Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4B387E80B3E211EF86780559762E951A.roa
File: 4B387E80B3E211EF86780559762E951A.roa (raw, json)
Hash identifier: XtBziWjsN9MKrrjBsENgv3HSQpfhReO0BCYK5LnMaIo=
Subject key identifier: 7B:F1:F1:3C:60:E5:2F:61:BB:37:FF:D7:F8:91:FE:FE:AF:52:62:72
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011904
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4B387E80B3E211EF86780559762E951A.roa
Signing time: Fri 06 Dec 2024 14:56:38 +0000
ROA not before: Fri 06 Dec 2024 14:56:34 +0000
ROA not after: Mon 28 Apr 2025 14:56:34 +0000
asID: 9009
IP address blocks: 154.216.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Dec 2024 00:05:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71940 (0x11904)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Dec 6 14:56:34 2024 GMT
Not After : Apr 28 14:56:34 2025 GMT
Subject: CN=675310a6-f49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ab:1f:32:38:b2:c3:be:5a:d8:89:ad:43:07:
0d:7f:b3:2b:cc:94:d7:3d:79:9a:f7:3a:99:6f:57:
8c:e7:ff:ce:44:93:a3:8c:56:04:03:a1:91:25:f1:
79:4c:ce:d5:94:b2:5a:a5:3a:1d:9d:8d:3a:a7:15:
e1:6f:b0:05:5a:40:b5:7d:24:0e:bd:1f:63:fc:5d:
14:b8:5f:d8:9a:66:be:12:e4:0f:ea:98:43:d7:cb:
16:5f:d2:d9:f6:b9:d7:10:fb:7c:04:d8:9f:ac:74:
0f:20:ee:8f:57:28:e6:74:74:86:48:81:77:18:14:
29:c7:a1:8c:f1:c4:ac:1e:79:72:ad:62:87:50:56:
0f:b3:00:3f:0c:91:b1:60:fa:08:49:cf:18:91:de:
b2:25:84:6b:cf:a8:05:34:5e:83:93:cd:3c:a6:ac:
73:97:fd:cf:ff:35:7f:11:68:7d:32:e1:af:15:a8:
b5:0a:b4:3c:bc:c4:44:f3:65:36:0f:34:9c:f2:d0:
61:f6:46:71:42:f2:3f:66:6b:f1:de:0e:70:dd:b2:
e6:83:f2:29:7b:05:cd:ac:b7:71:a2:ae:14:0b:21:
da:06:e7:f8:7d:73:af:e7:92:fd:b7:0b:ac:f5:09:
ca:35:09:b4:66:39:60:7f:10:86:7f:df:da:3e:eb:
f9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F1:F1:3C:60:E5:2F:61:BB:37:FF:D7:F8:91:FE:FE:AF:52:62:72
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4B387E80B3E211EF86780559762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.216.192.0/18
Signature Algorithm: sha256WithRSAEncryption
09:8a:ce:ff:3a:63:b7:d1:46:6e:50:8f:d2:7b:28:cc:91:19:
16:7f:01:75:59:e1:86:49:8a:2f:0b:b8:95:52:38:d2:ba:32:
cd:52:88:e8:46:7e:21:47:99:fb:0f:6e:5e:7d:65:78:7c:2b:
ac:41:70:a6:ff:4a:f9:d4:d0:0c:cc:d0:ae:f9:87:ce:b6:84:
8b:60:b2:6d:54:88:cf:02:ad:6c:00:0f:d7:b9:0c:fb:9b:da:
eb:07:38:a5:ec:17:c5:16:61:56:2e:f7:5c:a3:f5:a0:2b:e2:
7b:47:f6:34:41:d8:f0:36:c9:43:5b:4b:bb:64:61:46:7d:c4:
44:a3:30:14:dc:ef:58:c1:58:64:8e:d7:05:25:0c:ab:d1:6d:
30:ba:49:53:dc:1b:af:50:51:ec:14:3d:a1:d2:aa:52:04:79:
e7:38:4f:ba:5a:aa:30:7f:cf:c6:bf:ba:10:fa:93:a8:05:c2:
d7:82:c7:2a:b1:60:de:50:87:bd:6d:2e:81:9c:3f:3a:61:1d:
92:9e:79:8d:bc:fe:48:1f:f8:dc:11:97:5e:d6:ad:a5:e8:c4:
a0:19:b9:6e:ec:de:4d:8e:56:fd:de:67:05:c0:db:87:cc:ff:
37:03:0f:e1:f4:c5:8f:f1:0d:dc:40:45:0a:f9:6b:48:59:7e:
9d:82:0d:0d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARkEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjA2MTQ1NjM0WhcNMjUwNDI4MTQ1NjM0WjAYMRYw
FAYDVQQDEw02NzUzMTBhNi1mNDllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw6sfMjiyw75a2ImtQwcNf7MrzJTXPXma9zqZb1eM5//ORJOjjFYEA6GR
JfF5TM7VlLJapTodnY06pxXhb7AFWkC1fSQOvR9j/F0UuF/Ymma+EuQP6phD18sW
X9LZ9rnXEPt8BNifrHQPIO6PVyjmdHSGSIF3GBQpx6GM8cSsHnlyrWKHUFYPswA/
DJGxYPoISc8Ykd6yJYRrz6gFNF6Dk808pqxzl/3P/zV/EWh9MuGvFai1CrQ8vMRE
82U2DzSc8tBh9kZxQvI/Zmvx3g5w3bLmg/IpewXNrLdxoq4UCyHaBuf4fXOv55L9
twus9QnKNQm0ZjlgfxCGf9/aPuv5YQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHvx
8Txg5S9huzf/1/iR/v6vUmJyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QjM4N0U4MEIzRTIxMUVGODY3ODA1NTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGmtjAMA0GCSqGSIb3DQEB
CwUAA4IBAQAJis7/OmO30UZuUI/SeyjMkRkWfwF1WeGGSYovC7iVUjjSujLNUojo
Rn4hR5n7D25efWV4fCusQXCm/0r51NAMzNCu+YfOtoSLYLJtVIjPAq1sAA/XuQz7
m9rrBzil7BfFFmFWLvdco/WgK+J7R/Y0QdjwNslDW0u7ZGFGfcREozAU3O9YwVhk
jtcFJQyr0W0wuklT3BuvUFHsFD2h0qpSBHnnOE+6Wqowf8/Gv7oQ+pOoBcLXgscq
sWDeUIe9bS6BnD86YR2SnnmNvP5IH/jcEZde1q2l6MSgGblu7N5Njlb93mcFwNuH
zP83Aw/h9MWP8Q3cQEUK+WtIWX6dgg0N
-----END CERTIFICATE-----
Generated at Thu Dec 26 14:46:13 2024 by rpki-client on console-fra.rpki-client.org