Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/670BC16CA9C411EF94D8B091762E951A.roa
File: 670BC16CA9C411EF94D8B091762E951A.roa (raw, json)
Hash identifier: zIPFxnPr4y480pKtnWb/XF1GdyDhP4GVlrvhk+ys9LA=
Subject key identifier: 1A:11:0A:5A:63:40:6F:60:08:E9:AB:C4:26:F7:11:F6:69:D1:E0:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0111D8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/670BC16CA9C411EF94D8B091762E951A.roa
Signing time: Sat 23 Nov 2024 17:57:28 +0000
ROA not before: Sat 23 Nov 2024 17:57:24 +0000
ROA not after: Mon 09 Dec 2024 17:57:24 +0000
asID: 5065
IP address blocks: 154.206.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70104 (0x111d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 23 17:57:24 2024 GMT
Not After : Dec 9 17:57:24 2024 GMT
Subject: CN=67421788-902c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:12:b5:7f:bd:50:25:a8:c4:39:74:79:63:bc:
b1:dd:8a:24:9c:dd:6f:6b:97:92:8c:c6:47:72:75:
10:41:e9:e1:3f:a8:31:d3:f0:90:d3:4b:22:64:50:
7b:47:fb:0a:5e:34:06:c2:cd:aa:b0:e8:1e:dc:8a:
b3:ab:46:8f:d3:8a:bb:8e:46:2b:6c:c1:c5:a3:a5:
c5:36:46:19:4e:3e:89:0f:f3:a7:16:20:5f:1b:25:
0a:f4:6b:a6:49:ea:e2:bc:8c:55:1e:64:a8:70:46:
27:ff:c7:9e:d0:4b:e2:0b:2d:56:43:a4:26:fb:50:
dc:f2:0b:09:d9:da:80:46:63:70:8e:78:8b:94:fb:
2f:8d:db:8d:30:1f:fa:5f:30:d8:16:3e:3e:fd:22:
7f:a4:02:21:3c:fc:d0:c2:d5:6d:bb:d4:ca:37:48:
32:c0:63:93:c5:4b:96:ca:8f:28:f3:c5:91:c9:46:
b2:ca:15:4d:22:35:25:7a:52:be:75:a1:53:7b:f3:
68:22:31:eb:72:f6:69:09:74:2c:3c:14:12:f6:b6:
41:00:76:d9:07:e6:85:2b:0c:42:4e:d2:e4:a5:42:
59:bb:69:25:d9:78:ef:da:17:19:58:2c:15:e1:65:
c2:eb:ec:51:ee:39:16:0c:c2:1c:86:05:de:d1:45:
d0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:11:0A:5A:63:40:6F:60:08:E9:AB:C4:26:F7:11:F6:69:D1:E0:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/670BC16CA9C411EF94D8B091762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.42.0/24
Signature Algorithm: sha256WithRSAEncryption
17:e6:95:b1:c3:0b:ad:8f:f1:f6:07:b7:22:f4:50:64:e9:38:
d0:74:11:df:d6:73:f2:24:48:a2:2a:d3:29:16:6f:8b:6f:cf:
2a:59:fb:91:9c:2f:96:1b:cf:c0:ef:ed:2d:97:b3:d7:18:dc:
71:70:64:06:08:4e:b8:3c:2f:29:2a:7f:cc:e9:00:d8:3c:8d:
c8:45:3c:18:a2:77:d4:68:8c:50:44:27:10:2b:1c:17:07:68:
41:14:fc:21:87:52:03:1c:ad:9f:eb:db:8a:52:60:cf:7c:14:
74:2d:a7:6b:ef:1f:b7:38:b3:3d:ff:c6:33:1a:a0:78:5e:3d:
9f:e7:80:41:1b:5d:39:45:34:f8:02:ed:f9:42:6a:1b:11:f2:
29:6f:fe:92:be:6e:35:90:cc:3a:f6:4a:87:ab:1d:0e:a2:68:
54:83:df:a3:99:e6:00:91:5e:97:0e:e9:16:94:6c:85:d2:8e:
06:24:5b:99:0b:35:42:7b:e3:bd:e9:37:ac:a4:a7:78:fe:58:
fc:f5:25:c8:ec:7c:d4:27:b0:f4:05:3f:1d:62:fb:91:aa:c9:
03:c8:a3:ef:a7:eb:60:94:eb:c7:d5:10:1e:9a:6d:b5:cc:34:
6c:5f:42:58:de:af:ff:40:36:ad:24:df:29:a9:14:e9:3c:fd:
22:9e:51:0a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARHYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIzMTc1NzI0WhcNMjQxMjA5MTc1NzI0WjAYMRYw
FAYDVQQDEw02NzQyMTc4OC05MDJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2hK1f71QJajEOXR5Y7yx3YoknN1va5eSjMZHcnUQQenhP6gx0/CQ00si
ZFB7R/sKXjQGws2qsOge3Iqzq0aP04q7jkYrbMHFo6XFNkYZTj6JD/OnFiBfGyUK
9GumSerivIxVHmSocEYn/8ee0EviCy1WQ6Qm+1Dc8gsJ2dqARmNwjniLlPsvjduN
MB/6XzDYFj4+/SJ/pAIhPPzQwtVtu9TKN0gywGOTxUuWyo8o88WRyUayyhVNIjUl
elK+daFTe/NoIjHrcvZpCXQsPBQS9rZBAHbZB+aFKwxCTtLkpUJZu2kl2Xjv2hcZ
WCwV4WXC6+xR7jkWDMIchgXe0UXQKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBoR
ClpjQG9gCOmrxCb3EfZp0eDqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NzBCQzE2Q0E5QzQxMUVGOTREOEIwOTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4qMA0GCSqGSIb3DQEB
CwUAA4IBAQAX5pWxwwutj/H2B7ci9FBk6TjQdBHf1nPyJEiiKtMpFm+Lb88qWfuR
nC+WG8/A7+0tl7PXGNxxcGQGCE64PC8pKn/M6QDYPI3IRTwYonfUaIxQRCcQKxwX
B2hBFPwhh1IDHK2f69uKUmDPfBR0Ladr7x+3OLM9/8YzGqB4Xj2f54BBG105RTT4
Au35QmobEfIpb/6Svm41kMw69kqHqx0OomhUg9+jmeYAkV6XDukWlGyF0o4GJFuZ
CzVCe+O96TespKd4/lj89SXI7HzUJ7D0BT8dYvuRqskDyKPvp+tglOvH1RAemm21
zDRsX0JY3q//QDatJN8pqRTpPP0inlEK
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:33 2024 by rpki-client on console-fra.rpki-client.org