Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5448A93C74CC11EFB34669BE762E951A.roa
File: 5448A93C74CC11EFB34669BE762E951A.roa (raw, json)
Hash identifier: hwpYnjP1t14qK/RkpqNafQmNWYzAbTqETdvHwvNDZ4U=
Subject key identifier: D0:0B:B5:AF:65:F9:56:7F:2F:AE:69:11:2A:F9:84:29:AA:3B:FF:23
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: EFEA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5448A93C74CC11EFB34669BE762E951A.roa
Signing time: Tue 17 Sep 2024 08:10:41 +0000
ROA not before: Tue 17 Sep 2024 08:10:37 +0000
ROA not after: Sat 30 Nov 2024 08:10:37 +0000
asID: 142403
IP address blocks: 154.221.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61418 (0xefea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 17 08:10:37 2024 GMT
Not After : Nov 30 08:10:37 2024 GMT
Subject: CN=66e93981-8191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f5:42:7f:84:ba:d6:66:b0:60:b7:db:2f:45:
47:bb:df:9d:94:f8:f5:82:6b:48:71:8e:5c:8a:d8:
ac:f1:4f:65:e0:20:fd:fb:29:37:6b:a5:e4:91:ff:
27:d0:3a:ed:67:7b:55:95:b7:b9:43:d7:00:b7:6b:
a3:54:cc:0c:d8:ca:12:88:08:0f:c1:ba:59:06:5d:
db:d4:ad:dc:f7:61:a9:ad:43:90:fc:b3:89:27:a1:
e4:d9:8f:0d:15:ec:ec:9c:f6:53:6d:71:93:6a:81:
48:f1:60:85:c3:4c:8d:5d:bb:c2:25:cd:12:cc:0d:
ac:05:d7:09:79:61:fe:25:b3:48:8a:57:a2:a4:52:
b6:07:5e:41:7f:87:26:32:0d:e0:80:61:54:b2:8d:
ab:0f:fb:3b:02:c8:f9:b6:3c:03:66:81:56:23:2c:
96:a8:b9:5b:be:9b:2f:2b:72:a3:c3:f1:e1:54:d5:
8d:d0:4c:d8:56:c0:03:54:f0:7d:47:b2:b0:28:3b:
37:7c:a6:aa:75:61:bd:20:0b:16:7a:04:50:67:0c:
7b:e4:29:44:bb:cc:c3:ae:ed:4f:d1:aa:00:2b:8f:
59:f2:01:7c:9a:36:c3:5b:14:0d:83:2f:79:4d:35:
6a:d1:0d:9e:8f:85:93:a1:c7:09:d2:b4:eb:72:2c:
ca:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0B:B5:AF:65:F9:56:7F:2F:AE:69:11:2A:F9:84:29:AA:3B:FF:23
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5448A93C74CC11EFB34669BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.20.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:b7:04:a4:ed:64:b2:c0:94:66:2c:e3:9b:77:83:c1:6f:b9:
bb:d8:65:9e:78:0c:9c:87:b1:22:7c:c1:52:90:8b:1d:94:02:
ef:bb:09:58:e7:74:51:ff:4b:fa:94:f6:c9:27:c3:10:20:aa:
f2:87:df:aa:90:e9:71:97:6d:45:70:ff:54:d2:a5:42:a0:27:
6d:4e:dd:36:87:f3:57:76:13:7b:9f:95:de:e5:ba:48:a9:12:
5c:4f:e7:c9:8e:5f:cd:da:37:d3:cc:df:9f:c4:c0:f5:35:b1:
83:b8:88:24:f2:c7:79:43:7f:c4:60:98:21:ca:7e:03:6c:9d:
2a:aa:74:9e:4b:66:2e:21:47:a0:13:94:6e:9c:d7:a3:ad:17:
18:3e:e8:81:a9:0f:28:db:c6:63:14:4c:1f:c7:fe:be:5b:67:
ad:83:f6:91:28:36:1d:4c:f3:23:1d:36:5a:ed:40:8d:bf:e9:
7f:a3:c6:b0:4f:01:d0:b0:e1:83:e1:99:3e:87:4d:20:c8:cc:
65:ca:4c:0f:23:7c:9a:dd:91:37:a5:c2:31:4a:39:9d:86:32:
0b:cd:31:69:bd:77:ce:3c:07:bb:b7:c3:1d:7d:7b:b6:b3:e2:
ec:e6:65:de:d8:de:cf:7b:09:4c:97:9a:de:f8:65:a6:fe:43:
b1:61:4a:df
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAO/qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTE3MDgxMDM3WhcNMjQxMTMwMDgxMDM3WjAYMRYw
FAYDVQQDEw02NmU5Mzk4MS04MTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvvVCf4S61mawYLfbL0VHu9+dlPj1gmtIcY5citis8U9l4CD9+yk3a6Xk
kf8n0DrtZ3tVlbe5Q9cAt2ujVMwM2MoSiAgPwbpZBl3b1K3c92GprUOQ/LOJJ6Hk
2Y8NFezsnPZTbXGTaoFI8WCFw0yNXbvCJc0SzA2sBdcJeWH+JbNIileipFK2B15B
f4cmMg3ggGFUso2rD/s7Asj5tjwDZoFWIyyWqLlbvpsvK3Kjw/HhVNWN0EzYVsAD
VPB9R7KwKDs3fKaqdWG9IAsWegRQZwx75ClEu8zDru1P0aoAK49Z8gF8mjbDWxQN
gy95TTVq0Q2ej4WToccJ0rTrcizKEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNAL
ta9l+VZ/L65pESr5hCmqO/8jMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NDQ4QTkzQzc0Q0MxMUVGQjM0NjY5QkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt0UMA0GCSqGSIb3DQEB
CwUAA4IBAQChtwSk7WSywJRmLOObd4PBb7m72GWeeAych7EifMFSkIsdlALvuwlY
53RR/0v6lPbJJ8MQIKryh9+qkOlxl21FcP9U0qVCoCdtTt02h/NXdhN7n5Xe5bpI
qRJcT+fJjl/N2jfTzN+fxMD1NbGDuIgk8sd5Q3/EYJghyn4DbJ0qqnSeS2YuIUeg
E5RunNejrRcYPuiBqQ8o28ZjFEwfx/6+W2etg/aRKDYdTPMjHTZa7UCNv+l/o8aw
TwHQsOGD4Zk+h00gyMxlykwPI3ya3ZE3pcIxSjmdhjILzTFpvXfOPAe7t8MdfXu2
s+Ls5mXe2N7PewlMl5re+GWm/kOxYUrf
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:07 2024 by rpki-client on console-fra.rpki-client.org