Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/687C04E2983211EF92EF074B762E951A.roa
File: 687C04E2983211EF92EF074B762E951A.roa (raw, json)
Hash identifier: /pORTMaLDU80WtNdTF9GGoLNNG+AzuKdl8qYHBdmB7M=
Subject key identifier: 19:BB:48:3E:8A:90:7D:B0:ED:92:14:22:66:E7:C8:5D:74:40:DB:F3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0104B3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/687C04E2983211EF92EF074B762E951A.roa
Signing time: Fri 01 Nov 2024 09:19:34 +0000
ROA not before: Fri 01 Nov 2024 09:19:30 +0000
ROA not after: Sun 01 Dec 2024 09:19:30 +0000
asID: 398823
IP address blocks: 154.209.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66739 (0x104b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 1 09:19:30 2024 GMT
Not After : Dec 1 09:19:30 2024 GMT
Subject: CN=67249d26-e7c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4c:e3:77:c0:6f:39:fe:9d:ce:fc:6b:de:92:
55:f4:75:23:0e:22:ca:a0:f8:f2:d1:1a:24:42:32:
dd:b4:74:26:36:61:65:a7:60:dc:70:5f:25:f3:6e:
ac:e4:18:86:bd:cd:30:2e:63:c6:4a:1f:52:24:d2:
da:bf:35:78:f0:1c:24:1c:e1:e8:72:57:36:c7:71:
d2:61:45:2c:7b:34:15:94:d5:f5:b4:65:ce:e2:43:
94:99:e0:52:fa:ba:9a:3d:75:b3:a2:22:98:1b:ee:
24:f1:e8:fe:80:07:5c:a4:ea:19:6a:d5:82:1e:9a:
c2:86:7f:a1:62:92:70:4d:de:37:f3:28:e9:52:ed:
75:a0:43:b6:5b:8f:bf:1a:51:4a:f8:08:72:53:0d:
7e:b1:cb:d7:0d:65:b8:21:dc:ce:c3:6e:52:88:af:
0d:a7:63:06:19:ca:95:88:58:c4:8a:bc:1d:ee:ec:
5d:cd:35:ea:38:1d:52:ba:3c:b2:fe:24:dd:15:db:
b0:15:f7:77:2b:7d:0b:7a:42:32:fd:bb:97:aa:a9:
cc:11:e1:85:5e:6c:a4:05:5b:b4:6d:e1:57:83:98:
94:dd:9c:f6:26:9a:07:8a:de:bc:d8:8f:8b:92:fd:
03:01:1d:83:0c:51:09:df:67:24:45:75:bd:c0:ad:
3d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:BB:48:3E:8A:90:7D:B0:ED:92:14:22:66:E7:C8:5D:74:40:DB:F3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/687C04E2983211EF92EF074B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.80.0/21
Signature Algorithm: sha256WithRSAEncryption
63:fb:7c:8f:83:5a:b7:a5:27:2e:0e:ec:86:02:9a:a3:17:12:
a1:5f:99:0b:fd:4f:99:49:06:6c:d8:1f:08:81:66:ed:c8:1f:
d5:2c:9b:c8:88:bc:91:bb:c5:df:0d:2d:59:72:95:ba:e1:07:
21:9b:a8:29:a7:c3:0d:ff:db:56:11:96:d1:ca:da:55:67:dc:
c7:14:30:11:4a:5d:ac:14:5e:53:18:7c:f5:ea:26:cd:ac:45:
78:35:de:61:89:3e:10:2d:c5:9f:14:73:4a:e1:aa:d3:00:00:
d3:fc:2b:d6:41:f9:14:4e:74:50:d5:3e:9d:b6:7a:8f:81:33:
76:75:71:3d:5c:6a:49:7f:98:ed:64:a4:91:be:a6:cf:7f:77:
58:3e:f0:da:77:c4:c5:a0:23:96:85:68:92:59:b8:01:86:2a:
59:d4:0a:f2:fb:3c:e7:39:14:f3:2f:fd:9f:76:59:55:17:2c:
77:5b:83:9a:39:9b:fc:47:54:db:a8:f2:d9:6b:2f:f2:b8:6f:
3e:09:a5:03:b9:91:23:9a:09:54:85:92:80:0c:11:64:8f:61:
5c:e4:dc:b6:f1:6e:96:19:79:fb:cd:d3:25:8f:80:b6:58:64:
af:23:e9:7e:e0:10:56:cb:7c:5b:5b:09:33:7b:a9:3d:a3:db:
f6:cf:1d:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQSzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTAxMDkxOTMwWhcNMjQxMjAxMDkxOTMwWjAYMRYw
FAYDVQQDEw02NzI0OWQyNi1lN2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxUzjd8BvOf6dzvxr3pJV9HUjDiLKoPjy0RokQjLdtHQmNmFlp2DccF8l
826s5BiGvc0wLmPGSh9SJNLavzV48BwkHOHoclc2x3HSYUUsezQVlNX1tGXO4kOU
meBS+rqaPXWzoiKYG+4k8ej+gAdcpOoZatWCHprChn+hYpJwTd438yjpUu11oEO2
W4+/GlFK+AhyUw1+scvXDWW4IdzOw25SiK8Np2MGGcqViFjEirwd7uxdzTXqOB1S
ujyy/iTdFduwFfd3K30LekIy/buXqqnMEeGFXmykBVu0beFXg5iU3Zz2JpoHit68
2I+Lkv0DAR2DDFEJ32ckRXW9wK09+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBm7
SD6KkH2w7ZIUImbnyF10QNvzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODdDMDRFMjk4MzIxMUVGOTJFRjA3NEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtFQMA0GCSqGSIb3DQEB
CwUAA4IBAQBj+3yPg1q3pScuDuyGApqjFxKhX5kL/U+ZSQZs2B8IgWbtyB/VLJvI
iLyRu8XfDS1ZcpW64Qchm6gpp8MN/9tWEZbRytpVZ9zHFDARSl2sFF5TGHz16ibN
rEV4Nd5hiT4QLcWfFHNK4arTAADT/CvWQfkUTnRQ1T6dtnqPgTN2dXE9XGpJf5jt
ZKSRvqbPf3dYPvDad8TFoCOWhWiSWbgBhipZ1Ary+zznORTzL/2fdllVFyx3W4Oa
OZv8R1TbqPLZay/yuG8+CaUDuZEjmglUhZKADBFkj2Fc5Ny28W6WGXn7zdMlj4C2
WGSvI+l+4BBWy3xbWwkze6k9o9v2zx2E
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:08 2024 by rpki-client on console-ams.rpki-client.org