Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/620955C032BA11EFA671A5A8762E951A.roa
File: 620955C032BA11EFA671A5A8762E951A.roa (raw, json)
Hash identifier: xZzTHBnt89E2RvK1CkbSef80iPeCydRTI4jTRotIulE=
Subject key identifier: CB:FB:A3:88:62:09:0D:6E:56:41:2C:4D:4A:C7:83:28:E7:77:0A:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C64B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/620955C032BA11EFA671A5A8762E951A.roa
Signing time: Tue 25 Jun 2024 06:15:56 +0000
ROA not before: Tue 25 Jun 2024 06:15:53 +0000
ROA not after: Fri 03 Jan 2025 06:15:53 +0000
asID: 40065
IP address blocks: 154.84.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50763 (0xc64b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 25 06:15:53 2024 GMT
Not After : Jan 3 06:15:53 2025 GMT
Subject: CN=667a609c-1928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:4a:67:e6:5b:92:1f:10:0b:4c:de:b5:c2:
d6:8f:92:d0:f5:30:ca:82:b5:8c:66:d8:69:4d:f6:
ca:07:8d:1e:4c:ac:32:18:55:81:7d:2a:e7:a3:95:
49:bc:78:5b:2a:6a:74:b7:4f:65:6a:26:8d:13:f8:
1d:cd:bb:a1:b3:d7:e6:46:cc:4e:df:0c:dc:d6:9a:
b0:a5:94:1f:93:89:d8:a7:77:9d:88:4b:4d:ac:0d:
03:74:07:cf:11:4e:a2:46:46:e4:c3:80:fe:02:b9:
66:dc:27:77:36:3b:49:ff:e8:ac:2e:a2:f7:8a:38:
46:16:5f:83:36:79:29:36:bf:f0:14:cb:73:04:98:
4c:ae:94:b1:e4:40:15:ee:4e:eb:c9:9b:02:80:f7:
96:ee:37:a5:97:71:1d:c9:18:0b:14:f0:7b:4a:ce:
66:cf:d9:99:0d:ef:74:c7:6c:30:7b:be:a4:e4:24:
6a:ed:5a:f3:e0:e1:48:6b:de:fb:24:5a:8b:a2:f0:
76:e4:d1:1e:1a:03:b2:4d:83:7a:62:04:f4:eb:31:
7f:2e:83:a1:a0:72:e8:4a:c2:08:de:3f:5d:55:d3:
de:d8:24:a7:f6:da:d3:82:9f:1e:00:a6:32:a4:ca:
3d:f8:de:f8:aa:e5:11:03:17:26:45:a4:ab:f5:72:
c1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FB:A3:88:62:09:0D:6E:56:41:2C:4D:4A:C7:83:28:E7:77:0A:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/620955C032BA11EFA671A5A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.84.12.0/23
Signature Algorithm: sha256WithRSAEncryption
06:77:5e:06:a1:2e:be:d6:66:7b:84:8c:3b:01:5c:4c:78:12:
ed:c0:0a:5b:97:4c:1e:f3:9b:88:35:0e:20:56:a4:4c:75:06:
b8:13:9e:96:a2:66:b6:3c:89:ee:89:6c:3f:aa:00:2c:fb:07:
03:ca:a9:e9:91:f6:6d:ac:6b:f7:5b:6d:2f:82:d0:a7:62:e9:
6d:e2:79:49:13:c7:48:c2:4e:1f:69:32:e2:af:91:45:1f:08:
b1:60:4e:bb:83:bb:7a:21:6d:f1:51:1f:a9:8f:58:d0:28:d0:
06:db:1d:6d:8e:3c:4f:33:9c:2a:9d:fd:59:1b:74:f0:32:04:
77:c2:12:77:42:a8:08:09:5f:14:43:96:dc:4b:e8:05:0b:57:
00:74:ac:bd:eb:3a:e3:b1:39:da:46:e7:18:9b:ca:43:02:5e:
03:0f:ad:45:23:ca:b0:0f:21:a0:1d:23:fb:9c:37:8f:fe:c7:
9a:40:90:ef:c1:e0:2a:c6:07:29:aa:83:3b:5d:e4:8d:cc:14:
8a:ce:8c:74:d4:1f:07:cc:ac:a0:1c:b8:a0:f7:cb:9d:b5:79:
ba:5d:93:f7:d3:8c:e4:ab:06:d0:1d:e2:45:de:78:25:3d:99:
7b:2a:2a:f9:aa:f1:a0:fc:c4:52:1e:1f:b6:8e:bc:b1:56:a4:
77:9a:0c:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMZLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjI1MDYxNTUzWhcNMjUwMTAzMDYxNTUzWjAYMRYw
FAYDVQQDEw02NjdhNjA5Yy0xOTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtwxKZ+Zbkh8QC0zetcLWj5LQ9TDKgrWMZthpTfbKB40eTKwyGFWBfSrn
o5VJvHhbKmp0t09laiaNE/gdzbuhs9fmRsxO3wzc1pqwpZQfk4nYp3ediEtNrA0D
dAfPEU6iRkbkw4D+Arlm3Cd3NjtJ/+isLqL3ijhGFl+DNnkpNr/wFMtzBJhMrpSx
5EAV7k7ryZsCgPeW7jell3EdyRgLFPB7Ss5mz9mZDe90x2wwe76k5CRq7Vrz4OFI
a977JFqLovB25NEeGgOyTYN6YgT06zF/LoOhoHLoSsII3j9dVdPe2CSn9trTgp8e
AKYypMo9+N74quURAxcmRaSr9XLB+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMv7
o4hiCQ1uVkEsTUrHgyjndwplMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82MjA5NTVDMDMyQkExMUVGQTY3MUE1QTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlQMMA0GCSqGSIb3DQEB
CwUAA4IBAQAGd14GoS6+1mZ7hIw7AVxMeBLtwApbl0we85uINQ4gVqRMdQa4E56W
oma2PInuiWw/qgAs+wcDyqnpkfZtrGv3W20vgtCnYult4nlJE8dIwk4faTLir5FF
HwixYE67g7t6IW3xUR+pj1jQKNAG2x1tjjxPM5wqnf1ZG3TwMgR3whJ3QqgICV8U
Q5bcS+gFC1cAdKy96zrjsTnaRucYm8pDAl4DD61FI8qwDyGgHSP7nDeP/seaQJDv
weAqxgcpqoM7XeSNzBSKzox01B8HzKygHLig98udtXm6XZP304zkqwbQHeJF3ngl
PZl7Kir5qvGg/MRSHh+2jryxVqR3mgzA
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:32 2024 by rpki-client on console-fra.rpki-client.org