Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/475E6B3AA8D911EF91171C4C762E951A.roa
File: 475E6B3AA8D911EF91171C4C762E951A.roa (raw, json)
Hash identifier: CU/Vg5LxiriRTST6blbEVgDR8OYnXbHhEvviRu4Vfh8=
Subject key identifier: 69:CE:6F:0F:86:8D:3B:D3:C6:7D:F8:2C:FD:00:CA:AE:5B:FB:56:94
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011041
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/475E6B3AA8D911EF91171C4C762E951A.roa
Signing time: Fri 22 Nov 2024 13:54:23 +0000
ROA not before: Fri 22 Nov 2024 13:54:19 +0000
ROA not after: Mon 02 Dec 2024 13:54:19 +0000
asID: 44559
IP address blocks: 154.210.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69697 (0x11041)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 13:54:19 2024 GMT
Not After : Dec 2 13:54:19 2024 GMT
Subject: CN=67408d0f-a681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:61:cd:f1:c2:b3:11:89:7b:7a:38:ba:d9:61:
01:b6:22:cc:17:e9:f5:26:f5:b3:da:d0:36:6b:0a:
3b:df:41:1d:f2:35:36:ee:31:d0:82:0d:44:f2:8e:
68:5c:8e:39:8d:be:35:dc:7b:b1:20:47:25:40:f8:
aa:6d:60:9b:2f:a2:72:a2:85:77:44:51:9b:03:39:
15:2d:ad:01:fb:35:5d:04:f4:8c:4f:ec:15:9a:9d:
d3:21:82:59:95:63:e0:dd:51:a6:14:64:fc:3f:2d:
b4:f1:23:8a:17:7f:63:99:0b:d5:79:d3:27:22:bd:
e2:9e:4b:27:42:95:76:67:ac:f4:57:ae:03:6c:52:
bf:51:6c:86:ce:1e:7a:e8:d2:75:d7:60:98:48:5c:
25:e0:8b:1a:17:8b:cb:32:5c:d2:51:e2:7c:2e:81:
21:f1:70:01:0f:f0:ae:cb:f2:eb:12:e4:98:a6:2a:
e9:25:9f:86:a5:73:c4:46:a9:c6:6b:29:7f:5b:f5:
02:c1:23:3b:91:28:89:d3:24:bd:0e:aa:f6:64:f7:
e1:4e:17:d6:46:9b:f4:70:dc:1e:bf:35:3c:10:45:
66:f0:9d:a3:8b:2a:f6:7d:16:76:14:37:c9:04:ab:
eb:a1:32:81:68:fa:58:77:5c:a1:a9:b4:f0:45:33:
be:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CE:6F:0F:86:8D:3B:D3:C6:7D:F8:2C:FD:00:CA:AE:5B:FB:56:94
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/475E6B3AA8D911EF91171C4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.86.0/23
Signature Algorithm: sha256WithRSAEncryption
b9:61:32:f2:65:b7:ed:db:0c:16:24:a9:8e:09:f3:95:17:0a:
6c:89:f4:ee:1c:42:e2:63:5a:06:72:ec:4d:01:92:c0:34:75:
10:09:f8:c9:8b:d0:0f:66:d4:41:42:7b:81:95:ad:7d:65:80:
66:59:00:20:53:b9:4c:e7:f2:d1:f8:79:a8:f4:6a:9a:db:5f:
19:4a:9f:6d:ef:22:33:b0:94:89:7c:cc:a5:30:4a:20:8c:09:
bc:5b:37:ea:d3:e7:4a:ee:e6:3e:6d:35:d4:9a:60:db:11:21:
65:2e:a9:4b:88:8a:fe:da:40:da:6b:ee:f5:03:b4:72:be:4f:
3c:ed:b7:bb:9e:52:6f:3e:d1:ce:1b:fc:9d:ac:a8:44:ce:66:
7a:82:07:b0:3e:5b:37:21:82:30:5a:72:a9:80:46:eb:c5:7f:
af:8b:5f:01:c4:0e:6c:89:11:7b:f9:9e:6b:5f:95:3f:ef:1b:
df:de:25:14:23:5a:9d:da:55:c0:5c:51:60:3c:cc:4d:c8:71:
22:4c:f2:37:28:7e:0c:ad:4f:53:04:88:14:8a:ba:f5:82:af:
cf:e2:6d:53:84:97:14:1e:20:24:b3:56:da:9a:bf:66:84:bb:
90:1f:19:42:e6:3c:d1:d3:4f:11:d0:0d:ff:00:99:d7:a4:18:
01:e5:35:c6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARBBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTM1NDE5WhcNMjQxMjAyMTM1NDE5WjAYMRYw
FAYDVQQDEw02NzQwOGQwZi1hNjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1WHN8cKzEYl7eji62WEBtiLMF+n1JvWz2tA2awo730Ed8jU27jHQgg1E
8o5oXI45jb413HuxIEclQPiqbWCbL6JyooV3RFGbAzkVLa0B+zVdBPSMT+wVmp3T
IYJZlWPg3VGmFGT8Py208SOKF39jmQvVedMnIr3inksnQpV2Z6z0V64DbFK/UWyG
zh566NJ112CYSFwl4IsaF4vLMlzSUeJ8LoEh8XABD/Cuy/LrEuSYpirpJZ+GpXPE
RqnGayl/W/UCwSM7kSiJ0yS9Dqr2ZPfhThfWRpv0cNwevzU8EEVm8J2jiyr2fRZ2
FDfJBKvroTKBaPpYd1yhqbTwRTO+oQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGnO
bw+GjTvTxn34LP0Ayq5b+1aUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80NzVFNkIzQUE4RDkxMUVGOTExNzFDNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtJWMA0GCSqGSIb3DQEB
CwUAA4IBAQC5YTLyZbft2wwWJKmOCfOVFwpsifTuHELiY1oGcuxNAZLANHUQCfjJ
i9APZtRBQnuBla19ZYBmWQAgU7lM5/LR+Hmo9Gqa218ZSp9t7yIzsJSJfMylMEog
jAm8Wzfq0+dK7uY+bTXUmmDbESFlLqlLiIr+2kDaa+71A7Ryvk887be7nlJvPtHO
G/ydrKhEzmZ6ggewPls3IYIwWnKpgEbrxX+vi18BxA5siRF7+Z5rX5U/7xvf3iUU
I1qd2lXAXFFgPMxNyHEiTPI3KH4MrU9TBIgUirr1gq/P4m1ThJcUHiAks1bamr9m
hLuQHxlC5jzR008R0A3/AJnXpBgB5TXG
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:29 2024 by rpki-client on console-fra.rpki-client.org