Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/694870C0A9BE11EF8D5EFD6B762E951A.roa
File: 694870C0A9BE11EF8D5EFD6B762E951A.roa (raw, json)
Hash identifier: wHjGx9MCF/WkcB7US3UzQWkV0bxXTfk2zFqpN4PUPtc=
Subject key identifier: 7D:44:46:32:A1:FF:62:68:98:8A:64:D9:A3:08:AE:25:59:07:C8:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0111B4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/694870C0A9BE11EF8D5EFD6B762E951A.roa
Signing time: Sat 23 Nov 2024 17:14:35 +0000
ROA not before: Sat 23 Nov 2024 17:14:31 +0000
ROA not after: Mon 02 Dec 2024 17:14:31 +0000
asID: 44559
IP address blocks: 154.210.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70068 (0x111b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 23 17:14:31 2024 GMT
Not After : Dec 2 17:14:31 2024 GMT
Subject: CN=67420d7b-76e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cf:64:1d:64:aa:c3:69:37:94:c8:d8:88:5a:
bf:49:ca:0e:6d:80:e2:78:76:e5:9e:bc:b7:9d:25:
ee:62:45:0c:d1:0b:78:8f:2c:ca:eb:a9:fc:b2:9a:
46:bf:36:c7:68:89:a4:23:36:44:37:2c:e0:25:ce:
8d:8f:fb:51:fe:2e:fa:89:98:e6:d2:31:3e:2f:cb:
33:21:68:20:41:1a:e3:d0:d7:c8:77:e5:64:8c:f7:
2e:62:f1:40:d3:47:e0:ed:fd:dc:dd:69:1f:dd:cb:
28:98:ba:ef:47:c3:b2:1c:61:ff:3d:c0:ec:48:78:
7d:8d:fe:d3:f3:bc:fe:e4:dd:12:30:9d:92:35:59:
28:9a:7d:e9:87:4f:d8:51:14:68:ba:e4:b0:7b:09:
35:db:49:43:58:74:79:1f:7b:96:cf:d5:84:73:cf:
d2:a6:df:f6:12:cb:18:0f:c6:21:30:9f:a5:08:d3:
55:02:08:75:5b:5a:4f:64:67:a3:55:89:88:f5:32:
92:6e:90:7d:25:d2:82:db:4a:8e:66:ea:9a:47:d0:
48:6d:f9:2d:c9:d2:e5:6c:de:d4:4b:0a:84:2d:6c:
d6:06:1c:41:a7:0e:04:64:25:66:ae:d0:11:81:9a:
03:2e:67:2b:50:ba:05:26:9f:c7:43:91:54:39:c4:
ce:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:44:46:32:A1:FF:62:68:98:8A:64:D9:A3:08:AE:25:59:07:C8:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/694870C0A9BE11EF8D5EFD6B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.86.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:47:ef:dd:b3:14:c3:1c:27:56:18:ca:d0:88:82:6f:f7:43:
4c:6f:63:41:bc:4b:4f:07:7f:13:b4:0e:65:a5:6f:9b:d4:19:
30:b3:5e:88:81:0d:8d:70:49:3d:27:57:f0:1e:72:fd:e5:8c:
9a:39:20:40:06:39:09:a7:e2:1e:2d:63:57:e2:ae:8e:18:32:
30:dd:88:5e:1c:0b:63:6d:d6:e1:54:6e:56:ea:24:36:83:5c:
50:dc:f4:6a:aa:46:61:67:db:ae:d7:bc:91:3b:70:3b:22:80:
9c:f5:38:0a:6a:b1:5a:9f:a3:31:c2:13:ad:a8:c6:f8:c9:4d:
39:90:4a:ff:19:85:aa:1d:35:29:cd:57:2d:c2:31:66:a1:60:
2c:71:78:d1:bb:21:c7:b2:e9:f2:c8:6f:13:e2:23:ca:ef:ba:
d5:4e:eb:14:2e:3c:66:5b:5b:92:09:93:ab:23:56:b4:66:15:
bf:5b:ab:a5:bf:72:15:14:4f:26:0e:ab:8f:c0:1f:64:fd:b8:
b5:e9:80:04:61:2c:5f:e7:f9:70:fa:d2:c1:53:1b:2a:41:35:
a5:13:94:29:78:03:0e:92:1b:b9:58:cf:b4:60:b6:ae:20:99:
60:dd:b8:71:44:76:49:69:46:ee:fa:ec:f5:fa:57:3f:b6:41:
16:2e:13:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARG0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIzMTcxNDMxWhcNMjQxMjAyMTcxNDMxWjAYMRYw
FAYDVQQDEw02NzQyMGQ3Yi03NmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3c9kHWSqw2k3lMjYiFq/ScoObYDieHblnry3nSXuYkUM0Qt4jyzK66n8
sppGvzbHaImkIzZENyzgJc6Nj/tR/i76iZjm0jE+L8szIWggQRrj0NfId+VkjPcu
YvFA00fg7f3c3Wkf3csomLrvR8OyHGH/PcDsSHh9jf7T87z+5N0SMJ2SNVkomn3p
h0/YURRouuSwewk120lDWHR5H3uWz9WEc8/Spt/2EssYD8YhMJ+lCNNVAgh1W1pP
ZGejVYmI9TKSbpB9JdKC20qOZuqaR9BIbfktydLlbN7USwqELWzWBhxBpw4EZCVm
rtARgZoDLmcrULoFJp/HQ5FUOcTO1wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFH1E
RjKh/2JomIpk2aMIriVZB8gMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OTQ4NzBDMEE5QkUxMUVGOEQ1RUZENkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtJWMA0GCSqGSIb3DQEB
CwUAA4IBAQCzR+/dsxTDHCdWGMrQiIJv90NMb2NBvEtPB38TtA5lpW+b1Bkws16I
gQ2NcEk9J1fwHnL95YyaOSBABjkJp+IeLWNX4q6OGDIw3YheHAtjbdbhVG5W6iQ2
g1xQ3PRqqkZhZ9uu17yRO3A7IoCc9TgKarFan6MxwhOtqMb4yU05kEr/GYWqHTUp
zVctwjFmoWAscXjRuyHHsunyyG8T4iPK77rVTusULjxmW1uSCZOrI1a0ZhW/W6ul
v3IVFE8mDquPwB9k/bi16YAEYSxf5/lw+tLBUxsqQTWlE5QpeAMOkhu5WM+0YLau
IJlg3bhxRHZJaUbu+uz1+lc/tkEWLhOF
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:33 2024 by rpki-client on console-fra.rpki-client.org