Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/448A4D509D1411EFBBC34897762E951A.roa
File: 448A4D509D1411EFBBC34897762E951A.roa (raw, json)
Hash identifier: bcvAyeK+bcixdHJFNrTxT38wvuajhrpjQYxQZ2STMzQ=
Subject key identifier: 02:7E:8E:9A:6A:38:FA:62:DF:14:20:25:46:47:C2:C4:19:5B:1A:BC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01093D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/448A4D509D1411EFBBC34897762E951A.roa
Signing time: Thu 07 Nov 2024 14:26:25 +0000
ROA not before: Thu 07 Nov 2024 14:26:21 +0000
ROA not after: Tue 07 Jan 2025 14:26:21 +0000
asID: 139057
IP address blocks: 154.85.84.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67901 (0x1093d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 14:26:21 2024 GMT
Not After : Jan 7 14:26:21 2025 GMT
Subject: CN=672cce11-11cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6a:a0:e9:d5:f7:ca:4e:10:c3:f5:54:c2:0d:
6b:ff:27:61:f6:14:92:45:68:0a:da:c8:93:66:1e:
a2:f4:a3:f4:71:d3:ec:10:f2:f5:f5:7d:56:db:0f:
bb:cb:dc:a1:40:12:d3:cd:b5:0d:10:df:1f:86:b7:
3d:1e:1e:5b:a7:66:ff:1f:38:f1:94:5f:ba:1a:1d:
ea:58:dd:97:7e:8a:a7:28:7f:38:64:1e:5d:98:3c:
f5:c7:ba:c2:57:ce:67:c6:63:04:49:5b:6b:cf:9b:
6c:50:07:1c:9f:1b:34:ca:0f:08:26:2a:c5:14:10:
aa:4d:44:26:64:cb:4a:81:e9:51:19:04:31:0b:b1:
7c:19:55:6a:7a:f5:53:dc:72:6a:18:0c:df:90:73:
09:98:02:c0:1b:e5:81:25:39:40:ce:18:b7:54:8d:
92:61:f3:44:e9:2e:5e:1f:58:78:f7:44:23:56:44:
21:9e:9e:0e:94:c7:d3:a5:3e:3e:d4:86:cb:03:4f:
ab:2a:09:eb:fb:07:76:5c:7d:c6:6d:68:80:cd:29:
36:f5:59:36:aa:02:9d:64:0d:49:a3:0f:19:7d:a0:
1e:56:23:78:46:6b:7f:09:73:a5:62:4f:db:bb:c8:
28:16:e4:24:36:cc:00:1f:5a:6c:de:4d:d3:f5:b3:
f8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7E:8E:9A:6A:38:FA:62:DF:14:20:25:46:47:C2:C4:19:5B:1A:BC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/448A4D509D1411EFBBC34897762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.84.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:5f:0d:b8:ca:d5:a5:8f:1c:a5:c4:68:d4:57:1b:72:d9:bf:
a5:76:fe:e9:7f:e5:61:dd:7c:3b:d1:9d:7e:e4:1a:53:51:a9:
29:12:ec:0e:0d:ee:a3:40:4c:4a:d3:01:68:37:74:79:30:9e:
ca:dd:00:00:05:eb:a5:11:84:2e:f9:41:b5:2e:6c:08:eb:b8:
39:e3:53:0d:cb:f5:6b:27:ed:1d:10:0f:aa:d3:7b:38:4c:18:
78:2e:b9:38:4f:1b:c1:61:36:a2:c5:aa:c6:d6:32:bb:ea:cf:
bb:ad:d8:1a:6f:c0:ca:fa:a6:11:e2:59:d7:50:f0:8e:1b:c5:
1b:e5:7e:2d:1e:06:bc:3b:77:35:9c:d6:e8:bb:a7:ee:5d:65:
54:c4:27:d5:a1:96:50:37:f0:10:d6:c9:b6:4f:b2:b1:4c:41:
5c:c2:3b:a9:67:98:2c:b9:b3:48:b4:45:40:c3:f7:0a:6b:4b:
e6:49:0e:66:c2:10:ed:21:8f:7a:c9:40:ac:ad:0b:17:71:24:
6f:b6:22:9e:e1:f8:5b:2c:02:28:5c:2c:de:0e:f7:40:03:57:
eb:fa:1c:11:f7:af:a5:85:a7:70:fe:88:cd:74:5c:b5:7d:e4:
cc:95:75:b5:8d:5c:81:ac:78:60:84:f6:0f:f8:e8:5a:95:85:
e7:4e:7f:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQk9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MTQyNjIxWhcNMjUwMTA3MTQyNjIxWjAYMRYw
FAYDVQQDEw02NzJjY2UxMS0xMWNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv2qg6dX3yk4Qw/VUwg1r/ydh9hSSRWgK2siTZh6i9KP0cdPsEPL19X1W
2w+7y9yhQBLTzbUNEN8fhrc9Hh5bp2b/HzjxlF+6Gh3qWN2XfoqnKH84ZB5dmDz1
x7rCV85nxmMESVtrz5tsUAccnxs0yg8IJirFFBCqTUQmZMtKgelRGQQxC7F8GVVq
evVT3HJqGAzfkHMJmALAG+WBJTlAzhi3VI2SYfNE6S5eH1h490QjVkQhnp4OlMfT
pT4+1IbLA0+rKgnr+wd2XH3GbWiAzSk29Vk2qgKdZA1Jow8ZfaAeViN4Rmt/CXOl
Yk/bu8goFuQkNswAH1ps3k3T9bP4PwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAJ+
jppqOPpi3xQgJUZHwsQZWxq8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NDhBNEQ1MDlEMTQxMUVGQkJDMzQ4OTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlVUMA0GCSqGSIb3DQEB
CwUAA4IBAQC2Xw24ytWljxylxGjUVxty2b+ldv7pf+Vh3Xw70Z1+5BpTUakpEuwO
De6jQExK0wFoN3R5MJ7K3QAABeulEYQu+UG1LmwI67g541MNy/VrJ+0dEA+q03s4
TBh4Lrk4TxvBYTaixarG1jK76s+7rdgab8DK+qYR4lnXUPCOG8Ub5X4tHga8O3c1
nNbou6fuXWVUxCfVoZZQN/AQ1sm2T7KxTEFcwjupZ5gsubNItEVAw/cKa0vmSQ5m
whDtIY96yUCsrQsXcSRvtiKe4fhbLAIoXCzeDvdAA1fr+hwR96+lhadw/ojNdFy1
feTMlXW1jVyBrHhghPYP+OhalYXnTn+L
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:05 2024 by rpki-client on console-fra.rpki-client.org