ5Z9wHom/paCLEKuCPSi
VyFzGU7Lrx8YHyb3VoBGPMRZxj/zCpZ1omG8CNnzUgmx79nFncwjXOir4JlvU4Dn
47aDe3afY+zzvVpMG4tF3FCcr18tMjErXEVdK0Cqn6fuuQCoLLbLK9SiOr0SSWVB
J9t/7wqqJvVM1k69+3zow1qlNos20mnneER9jDC+N8JmqVagU5OLlWhWKzahNJmK
0YM6CKJ9DpjCzxnJFEgTuvLT5mo7PLo1jbBQfnuHoUntTI3MxBwdXk5P2iueAW5Z
bWCUn0NydkN5sNjN+KG+dgyh5akrSNJO
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:38:08 2024 by rpki-client on console-fra.rpki-client.org