Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/448F24389D1911EF974D4AB5762E951A.roa
File: 448F24389D1911EF974D4AB5762E951A.roa (raw, json)
Hash identifier: 1yGc7u/X4vVNsIDJnqE+ZNdrFS3C/rx3k5WB2W4xSaU=
Subject key identifier: 76:4C:5F:B5:CE:E2:51:31:DF:7C:FA:9A:23:03:55:F1:33:63:6E:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01096D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/448F24389D1911EF974D4AB5762E951A.roa
Signing time: Thu 07 Nov 2024 15:02:12 +0000
ROA not before: Thu 07 Nov 2024 15:02:09 +0000
ROA not after: Wed 11 Dec 2024 15:02:09 +0000
asID: 203020
IP address blocks: 154.209.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67949 (0x1096d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 15:02:09 2024 GMT
Not After : Dec 11 15:02:09 2024 GMT
Subject: CN=672cd674-a2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7c:26:08:77:93:16:a7:5a:7f:77:af:71:c4:
bd:ce:a4:81:9c:d1:35:3b:78:4f:e5:ec:4b:81:af:
93:a1:40:9b:a2:52:67:9d:78:cf:7f:25:1f:22:a4:
33:a6:4e:f7:f9:d9:64:a0:8d:39:b6:2b:81:00:db:
39:2a:86:85:48:9c:1b:db:ca:cd:78:ef:59:9a:11:
cc:59:7e:08:96:25:9e:a7:c3:92:47:9a:b4:08:64:
39:a5:36:15:c4:8a:2e:f4:a4:69:04:9c:a6:4c:54:
f5:88:59:68:f6:47:f4:6b:e8:79:0e:bf:9a:c3:41:
74:6b:46:5e:85:19:f9:83:61:2d:c1:84:ab:a9:e4:
a3:66:cf:15:a4:c9:c9:3a:43:41:cb:81:ad:cc:95:
79:74:ba:79:81:bc:87:f1:08:cc:b5:6c:6f:80:be:
af:53:0c:d0:90:04:ac:c2:67:36:b8:89:e4:ec:02:
ca:17:64:ca:c6:9e:26:d3:53:27:1f:d8:b9:be:bd:
5f:fd:d0:65:23:55:64:fd:d1:0f:8a:f0:3b:89:50:
4f:58:8a:0f:cb:43:be:38:de:9c:96:2a:88:98:0b:
94:e4:fc:dd:24:cb:bd:e6:39:6e:98:da:5c:c7:ac:
fc:bd:05:44:7d:6b:8c:69:f5:b7:e6:21:81:bb:8a:
ce:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4C:5F:B5:CE:E2:51:31:DF:7C:FA:9A:23:03:55:F1:33:63:6E:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/448F24389D1911EF974D4AB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.250.0/24
Signature Algorithm: sha256WithRSAEncryption
be:f7:ec:76:1d:e3:17:c1:f9:44:96:84:2d:48:f1:32:28:dc:
5b:8d:6d:6a:8a:8c:be:7b:e3:c5:b4:5b:4a:f3:0c:a5:f3:94:
bb:7a:cf:78:22:10:c6:3b:cc:ea:a9:be:3d:53:05:49:30:51:
54:5a:ad:40:c1:89:be:7a:bd:1a:f2:92:0e:8c:6f:c4:62:f2:
63:05:cb:d8:fb:e6:49:04:53:a8:b9:7d:4a:be:ab:84:73:43:
a8:a3:5a:49:18:4e:3f:82:59:8f:a1:88:15:bb:54:00:1c:ad:
ac:63:c0:33:4f:b6:e2:d3:ee:6c:23:af:a3:09:6a:12:a1:a8:
b9:cc:fc:8b:ee:8d:a4:ea:a1:29:c3:9c:e7:55:7a:aa:60:3e:
50:67:27:5b:09:cf:a5:47:05:f1:7e:7b:6f:74:fb:9b:47:b2:
ef:be:25:db:12:6f:61:fd:78:35:97:a9:c9:89:57:74:e2:b1:
5a:b0:0d:f7:ac:3f:1f:69:2b:8f:a3:32:6c:6f:ce:99:b3:f0:
36:cd:c8:a4:84:a2:08:ff:f9:70:ce:0d:d5:71:e5:29:c2:5b:
b1:2b:16:4b:1c:e4:60:00:04:31:bb:1e:6b:6d:8b:60:68:9e:
9d:70:4d:40:09:f6:8d:96:19:9d:6d:49:35:8a:69:c9:28:73:
35:6a:53:b9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQltMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MTUwMjA5WhcNMjQxMjExMTUwMjA5WjAYMRYw
FAYDVQQDEw02NzJjZDY3NC1hMmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxHwmCHeTFqdaf3evccS9zqSBnNE1O3hP5exLga+ToUCbolJnnXjPfyUf
IqQzpk73+dlkoI05tiuBANs5KoaFSJwb28rNeO9ZmhHMWX4IliWep8OSR5q0CGQ5
pTYVxIou9KRpBJymTFT1iFlo9kf0a+h5Dr+aw0F0a0ZehRn5g2EtwYSrqeSjZs8V
pMnJOkNBy4GtzJV5dLp5gbyH8QjMtWxvgL6vUwzQkASswmc2uInk7ALKF2TKxp4m
01MnH9i5vr1f/dBlI1Vk/dEPivA7iVBPWIoPy0O+ON6cliqImAuU5PzdJMu95jlu
mNpcx6z8vQVEfWuMafW35iGBu4rOUQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHZM
X7XO4lEx33z6miMDVfEzY27ZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NDhGMjQzODlEMTkxMUVGOTc0RDRBQjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtH6MA0GCSqGSIb3DQEB
CwUAA4IBAQC+9+x2HeMXwflEloQtSPEyKNxbjW1qioy+e+PFtFtK8wyl85S7es94
IhDGO8zqqb49UwVJMFFUWq1AwYm+er0a8pIOjG/EYvJjBcvY++ZJBFOouX1KvquE
c0Ooo1pJGE4/glmPoYgVu1QAHK2sY8AzT7bi0+5sI6+jCWoSoai5zPyL7o2k6qEp
w5znVXqqYD5QZydbCc+lRwXxfntvdPubR7LvviXbEm9h/Xg1l6nJiVd04rFasA33
rD8faSuPozJsb86Zs/A2zcikhKII//lwzg3VceUpwluxKxZLHORgAAQxux5rbYtg
aJ6dcE1ACfaNlhmdbUk1imnJKHM1alO5
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:02 2024 by rpki-client on console-ams.rpki-client.org