Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DFF0F66A0E611EFA33AA99F762E951A.roa
File: 5DFF0F66A0E611EFA33AA99F762E951A.roa (raw, json)
Hash identifier: 4sqh07rvfkJq2t44pu77fFHSdRqAm8cu/D0+Rl6V8Dw=
Subject key identifier: BD:F9:6D:7C:DB:7D:7B:05:B3:EB:23:BB:F7:BA:F5:7D:93:9D:92:0E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010C5E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DFF0F66A0E611EFA33AA99F762E951A.roa
Signing time: Tue 12 Nov 2024 11:07:55 +0000
ROA not before: Tue 12 Nov 2024 11:07:51 +0000
ROA not after: Fri 22 Nov 2024 11:07:51 +0000
asID: 39600
IP address blocks: 154.198.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Nov 2024 11:07:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68702 (0x10c5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 12 11:07:51 2024 GMT
Not After : Nov 22 11:07:51 2024 GMT
Subject: CN=6733370b-b9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f3:be:bf:dc:33:41:54:45:b8:97:b9:b8:9f:
1d:92:2f:f4:84:c8:bf:71:a1:86:ff:dd:d5:5a:e7:
6f:69:40:c8:6b:ca:12:45:78:5c:42:3d:12:1f:47:
17:96:b2:52:9f:61:41:2c:da:79:61:2d:f3:3a:91:
15:cc:61:5d:00:07:18:f2:c6:52:71:6d:ba:fc:12:
5d:2e:ea:50:2e:ef:d2:0a:20:3b:4d:8f:b0:09:82:
f0:0c:e1:03:f9:2c:b1:40:17:da:c6:81:42:50:84:
6a:92:c0:b2:98:d5:20:04:7b:75:57:96:93:7c:bb:
25:9e:b9:ea:c1:1c:da:3a:51:5b:30:02:d8:9f:ea:
23:d7:b6:f1:47:b3:0a:c2:86:60:84:1c:9f:9e:68:
fa:af:bb:7f:40:3b:37:73:51:12:c9:e3:14:68:a7:
1f:36:84:b7:71:e3:14:86:05:83:2c:8e:8c:4d:c8:
25:4c:48:a0:b4:fd:01:64:d8:c2:26:42:40:02:9d:
bb:b2:98:22:ea:ed:eb:70:e0:05:7b:6c:f9:81:fe:
b9:4d:30:b4:dd:89:a0:c0:a9:5f:d6:2e:7b:a1:c1:
ca:42:87:f8:cf:ec:44:d0:28:7b:d3:60:a3:65:86:
9c:91:31:c3:f8:e5:d4:7c:c7:14:d3:60:60:36:66:
33:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F9:6D:7C:DB:7D:7B:05:B3:EB:23:BB:F7:BA:F5:7D:93:9D:92:0E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5DFF0F66A0E611EFA33AA99F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.40.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:4e:24:fb:a8:66:20:e6:8a:49:57:ff:cb:aa:74:69:19:c6:
d1:60:ab:95:60:ed:5b:25:b4:e9:68:91:88:ec:c8:a7:06:b6:
e6:0a:bf:1e:6d:06:2f:56:e6:76:1d:6f:de:3f:ff:3b:c1:66:
55:c4:8a:6c:8e:92:61:ec:04:8c:de:a7:60:3f:af:7a:fa:a9:
59:e4:96:2d:57:94:7a:a5:2d:13:15:70:cd:0d:4e:23:58:e5:
de:5f:c9:64:29:c1:cc:77:9f:25:eb:74:9a:0e:51:f9:24:25:
71:df:aa:d3:f3:75:8a:a2:ec:9f:1f:32:e3:26:6f:50:a7:ef:
ba:cf:e8:a5:98:11:4a:30:64:85:30:78:69:71:6a:c1:3f:08:
1a:7d:3b:03:d3:b2:39:1c:88:dc:6f:41:cd:ca:2f:bb:d0:7e:
a0:99:25:b0:81:bf:2a:8b:a4:4c:eb:d6:b0:00:da:e6:f7:33:
8f:02:9c:77:44:ec:82:46:6d:9b:08:6e:67:e9:a2:40:42:95:
83:ea:3e:c7:57:bf:69:5d:17:08:c2:0a:56:03:66:ed:68:0a:
89:52:c8:e5:60:a1:e0:db:ef:5a:27:e3:32:24:62:fb:62:63:
79:a4:13:e7:de:28:32:b6:00:2f:8f:2e:c2:f0:58:3b:26:1b:
ce:35:22:66
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQxeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTEyMTEwNzUxWhcNMjQxMTIyMTEwNzUxWjAYMRYw
FAYDVQQDEw02NzMzMzcwYi1iOWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnPO+v9wzQVRFuJe5uJ8dki/0hMi/caGG/93VWudvaUDIa8oSRXhcQj0S
H0cXlrJSn2FBLNp5YS3zOpEVzGFdAAcY8sZScW26/BJdLupQLu/SCiA7TY+wCYLw
DOED+SyxQBfaxoFCUIRqksCymNUgBHt1V5aTfLslnrnqwRzaOlFbMALYn+oj17bx
R7MKwoZghByfnmj6r7t/QDs3c1ESyeMUaKcfNoS3ceMUhgWDLI6MTcglTEigtP0B
ZNjCJkJAAp27spgi6u3rcOAFe2z5gf65TTC03YmgwKlf1i57ocHKQof4z+xE0Ch7
02CjZYackTHD+OXUfMcU02BgNmYzYwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL35
bXzbfXsFs+sju/e69X2TnZIOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81REZGMEY2NkEwRTYxMUVGQTMzQUE5OUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsYoMA0GCSqGSIb3DQEB
CwUAA4IBAQAsTiT7qGYg5opJV//LqnRpGcbRYKuVYO1bJbTpaJGI7MinBrbmCr8e
bQYvVuZ2HW/eP/87wWZVxIpsjpJh7ASM3qdgP696+qlZ5JYtV5R6pS0TFXDNDU4j
WOXeX8lkKcHMd58l63SaDlH5JCVx36rT83WKouyfHzLjJm9Qp++6z+ilmBFKMGSF
MHhpcWrBPwgafTsD07I5HIjcb0HNyi+70H6gmSWwgb8qi6RM69awANrm9zOPApx3
ROyCRm2bCG5n6aJAQpWD6j7HV79pXRcIwgpWA2btaAqJUsjlYKHg2+9aJ+MyJGL7
YmN5pBPn3igytgAvjy7C8Fg7JhvONSJm
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:08 2024 by rpki-client on console-fra.rpki-client.org