Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/49C1B9CCA8CF11EFBC51468E762E951A.roa
File: 49C1B9CCA8CF11EFBC51468E762E951A.roa (raw, json)
Hash identifier: 08O5orLJrfvSzLB2HpsZuq/DamHCXcBDdKjCLdcLcwU=
Subject key identifier: 21:56:DE:FD:2F:FB:A7:12:F0:6B:17:A1:56:91:18:1B:26:A2:79:1C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01102B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/49C1B9CCA8CF11EFBC51468E762E951A.roa
Signing time: Fri 22 Nov 2024 12:42:52 +0000
ROA not before: Fri 22 Nov 2024 12:42:48 +0000
ROA not after: Sat 30 Nov 2024 12:42:48 +0000
asID: 137443
IP address blocks: 154.223.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69675 (0x1102b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 12:42:48 2024 GMT
Not After : Nov 30 12:42:48 2024 GMT
Subject: CN=67407c4c-147c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e0:ec:61:e8:f6:cc:12:64:7a:9a:93:ef:c1:
bf:88:73:da:93:15:55:5e:52:3a:0c:74:59:ba:6a:
ba:32:c4:73:24:e5:64:75:7a:bf:cf:67:c1:3c:ce:
11:ad:ad:da:cf:30:14:50:ec:13:4e:42:1f:57:58:
c8:77:08:30:35:d1:cb:30:b5:04:34:42:f4:87:ac:
ea:9e:47:43:70:e9:cb:44:17:15:28:3e:46:d0:66:
82:5e:0f:46:63:fe:76:3b:d8:62:4e:89:bf:75:8f:
e8:c1:a9:cd:2d:80:7e:e3:83:0f:c0:c5:44:7f:28:
cb:8e:a4:e6:b2:80:f6:1a:ed:61:2e:ec:8a:12:f0:
d5:4c:10:a8:2f:06:8f:b5:48:d2:60:fc:95:d7:0a:
e3:23:61:62:32:de:22:a7:c6:7b:ae:ec:1e:32:48:
ff:af:57:0a:a0:22:8f:76:ea:81:15:13:07:7c:48:
fd:31:cd:e3:85:97:cf:d5:a7:05:6c:65:f8:6a:36:
49:bc:ee:37:3e:5d:d8:d5:21:96:ce:4d:48:dd:de:
86:69:18:c3:6d:ae:e8:9a:56:9a:5a:3e:86:d3:6d:
8d:d7:60:02:02:3c:56:9a:a8:35:45:c4:5b:d4:17:
e8:1a:50:d4:cd:93:f0:ce:20:80:1a:58:ed:08:e0:
0e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:56:DE:FD:2F:FB:A7:12:F0:6B:17:A1:56:91:18:1B:26:A2:79:1C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/49C1B9CCA8CF11EFBC51468E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.170.0/24
Signature Algorithm: sha256WithRSAEncryption
05:2b:16:b2:dd:65:19:93:bb:00:38:b7:68:27:35:f1:dd:2a:
a0:ac:83:83:a1:ba:f5:ab:7d:dc:45:5c:dd:28:cf:55:2e:bc:
d0:bc:9d:c8:e7:ab:88:0e:db:df:1a:a4:0a:1a:c7:66:6d:03:
0e:5a:d8:d1:c3:1c:a1:ef:a0:7b:17:f4:37:7c:41:5c:74:39:
c8:1f:91:88:da:4a:a0:25:f9:81:85:d6:81:db:05:59:33:46:
e3:af:c8:00:5f:67:2e:42:68:9d:ad:0a:18:e4:f0:e5:ea:0d:
b1:cf:9e:ba:45:e7:1f:23:ca:7a:5a:18:22:d5:22:6a:a8:c6:
49:bd:7f:3b:b0:91:e9:58:1c:e2:48:40:d0:9c:00:b5:30:8d:
9c:2c:f0:1b:52:58:0a:9d:7e:a5:e5:f4:83:b0:c3:a8:99:16:
32:31:e7:6f:5a:1a:d6:08:ce:04:ce:d0:ce:8c:4f:29:de:30:
d9:f7:0f:d7:63:67:03:db:df:85:9e:92:d7:e8:23:d5:4b:d0:
27:46:49:5f:72:b2:1e:ed:ab:75:28:b8:96:a3:74:85:83:b5:
b9:34:ef:12:78:77:e4:8a:fc:3c:28:41:78:98:a0:a3:01:c2:
dc:f1:cc:27:9d:9f:de:e6:3c:04:29:c9:e4:6a:07:23:c2:f2:
44:12:cd:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARArMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTI0MjQ4WhcNMjQxMTMwMTI0MjQ4WjAYMRYw
FAYDVQQDEw02NzQwN2M0Yy0xNDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2+DsYej2zBJkepqT78G/iHPakxVVXlI6DHRZumq6MsRzJOVkdXq/z2fB
PM4Rra3azzAUUOwTTkIfV1jIdwgwNdHLMLUENEL0h6zqnkdDcOnLRBcVKD5G0GaC
Xg9GY/52O9hiTom/dY/owanNLYB+44MPwMVEfyjLjqTmsoD2Gu1hLuyKEvDVTBCo
LwaPtUjSYPyV1wrjI2FiMt4ip8Z7ruweMkj/r1cKoCKPduqBFRMHfEj9Mc3jhZfP
1acFbGX4ajZJvO43Pl3Y1SGWzk1I3d6GaRjDba7omlaaWj6G022N12ACAjxWmqg1
RcRb1BfoGlDUzZPwziCAGljtCOAOowIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCFW
3v0v+6cS8GsXoVaRGBsmonkcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OUMxQjlDQ0E4Q0YxMUVGQkM1MTQ2OEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+qMA0GCSqGSIb3DQEB
CwUAA4IBAQAFKxay3WUZk7sAOLdoJzXx3SqgrIODobr1q33cRVzdKM9VLrzQvJ3I
56uIDtvfGqQKGsdmbQMOWtjRwxyh76B7F/Q3fEFcdDnIH5GI2kqgJfmBhdaB2wVZ
M0bjr8gAX2cuQmidrQoY5PDl6g2xz566RecfI8p6Whgi1SJqqMZJvX87sJHpWBzi
SEDQnAC1MI2cLPAbUlgKnX6l5fSDsMOomRYyMedvWhrWCM4EztDOjE8p3jDZ9w/X
Y2cD29+FnpLX6CPVS9AnRklfcrIe7at1KLiWo3SFg7W5NO8SeHfkivw8KEF4mKCj
AcLc8cwnnZ/e5jwEKcnkagcjwvJEEs0/
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:29 2024 by rpki-client on console-fra.rpki-client.org