Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FB0C8E87E3A11EFA3E1E997762E951A.roa
File: 3FB0C8E87E3A11EFA3E1E997762E951A.roa (raw, json)
Hash identifier: zXJ77vM5VpC9WUpC2jU3zBffAiX3o8xYyvc9pv3Er68=
Subject key identifier: B0:85:DF:0B:70:04:23:6D:41:0A:DF:9F:C3:8D:90:B5:CB:1C:CD:09
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: F47C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FB0C8E87E3A11EFA3E1E997762E951A.roa
Signing time: Sun 29 Sep 2024 08:10:11 +0000
ROA not before: Sun 29 Sep 2024 08:10:07 +0000
ROA not after: Mon 30 Dec 2024 08:10:07 +0000
asID: 17561
IP address blocks: 154.220.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62588 (0xf47c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 29 08:10:07 2024 GMT
Not After : Dec 30 08:10:07 2024 GMT
Subject: CN=66f90b63-91af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:11:55:c1:04:bb:35:51:bf:89:55:3e:89:ba:
00:f8:d4:4d:e6:5d:39:e8:2f:29:46:ad:60:a4:a5:
c5:fd:9f:9c:27:46:ae:20:a3:b5:32:95:34:87:2a:
e3:4c:af:c6:82:80:70:75:7a:ee:5c:42:26:75:3d:
08:84:30:97:09:40:ae:81:ca:e7:4d:e4:21:8d:48:
ea:10:88:28:fa:9c:4d:3c:df:c5:b8:c2:d6:7d:4d:
00:e6:03:54:10:ac:22:f8:d0:c4:ef:cf:22:45:17:
3c:48:18:0b:ab:56:f9:35:09:f6:f1:7d:98:85:a3:
9d:14:8a:70:1c:45:c1:60:36:2a:20:9e:a0:5d:88:
fa:01:12:68:4b:ee:f4:d2:d9:d7:f1:2d:9e:89:dd:
b4:99:5a:3f:1f:ef:20:5f:56:66:be:9d:b0:84:f6:
c6:74:98:fb:a6:71:f2:fa:80:43:df:8e:59:84:7a:
c0:07:7e:57:0e:24:ad:8a:f4:58:62:6a:eb:9a:1d:
55:ee:8d:f1:54:2d:85:eb:66:89:1f:d4:37:57:ab:
e0:62:7f:81:f4:24:55:14:21:09:20:fb:74:e6:be:
44:59:67:b0:a1:fb:5f:6d:b0:27:a8:e9:75:02:67:
7e:31:6a:c6:2b:d1:7e:77:17:20:3a:f4:b9:6d:02:
fd:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:85:DF:0B:70:04:23:6D:41:0A:DF:9F:C3:8D:90:B5:CB:1C:CD:09
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FB0C8E87E3A11EFA3E1E997762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.0.0/24
Signature Algorithm: sha256WithRSAEncryption
25:82:4f:d2:95:1f:86:4c:b1:a4:e5:28:ad:40:1f:0c:2f:5b:
6d:57:42:3c:2e:84:cb:62:dd:fd:d9:ff:e2:99:20:f1:5a:9c:
bf:91:45:5c:ee:8f:74:60:8b:d3:7f:49:8b:8d:49:7a:92:e7:
10:e5:50:96:c1:ea:1e:65:12:d1:1e:0f:f3:ca:9a:ec:79:92:
76:40:c1:aa:24:e0:4a:cf:94:1e:93:d0:6c:03:0d:96:58:1a:
79:67:3b:f4:76:42:0e:64:6b:dd:0a:c2:23:77:8f:9d:7c:76:
e1:5d:e8:09:a9:de:34:4e:1f:70:60:33:ab:4b:18:44:33:a1:
17:d9:d3:db:21:d3:15:06:66:f2:51:38:e1:cc:ab:2f:bc:af:
b7:87:26:c6:8f:9c:dd:74:54:b4:79:27:4f:fe:7b:c8:50:95:
b5:14:1b:eb:5a:15:0f:de:69:98:65:fb:80:de:20:80:cd:52:
39:31:cb:05:9d:53:ca:ce:41:d4:e1:70:ed:61:4c:27:66:fb:
5e:da:34:91:c3:e4:e4:5d:29:5d:c8:8c:17:18:03:4d:5d:1f:
68:e0:63:de:fa:01:c1:24:46:66:89:45:13:11:4e:77:5c:18:
d2:1d:2d:2d:aa:48:76:05:75:98:b9:8c:8d:b0:cf:ba:7a:d7:
b7:93:57:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAPR8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTI5MDgxMDA3WhcNMjQxMjMwMDgxMDA3WjAYMRYw
FAYDVQQDEw02NmY5MGI2My05MWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApxFVwQS7NVG/iVU+iboA+NRN5l056C8pRq1gpKXF/Z+cJ0auIKO1MpU0
hyrjTK/GgoBwdXruXEImdT0IhDCXCUCugcrnTeQhjUjqEIgo+pxNPN/FuMLWfU0A
5gNUEKwi+NDE788iRRc8SBgLq1b5NQn28X2YhaOdFIpwHEXBYDYqIJ6gXYj6ARJo
S+700tnX8S2eid20mVo/H+8gX1Zmvp2whPbGdJj7pnHy+oBD345ZhHrAB35XDiSt
ivRYYmrrmh1V7o3xVC2F62aJH9Q3V6vgYn+B9CRVFCEJIPt05r5EWWewoftfbbAn
qOl1Amd+MWrGK9F+dxcgOvS5bQL94QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLCF
3wtwBCNtQQrfn8ONkLXLHM0JMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRkIwQzhFODdFM0ExMUVGQTNFMUU5OTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtwAMA0GCSqGSIb3DQEB
CwUAA4IBAQAlgk/SlR+GTLGk5SitQB8ML1ttV0I8LoTLYt392f/imSDxWpy/kUVc
7o90YIvTf0mLjUl6kucQ5VCWweoeZRLRHg/zyprseZJ2QMGqJOBKz5Qek9BsAw2W
WBp5Zzv0dkIOZGvdCsIjd4+dfHbhXegJqd40Th9wYDOrSxhEM6EX2dPbIdMVBmby
UTjhzKsvvK+3hybGj5zddFS0eSdP/nvIUJW1FBvrWhUP3mmYZfuA3iCAzVI5McsF
nVPKzkHU4XDtYUwnZvte2jSRw+TkXSldyIwXGANNXR9o4GPe+gHBJEZmiUUTEU53
XBjSHS0tqkh2BXWYuYyNsM+6ete3k1cw
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:04 2024 by rpki-client on console-fra.rpki-client.org