Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4DA04E42A9CD11EFAC3C4F4B762E951A.roa
File: 4DA04E42A9CD11EFAC3C4F4B762E951A.roa (raw, json)
Hash identifier: MXt5PS6wBt4WyyywvmviiMPaLuZNSIJbhU9EmM8jRY8=
Subject key identifier: 1F:F0:78:CE:3B:2B:B0:43:F4:02:EA:E1:C0:ED:F6:05:41:99:08:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0111FA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4DA04E42A9CD11EFAC3C4F4B762E951A.roa
Signing time: Sat 23 Nov 2024 19:01:11 +0000
ROA not before: Sat 23 Nov 2024 19:01:07 +0000
ROA not after: Mon 02 Dec 2024 19:01:07 +0000
asID: 9009
IP address blocks: 154.85.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70138 (0x111fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 23 19:01:07 2024 GMT
Not After : Dec 2 19:01:07 2024 GMT
Subject: CN=67422677-a24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d7:a2:3c:91:65:bc:20:91:64:47:e0:b3:ce:
46:a0:70:e5:0f:43:b7:38:a4:0b:49:6b:7c:25:0a:
43:24:4f:c4:15:fd:d7:f5:f2:01:16:06:d8:ec:9d:
2f:18:cb:bd:db:6f:18:7e:f7:36:d6:f6:74:cb:9c:
2c:ac:19:68:fb:1e:d6:34:aa:b0:55:3a:3e:06:65:
37:50:2a:b1:83:e0:24:82:ba:22:91:db:05:06:e7:
99:f5:22:8c:6f:00:7f:d5:ef:79:2d:38:92:8d:0a:
e3:eb:7e:17:cf:f1:94:4b:b0:06:81:f0:de:f7:87:
4c:61:61:a8:d5:3e:c3:00:81:b9:7d:45:6a:55:ad:
18:cc:cd:33:14:c9:28:cd:fd:d8:a5:aa:eb:4e:db:
50:24:c6:0f:25:cd:22:5d:92:88:4a:58:00:88:f0:
d2:40:f7:c5:80:1f:ed:e1:d5:c8:29:f0:81:19:b9:
3e:2c:f1:a4:15:ed:28:0c:7d:5d:3c:55:2c:a0:9d:
03:e5:2e:6b:7e:dc:3e:c8:c1:02:c0:34:aa:03:21:
8d:cb:e1:ed:dc:be:b0:d3:60:74:e1:ec:4b:f0:20:
04:c6:20:c2:27:fc:42:dc:93:58:7a:bc:75:4b:a5:
20:68:9c:6f:d5:bb:c1:d2:fb:46:5f:7b:c7:18:b6:
76:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F0:78:CE:3B:2B:B0:43:F4:02:EA:E1:C0:ED:F6:05:41:99:08:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4DA04E42A9CD11EFAC3C4F4B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.125.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:f7:20:c7:ff:19:91:7b:24:7f:c9:1e:5a:cd:b7:07:69:15:
b3:2e:3f:90:5f:e2:4b:83:17:02:a8:c9:b7:2a:46:4a:27:5a:
ea:77:a7:4f:11:53:5f:06:26:fa:a1:44:84:aa:41:33:0a:e0:
eb:1f:8f:d1:d6:ac:c5:97:de:54:24:60:59:aa:c6:1b:1a:d6:
0a:c5:ca:56:e2:4f:97:b6:98:20:5c:f6:be:19:88:60:71:54:
b7:b6:24:a7:96:7c:a1:5b:aa:33:94:03:c3:54:e5:b0:a2:2c:
f7:99:eb:58:96:bc:1a:19:59:19:13:fe:a1:be:b8:8a:78:fc:
59:c0:d2:78:b2:46:72:3b:db:76:af:75:46:ac:5f:ae:cd:96:
8f:34:a6:7e:cb:0e:76:8a:6d:68:0d:81:c6:72:ef:cb:f4:f8:
12:6c:74:99:07:e9:8d:ac:44:24:6f:2b:db:77:ac:b0:e2:29:
a2:85:c6:3c:6d:76:8a:f6:41:a9:95:f6:84:e4:42:56:44:b1:
58:b2:d8:55:bd:05:c1:ad:0f:a2:bb:c6:7d:d6:5e:e2:27:2f:
00:9e:24:e4:60:3b:35:a5:2e:81:29:de:03:54:d7:68:62:b2:
94:41:5a:5a:70:a0:72:72:97:6d:15:ef:75:ad:41:60:9c:78:
cf:79:a9:cb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARH6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIzMTkwMTA3WhcNMjQxMjAyMTkwMTA3WjAYMRYw
FAYDVQQDEw02NzQyMjY3Ny1hMjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5NeiPJFlvCCRZEfgs85GoHDlD0O3OKQLSWt8JQpDJE/EFf3X9fIBFgbY
7J0vGMu9228Yfvc21vZ0y5wsrBlo+x7WNKqwVTo+BmU3UCqxg+AkgroikdsFBueZ
9SKMbwB/1e95LTiSjQrj634Xz/GUS7AGgfDe94dMYWGo1T7DAIG5fUVqVa0YzM0z
FMkozf3YparrTttQJMYPJc0iXZKISlgAiPDSQPfFgB/t4dXIKfCBGbk+LPGkFe0o
DH1dPFUsoJ0D5S5rftw+yMECwDSqAyGNy+Ht3L6w02B04exL8CAExiDCJ/xC3JNY
erx1S6UgaJxv1bvB0vtGX3vHGLZ2zQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB/w
eM47K7BD9ALq4cDt9gVBmQiMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80REEwNEU0MkE5Q0QxMUVGQUMzQzRGNEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlV9MA0GCSqGSIb3DQEB
CwUAA4IBAQCe9yDH/xmReyR/yR5azbcHaRWzLj+QX+JLgxcCqMm3KkZKJ1rqd6dP
EVNfBib6oUSEqkEzCuDrH4/R1qzFl95UJGBZqsYbGtYKxcpW4k+XtpggXPa+GYhg
cVS3tiSnlnyhW6ozlAPDVOWwoiz3metYlrwaGVkZE/6hvriKePxZwNJ4skZyO9t2
r3VGrF+uzZaPNKZ+yw52im1oDYHGcu/L9PgSbHSZB+mNrEQkbyvbd6yw4imihcY8
bXaK9kGplfaE5EJWRLFYsthVvQXBrQ+iu8Z91l7iJy8AniTkYDs1pS6BKd4DVNdo
YrKUQVpacKBycpdtFe91rUFgnHjPeanL
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:33:21 2024 by rpki-client on console-fra.rpki-client.org