Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43FF2AEC91E111EF81267279762E951A.roa
File: 43FF2AEC91E111EF81267279762E951A.roa (raw, json)
Hash identifier: vmX+vKbhzllJ+/WO2LmH401xBdSMfo4vFq7xJ4+mjXM=
Subject key identifier: BC:2A:6A:D9:F0:13:2B:E7:98:6C:1C:3A:2B:F8:64:12:2F:5C:09:E8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010119
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43FF2AEC91E111EF81267279762E951A.roa
Signing time: Thu 24 Oct 2024 08:23:37 +0000
ROA not before: Thu 24 Oct 2024 08:23:33 +0000
ROA not after: Tue 26 Nov 2024 08:23:33 +0000
asID: 21738
IP address blocks: 154.206.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 08:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65817 (0x10119)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 24 08:23:33 2024 GMT
Not After : Nov 26 08:23:33 2024 GMT
Subject: CN=671a0409-7e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:12:ce:bd:4b:9a:c3:59:d5:5f:82:02:dd:e8:
11:f6:98:fb:3c:21:db:5d:91:f6:84:88:23:8e:2e:
8e:ad:88:6a:c2:dc:dd:bf:ee:6f:3d:aa:75:4d:85:
32:73:b4:51:44:29:5b:29:8a:c9:14:c3:17:04:71:
1a:f1:de:3e:53:c0:0c:b1:97:ea:d9:01:85:db:67:
1d:a6:8a:43:5e:52:04:c8:2c:37:65:5a:fe:e6:f6:
05:d7:f3:55:71:dd:e1:a2:76:25:20:a3:ef:01:d9:
df:60:35:d1:87:5f:e9:7a:78:90:21:c1:de:d0:fe:
af:aa:89:96:5d:76:25:63:e6:7a:2a:bc:1f:0f:8a:
57:81:2d:17:5d:58:22:f7:8e:52:95:06:35:db:e6:
e4:ef:0d:a0:e5:15:52:46:92:72:a8:dc:05:22:1e:
bb:46:61:2d:fd:7c:a3:af:71:f8:af:24:08:71:df:
5f:d1:b2:7a:27:ac:bd:a8:31:18:53:55:fb:a7:99:
6d:ea:ee:bb:01:e1:67:2d:ea:29:9b:aa:7c:64:93:
91:5a:63:7f:4a:c5:d5:03:4f:1b:a8:25:9c:5a:e0:
09:8a:89:c6:d0:e6:d8:dc:a8:2b:26:20:2a:93:53:
f0:20:fe:5b:4c:a3:06:de:24:67:86:83:58:c8:cd:
4c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:2A:6A:D9:F0:13:2B:E7:98:6C:1C:3A:2B:F8:64:12:2F:5C:09:E8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/43FF2AEC91E111EF81267279762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.19.0/24
Signature Algorithm: sha256WithRSAEncryption
39:65:55:0a:d9:ed:aa:7b:2c:41:e7:38:18:53:82:1b:cc:a1:
4a:76:cd:72:c3:c4:18:d5:75:fd:5e:98:62:62:1d:c2:19:e1:
88:f8:8f:70:97:26:a4:50:44:f7:1d:35:30:c5:04:8c:b0:13:
91:4c:ee:53:1b:54:ce:f2:69:19:95:4f:33:9d:f4:fe:0e:5b:
4c:6d:bd:e7:f1:88:c9:e7:2f:31:38:05:40:f7:e6:9f:d4:6c:
77:d2:85:a3:d8:62:18:5a:cb:90:61:64:10:96:f9:c5:e3:d9:
1c:33:fb:fc:5d:98:75:1a:38:35:1b:db:04:cd:55:47:ee:3d:
e9:64:35:83:fa:40:fb:56:fb:4d:b1:9f:d2:63:90:77:d8:1a:
2b:77:38:dc:70:5c:a0:66:9f:07:1a:4d:38:6b:83:f4:b3:00:
9e:59:70:15:22:85:f3:b5:fd:5b:9a:9a:e9:c9:34:63:1d:e3:
e5:87:b7:56:cd:9c:a8:69:aa:43:18:9d:ab:14:00:b3:53:0e:
60:31:dd:b2:74:21:77:d7:6f:04:bb:81:02:ed:bd:58:d5:08:
00:fc:36:b1:fa:44:61:d0:78:ba:7b:8d:eb:cf:40:da:fa:86:
dc:14:19:06:e2:66:46:bf:d1:c4:dd:d8:47:5c:c3:ce:a7:bc:
c7:69:ce:e1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQEZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDI0MDgyMzMzWhcNMjQxMTI2MDgyMzMzWjAYMRYw
FAYDVQQDEw02NzFhMDQwOS03ZTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1RLOvUuaw1nVX4IC3egR9pj7PCHbXZH2hIgjji6OrYhqwtzdv+5vPap1
TYUyc7RRRClbKYrJFMMXBHEa8d4+U8AMsZfq2QGF22cdpopDXlIEyCw3ZVr+5vYF
1/NVcd3honYlIKPvAdnfYDXRh1/peniQIcHe0P6vqomWXXYlY+Z6KrwfD4pXgS0X
XVgi945SlQY12+bk7w2g5RVSRpJyqNwFIh67RmEt/Xyjr3H4ryQIcd9f0bJ6J6y9
qDEYU1X7p5lt6u67AeFnLeopm6p8ZJORWmN/SsXVA08bqCWcWuAJionG0ObY3Kgr
JiAqk1PwIP5bTKMG3iRnhoNYyM1MSwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLwq
atnwEyvnmGwcOiv4ZBIvXAnoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80M0ZGMkFFQzkxRTExMUVGODEyNjcyNzk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4TMA0GCSqGSIb3DQEB
CwUAA4IBAQA5ZVUK2e2qeyxB5zgYU4IbzKFKds1yw8QY1XX9XphiYh3CGeGI+I9w
lyakUET3HTUwxQSMsBORTO5TG1TO8mkZlU8znfT+DltMbb3n8YjJ5y8xOAVA9+af
1Gx30oWj2GIYWsuQYWQQlvnF49kcM/v8XZh1Gjg1G9sEzVVH7j3pZDWD+kD7VvtN
sZ/SY5B32BordzjccFygZp8HGk04a4P0swCeWXAVIoXztf1bmprpyTRjHePlh7dW
zZyoaapDGJ2rFACzUw5gMd2ydCF3128Eu4EC7b1Y1QgA/Dax+kRh0Hi6e43rz0Da
+obcFBkG4mZGv9HE3dhHXMPOp7zHac7h
-----END CERTIFICATE-----
Generated at Mon Nov 25 10:56:32 2024 by rpki-client on console-ams.rpki-client.org