Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43199FD6A00A11EFA6C37ABA762E951A.roa
File: 43199FD6A00A11EFA6C37ABA762E951A.roa (raw, json)
Hash identifier: bNdBEJ1C7MwNNkCRH2thnjzq9WCb6d+ocbBZUzlaSac=
Subject key identifier: 55:5A:52:50:A9:AC:2A:99:2A:2D:89:8B:46:B3:B1:DA:EA:9B:12:27
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010BDB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43199FD6A00A11EFA6C37ABA762E951A.roa
Signing time: Mon 11 Nov 2024 08:52:21 +0000
ROA not before: Mon 11 Nov 2024 08:52:17 +0000
ROA not after: Sun 11 May 2025 08:52:17 +0000
asID: 139871
IP address blocks: 154.197.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68571 (0x10bdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 11 08:52:17 2024 GMT
Not After : May 11 08:52:17 2025 GMT
Subject: CN=6731c5c5-3751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3e:44:83:ae:64:71:ea:68:30:59:d9:1a:1e:
00:45:c6:a3:0c:70:7e:c6:87:9a:1a:08:d7:26:ae:
21:2a:a5:8d:cb:60:b1:39:3b:7e:81:9e:fc:b5:45:
86:e8:ab:42:80:98:62:fb:ae:14:2a:b0:53:27:21:
a1:9d:6d:26:cf:27:56:3d:42:3f:d2:79:02:e0:55:
1e:7f:05:c5:bc:af:54:c3:f1:49:e4:50:72:a3:0f:
cb:5f:c3:05:dd:ef:4b:25:ae:58:e5:26:45:00:61:
59:ed:c3:df:f1:ce:73:65:76:ff:b3:cb:4c:90:21:
63:10:9c:a0:21:1a:50:a0:6a:7c:18:6d:44:a3:0f:
19:c1:41:49:e3:24:37:5c:cb:59:13:fa:d1:96:6d:
74:13:e0:10:23:1c:2f:46:6e:cf:f7:e4:ff:9a:81:
df:cd:68:c5:97:ea:9e:0e:58:dc:9f:84:f6:0b:bb:
45:cb:87:9f:0b:36:34:7c:58:91:a6:eb:2c:62:d8:
ca:b3:81:da:a0:c0:a9:1d:2e:3e:90:a0:40:11:ab:
31:02:c9:ed:31:3d:91:c5:9e:2c:3d:aa:3e:3c:88:
ef:da:ec:1e:47:62:a9:68:9a:e4:0b:f7:44:47:09:
e3:be:b9:b3:a6:e9:59:28:85:79:01:9a:9a:f3:cb:
da:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5A:52:50:A9:AC:2A:99:2A:2D:89:8B:46:B3:B1:DA:EA:9B:12:27
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43199FD6A00A11EFA6C37ABA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.109.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:84:30:86:36:40:c3:e9:71:ea:29:49:87:fc:17:7f:4c:4a:
8f:45:0b:12:2d:9f:ac:32:87:de:42:c0:62:22:b1:6c:35:2f:
15:14:82:73:14:38:49:d0:c7:f1:a5:11:18:ec:05:f4:8a:98:
2c:57:b2:85:fe:82:cd:20:05:01:97:d7:9a:c4:41:22:07:96:
a3:01:22:4b:2e:4d:40:c8:02:45:43:98:84:77:eb:f7:5a:df:
8e:c4:45:3c:8e:e4:85:78:15:e4:1d:4f:10:ae:26:28:5f:a0:
2b:3e:cf:b8:04:1b:39:22:4f:79:2d:06:6d:9f:90:19:67:1e:
32:f3:a1:8b:b8:aa:97:0d:7a:8d:5e:a0:c3:15:ff:04:09:f9:
a7:e9:69:88:5f:a8:9d:66:41:ef:6c:20:57:91:3d:07:8e:fe:
44:9f:9a:ad:8f:20:d7:01:b2:dc:d1:28:55:60:33:1a:58:ff:
1e:ab:48:fa:69:67:45:54:bc:bd:0f:8f:79:c8:3d:ab:6d:54:
0c:2b:60:8e:58:07:dd:72:1b:e6:d6:c2:3e:19:11:0e:cc:ac:
31:93:c6:49:82:0b:92:79:3c:18:5d:91:cb:1f:a9:9e:6b:7d:
b0:fd:69:91:77:1d:fd:b5:5d:aa:de:b6:74:06:e1:1a:4e:21:
09:15:43:bf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQvbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTExMDg1MjE3WhcNMjUwNTExMDg1MjE3WjAYMRYw
FAYDVQQDEw02NzMxYzVjNS0zNzUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwz5Eg65kcepoMFnZGh4ARcajDHB+xoeaGgjXJq4hKqWNy2CxOTt+gZ78
tUWG6KtCgJhi+64UKrBTJyGhnW0mzydWPUI/0nkC4FUefwXFvK9Uw/FJ5FByow/L
X8MF3e9LJa5Y5SZFAGFZ7cPf8c5zZXb/s8tMkCFjEJygIRpQoGp8GG1Eow8ZwUFJ
4yQ3XMtZE/rRlm10E+AQIxwvRm7P9+T/moHfzWjFl+qeDljcn4T2C7tFy4efCzY0
fFiRpussYtjKs4HaoMCpHS4+kKBAEasxAsntMT2RxZ4sPao+PIjv2uweR2KpaJrk
C/dERwnjvrmzpulZKIV5AZqa88vayQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFVa
UlCprCqZKi2Ji0azsdrqmxInMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MzE5OUZENkEwMEExMUVGQTZDMzdBQkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVtMA0GCSqGSIb3DQEB
CwUAA4IBAQAPhDCGNkDD6XHqKUmH/Bd/TEqPRQsSLZ+sMofeQsBiIrFsNS8VFIJz
FDhJ0MfxpREY7AX0ipgsV7KF/oLNIAUBl9eaxEEiB5ajASJLLk1AyAJFQ5iEd+v3
Wt+OxEU8juSFeBXkHU8QriYoX6ArPs+4BBs5Ik95LQZtn5AZZx4y86GLuKqXDXqN
XqDDFf8ECfmn6WmIX6idZkHvbCBXkT0Hjv5En5qtjyDXAbLc0ShVYDMaWP8eq0j6
aWdFVLy9D495yD2rbVQMK2COWAfdchvm1sI+GREOzKwxk8ZJgguSeTwYXZHLH6me
a32w/WmRdx39tV2q3rZ0BuEaTiEJFUO/
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:02:34 2024 by rpki-client on console-fra.rpki-client.org