Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D06E626A9B011EFB8B43295762E951A.roa
File: 3D06E626A9B011EFB8B43295762E951A.roa (raw, json)
Hash identifier: ImQ4VNByAsunlOSAB3sr2JwOYP4SyS1gwn2CnGhL+ng=
Subject key identifier: F8:A8:AC:71:A6:8B:06:1E:89:C3:A5:A7:57:7C:D7:E0:14:48:94:E9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0111A4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D06E626A9B011EFB8B43295762E951A.roa
Signing time: Sat 23 Nov 2024 15:33:07 +0000
ROA not before: Sat 23 Nov 2024 15:33:04 +0000
ROA not after: Thu 26 Dec 2024 15:33:04 +0000
asID: 395886
IP address blocks: 154.201.72.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70052 (0x111a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 23 15:33:04 2024 GMT
Not After : Dec 26 15:33:04 2024 GMT
Subject: CN=6741f5b3-7d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1f:22:0c:07:00:a3:32:1b:a3:30:d5:42:49:
ec:d8:5b:0b:60:35:fb:bc:bc:f2:eb:17:11:69:84:
f8:c4:2f:f8:d8:22:6f:ea:12:67:61:f6:16:19:c0:
b1:4d:e3:32:ae:52:a8:74:de:81:3e:e2:93:67:ba:
76:3b:3f:50:fd:08:d2:d0:04:05:cf:fe:2c:2f:04:
6a:b3:1a:87:dc:67:a8:ef:3d:3c:c8:66:53:8a:c4:
87:79:99:16:82:9e:25:f0:b8:bc:76:60:a8:c8:50:
d3:91:24:3b:fd:8b:80:40:9d:01:ff:63:7f:0a:86:
19:bb:43:20:ec:75:40:db:7f:7c:bf:94:57:c7:44:
9c:62:4a:dd:98:06:3d:10:57:e8:9c:f7:00:7e:10:
15:4c:4c:94:d0:a9:50:e6:f6:6d:0c:1a:90:14:b0:
e7:ea:59:ba:98:92:14:ff:63:75:9c:62:c1:33:e8:
ff:f0:a4:a9:06:ae:be:f1:44:e2:78:7a:75:09:f1:
6f:f6:82:fb:9b:cc:10:3b:57:8b:42:7f:26:10:46:
ee:14:3c:78:fc:5f:c5:cf:a6:05:b0:09:e5:fe:69:
3a:c9:6b:f2:95:4a:18:3e:ed:c4:39:e0:c9:fc:b5:
8e:23:05:96:33:e8:0c:7b:53:a0:e2:83:e7:00:c6:
89:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A8:AC:71:A6:8B:06:1E:89:C3:A5:A7:57:7C:D7:E0:14:48:94:E9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3D06E626A9B011EFB8B43295762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.72.0/21
Signature Algorithm: sha256WithRSAEncryption
b7:73:47:87:5e:bd:ae:c3:c6:c9:a9:dd:17:65:fa:88:ec:42:
66:cd:66:e9:32:e8:3a:6e:44:0a:0a:89:b0:01:b6:f0:9b:47:
0c:65:0f:bd:f4:17:3c:a0:a8:89:44:f3:56:89:ab:a0:79:56:
4c:7f:6a:87:9f:16:05:09:be:94:97:64:41:b8:77:1e:33:b3:
5e:18:c2:fd:15:cb:c3:2a:b9:26:f1:9e:b8:08:ff:fa:3b:e6:
a7:0e:a3:8e:80:c9:42:68:f0:9b:9a:b9:48:65:19:83:d5:b2:
01:e0:85:3d:d8:21:b1:f8:76:ac:55:35:6e:7d:54:a2:94:e2:
3f:8e:3c:5c:25:12:3f:88:e8:e2:fa:b5:55:1f:0b:52:7f:77:
f8:d3:d4:68:05:2b:0d:42:19:ac:28:b6:a3:fa:58:03:28:46:
63:87:fd:63:f4:f0:aa:39:b4:82:05:20:e5:cb:a1:59:12:bd:
85:82:73:64:7b:f8:1e:95:b7:08:ff:84:8b:f5:3b:17:5f:30:
cd:5d:55:c7:f0:71:e6:ba:97:b5:ef:c3:8a:a4:c0:e7:fd:d1:
7d:eb:ff:7d:50:44:8f:6a:ae:c2:62:c4:e2:d8:3f:b8:79:96:
85:1c:22:80:48:81:eb:6c:19:22:ca:9d:af:0f:a4:2c:03:fc:
21:6a:da:a6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARGkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIzMTUzMzA0WhcNMjQxMjI2MTUzMzA0WjAYMRYw
FAYDVQQDEw02NzQxZjViMy03ZDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxB8iDAcAozIbozDVQkns2FsLYDX7vLzy6xcRaYT4xC/42CJv6hJnYfYW
GcCxTeMyrlKodN6BPuKTZ7p2Oz9Q/QjS0AQFz/4sLwRqsxqH3Geo7z08yGZTisSH
eZkWgp4l8Li8dmCoyFDTkSQ7/YuAQJ0B/2N/CoYZu0Mg7HVA2398v5RXx0ScYkrd
mAY9EFfonPcAfhAVTEyU0KlQ5vZtDBqQFLDn6lm6mJIU/2N1nGLBM+j/8KSpBq6+
8UTieHp1CfFv9oL7m8wQO1eLQn8mEEbuFDx4/F/Fz6YFsAnl/mk6yWvylUoYPu3E
OeDJ/LWOIwWWM+gMe1Og4oPnAMaJwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPio
rHGmiwYeicOlp1d81+AUSJTpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRDA2RTYyNkE5QjAxMUVGQjhCNDMyOTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmslIMA0GCSqGSIb3DQEB
CwUAA4IBAQC3c0eHXr2uw8bJqd0XZfqI7EJmzWbpMug6bkQKComwAbbwm0cMZQ+9
9Bc8oKiJRPNWiaugeVZMf2qHnxYFCb6Ul2RBuHceM7NeGML9FcvDKrkm8Z64CP/6
O+anDqOOgMlCaPCbmrlIZRmD1bIB4IU92CGx+HasVTVufVSilOI/jjxcJRI/iOji
+rVVHwtSf3f409RoBSsNQhmsKLaj+lgDKEZjh/1j9PCqObSCBSDly6FZEr2FgnNk
e/gelbcI/4SL9TsXXzDNXVXH8HHmupe178OKpMDn/dF96/99UESPaq7CYsTi2D+4
eZaFHCKASIHrbBkiyp2vD6QsA/whatqm
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:27 2024 by rpki-client on console-fra.rpki-client.org