Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/566C924C71A111EFA0BCE96A762E951A.roa
File: 566C924C71A111EFA0BCE96A762E951A.roa (raw, json)
Hash identifier: SS3exz0mRucU7OewieUPyd1KlLho7o9ln3IC+cDlx50=
Subject key identifier: 3B:92:78:2C:D3:72:DE:D3:3C:07:7E:00:F9:2D:DF:52:55:44:4B:53
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: ED80
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/566C924C71A111EFA0BCE96A762E951A.roa
Signing time: Fri 13 Sep 2024 07:25:22 +0000
ROA not before: Fri 13 Sep 2024 07:25:19 +0000
ROA not after: Sat 30 Nov 2024 07:25:19 +0000
asID: 136970
IP address blocks: 154.197.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60800 (0xed80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 13 07:25:19 2024 GMT
Not After : Nov 30 07:25:19 2024 GMT
Subject: CN=66e3e8e2-1f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:77:ea:1c:ff:61:29:9e:a9:3b:e3:79:5d:bf:
94:95:c1:a1:ff:ca:ff:eb:61:a5:5e:d1:ba:d0:83:
e9:58:71:0e:33:64:38:df:ea:73:3f:a3:e3:c6:42:
be:a9:46:81:f6:8b:41:89:4b:9f:5e:c4:d2:7c:82:
77:f9:61:ef:e4:01:59:53:d9:a6:b5:00:dc:bb:bc:
66:59:b0:d8:70:7d:17:73:c0:aa:00:ce:24:01:0a:
ae:af:1f:82:c7:f7:5b:01:2e:82:ee:ec:ef:05:d8:
56:0b:f2:2d:2c:97:35:5f:05:cf:66:25:c2:42:07:
48:56:2a:61:9a:58:ea:4b:fd:f6:6f:61:50:dc:74:
0b:95:b4:30:24:3a:47:83:8d:11:61:61:57:6f:47:
7d:a1:fd:34:3b:31:d4:0f:12:48:99:58:0a:22:d3:
87:d1:a6:11:e3:7d:0a:e4:e6:7c:4f:da:16:97:c2:
9e:a3:2e:4c:9b:2f:6d:c5:6a:53:a6:eb:74:fb:db:
15:13:f4:3b:00:e8:f8:53:55:2e:e0:11:ce:87:bb:
45:3d:e2:23:10:c0:54:fe:f1:7b:ab:a0:4b:ac:ac:
f5:76:89:82:d2:e4:c7:08:18:43:2d:1f:88:a2:78:
ca:43:93:d5:07:17:d4:03:2a:44:f0:67:42:e1:bd:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:92:78:2C:D3:72:DE:D3:3C:07:7E:00:F9:2D:DF:52:55:44:4B:53
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/566C924C71A111EFA0BCE96A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.2.0/23
Signature Algorithm: sha256WithRSAEncryption
32:26:44:af:45:89:da:ac:03:25:ff:dd:2e:e7:f5:fb:c0:0d:
2a:48:3b:30:c9:5f:fd:05:77:76:11:a5:ce:11:b6:61:ac:93:
d1:30:50:cc:09:24:fb:4b:1c:75:b9:71:62:a8:52:6e:2d:04:
21:c1:3f:0b:f4:2f:d5:db:e5:e0:3b:fb:46:33:aa:33:83:ce:
a1:2c:32:9b:a9:08:e0:9d:f1:e9:0a:21:5a:97:dd:24:d4:dd:
84:02:a3:d3:3b:02:fa:61:b3:f5:66:79:69:67:a9:78:1f:21:
12:31:10:3a:5f:91:73:c9:85:39:42:29:91:98:be:f8:e6:de:
13:53:1c:87:2e:81:47:3b:9b:e7:d7:ab:cf:c9:50:b8:19:93:
1e:34:e4:43:1d:f4:04:62:85:1c:2b:15:79:e9:55:24:5e:d2:
97:66:ff:86:1a:e0:ba:1e:23:c0:9b:92:47:3a:98:be:70:1f:
49:ac:6e:65:10:04:50:c2:f0:e7:70:c6:a4:8d:d3:9c:5a:77:
66:29:60:2b:14:51:fd:7c:6b:ca:52:36:4c:03:5f:92:66:25:
91:c6:0e:05:ac:f1:b9:d2:13:99:3b:87:15:90:e8:1b:dd:6a:
35:8f:ec:22:8e:a4:ca:a8:70:7e:6f:fc:82:ad:ca:26:19:38:
dc:4c:2b:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAO2AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTEzMDcyNTE5WhcNMjQxMTMwMDcyNTE5WjAYMRYw
FAYDVQQDEw02NmUzZThlMi0xZjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsnfqHP9hKZ6pO+N5Xb+UlcGh/8r/62GlXtG60IPpWHEOM2Q43+pzP6Pj
xkK+qUaB9otBiUufXsTSfIJ3+WHv5AFZU9mmtQDcu7xmWbDYcH0Xc8CqAM4kAQqu
rx+Cx/dbAS6C7uzvBdhWC/ItLJc1XwXPZiXCQgdIViphmljqS/32b2FQ3HQLlbQw
JDpHg40RYWFXb0d9of00OzHUDxJImVgKItOH0aYR430K5OZ8T9oWl8Keoy5Mmy9t
xWpTput0+9sVE/Q7AOj4U1Uu4BHOh7tFPeIjEMBU/vF7q6BLrKz1domC0uTHCBhD
LR+IonjKQ5PVBxfUAypE8GdC4b0m1wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDuS
eCzTct7TPAd+APkt31JVREtTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NjZDOTI0QzcxQTExMUVGQTBCQ0U5NkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsUCMA0GCSqGSIb3DQEB
CwUAA4IBAQAyJkSvRYnarAMl/90u5/X7wA0qSDswyV/9BXd2EaXOEbZhrJPRMFDM
CST7Sxx1uXFiqFJuLQQhwT8L9C/V2+XgO/tGM6ozg86hLDKbqQjgnfHpCiFal90k
1N2EAqPTOwL6YbP1ZnlpZ6l4HyESMRA6X5FzyYU5QimRmL745t4TUxyHLoFHO5vn
16vPyVC4GZMeNORDHfQEYoUcKxV56VUkXtKXZv+GGuC6HiPAm5JHOpi+cB9JrG5l
EARQwvDncMakjdOcWndmKWArFFH9fGvKUjZMA1+SZiWRxg4FrPG50hOZO4cVkOgb
3Wo1j+wijqTKqHB+b/yCrcomGTjcTCtu
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:07 2024 by rpki-client on console-fra.rpki-client.org