Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/66AE335C9DA411EFADBA37A9762E951A.roa
File: 66AE335C9DA411EFADBA37A9762E951A.roa (raw, json)
Hash identifier: VgrVLMVRs/8/Y3hL7KOrTCxht8fGXop7DdPsBdBysEs=
Subject key identifier: 76:98:95:FF:AB:5E:9B:87:98:3E:35:54:D0:CD:EB:25:91:55:D1:E4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0109CE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/66AE335C9DA411EFADBA37A9762E951A.roa
Signing time: Fri 08 Nov 2024 07:38:09 +0000
ROA not before: Fri 08 Nov 2024 07:38:06 +0000
ROA not after: Sat 30 Nov 2024 07:38:06 +0000
asID: 18229
IP address blocks: 154.210.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 08:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68046 (0x109ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 8 07:38:06 2024 GMT
Not After : Nov 30 07:38:06 2024 GMT
Subject: CN=672dbfe1-de7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:3f:4d:9d:e2:a8:7e:9e:7a:08:67:89:9f:52:
73:78:6d:52:4f:64:e8:31:80:69:5a:ba:ce:ba:92:
0d:1f:04:4a:ec:33:21:86:fc:4e:81:06:f2:81:89:
cd:f5:bf:a0:5a:e3:49:45:a8:79:bf:ce:8e:68:7a:
f0:dc:57:ff:fb:88:65:b2:46:ca:d1:f7:aa:51:bd:
76:2c:fb:14:48:4e:07:a5:bc:45:60:c5:4c:87:34:
10:5b:5b:39:76:0c:04:e1:5e:51:0d:bc:2f:0d:5a:
2b:e9:c5:54:9a:91:9f:ee:bc:e2:bb:09:84:b1:40:
9d:78:6e:98:d3:0b:e4:81:f9:50:4e:b2:2e:27:ec:
52:f3:36:67:59:69:65:8a:20:c6:b9:cf:54:4a:85:
e0:c1:3d:f0:fa:88:4a:46:43:14:67:57:44:a0:a2:
8a:fe:f3:78:b7:95:50:e0:cf:e0:e5:8b:51:2b:5c:
2b:cd:34:b7:10:4b:33:39:a7:0d:9f:68:35:37:b6:
84:98:4d:ca:90:04:a1:97:5d:dc:3d:ff:78:ad:d5:
2f:56:4e:6c:7d:83:11:cf:a2:60:da:79:d7:9f:0c:
af:bd:50:0b:a2:bc:14:0c:50:28:f7:b5:d5:19:38:
a3:da:60:dc:08:32:a6:e9:ec:bf:a8:8c:52:da:62:
f3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:98:95:FF:AB:5E:9B:87:98:3E:35:54:D0:CD:EB:25:91:55:D1:E4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/66AE335C9DA411EFADBA37A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.221.0/24
Signature Algorithm: sha256WithRSAEncryption
00:e1:01:d3:9a:a1:7e:a9:28:6c:56:3d:21:39:f2:8d:2d:13:
22:63:36:ee:a1:38:a7:63:10:99:02:5a:bd:c5:c0:11:8b:ce:
e8:ad:ca:13:78:37:f9:a0:a9:aa:74:1f:46:38:d4:63:43:3b:
e2:b0:4b:02:a5:33:3d:bc:b6:eb:fa:f6:ca:2f:2e:0e:f2:4b:
82:02:7a:f5:b2:53:7d:e6:05:3f:58:f7:80:36:0e:6d:41:31:
4a:76:08:0e:7e:4e:51:3e:62:f6:30:c0:a6:48:0b:53:82:2a:
06:89:12:d8:5a:3e:de:98:e7:49:c8:b8:f7:eb:49:1a:af:28:
cf:e8:92:57:3b:aa:d1:13:dd:66:cd:0c:5e:82:0a:52:a8:41:
e8:5b:d4:99:7a:ff:a1:40:1e:c7:e4:9e:2d:67:67:fe:b4:fb:
b9:ca:44:94:25:5f:4e:e1:a6:96:8a:9c:4c:44:b1:7f:68:c6:
b1:29:33:75:6b:aa:2c:a1:93:d9:97:71:00:5b:34:7c:cb:3b:
26:47:d1:f3:c4:5c:09:98:25:c2:f4:7d:1a:bd:c6:ad:59:ed:
b6:5c:12:f1:12:8c:75:32:aa:f0:37:ed:23:3e:c5:e7:fe:62:
76:33:cb:20:99:d2:5a:9f:fa:48:1c:21:90:11:3a:83:c8:f9:
0e:12:a5:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQnOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA4MDczODA2WhcNMjQxMTMwMDczODA2WjAYMRYw
FAYDVQQDEw02NzJkYmZlMS1kZTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+T9NneKofp56CGeJn1JzeG1ST2ToMYBpWrrOupINHwRK7DMhhvxOgQby
gYnN9b+gWuNJRah5v86OaHrw3Ff/+4hlskbK0feqUb12LPsUSE4HpbxFYMVMhzQQ
W1s5dgwE4V5RDbwvDVor6cVUmpGf7rziuwmEsUCdeG6Y0wvkgflQTrIuJ+xS8zZn
WWlliiDGuc9USoXgwT3w+ohKRkMUZ1dEoKKK/vN4t5VQ4M/g5YtRK1wrzTS3EEsz
OacNn2g1N7aEmE3KkAShl13cPf94rdUvVk5sfYMRz6Jg2nnXnwyvvVALorwUDFAo
97XVGTij2mDcCDKm6ey/qIxS2mLzoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHaY
lf+rXpuHmD41VNDN6yWRVdHkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NkFFMzM1QzlEQTQxMUVGQURCQTM3QTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLdMA0GCSqGSIb3DQEB
CwUAA4IBAQAA4QHTmqF+qShsVj0hOfKNLRMiYzbuoTinYxCZAlq9xcARi87orcoT
eDf5oKmqdB9GONRjQzvisEsCpTM9vLbr+vbKLy4O8kuCAnr1slN95gU/WPeANg5t
QTFKdggOfk5RPmL2MMCmSAtTgioGiRLYWj7emOdJyLj360karyjP6JJXO6rRE91m
zQxeggpSqEHoW9SZev+hQB7H5J4tZ2f+tPu5ykSUJV9O4aaWipxMRLF/aMaxKTN1
a6osoZPZl3EAWzR8yzsmR9HzxFwJmCXC9H0avcatWe22XBLxEox1MqrwN+0jPsXn
/mJ2M8sgmdJan/pIHCGQETqDyPkOEqVu
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:16:22 2024 by rpki-client on console-fra.rpki-client.org