Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7009E95EA8CC11EFA7A4487A762E951A.roa
File: 7009E95EA8CC11EFA7A4487A762E951A.roa (raw, json)
Hash identifier: 8YlgMF4czY5FN0HfnmOd//2Jfh0VS9QS5AIcpK8/xwg=
Subject key identifier: 46:7C:2A:58:82:37:50:90:D4:FD:A2:E6:3A:72:B6:B8:AF:24:41:F1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011009
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7009E95EA8CC11EFA7A4487A762E951A.roa
Signing time: Fri 22 Nov 2024 12:22:28 +0000
ROA not before: Fri 22 Nov 2024 12:22:24 +0000
ROA not after: Sat 30 Nov 2024 12:22:24 +0000
asID: 137443
IP address blocks: 154.223.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69641 (0x11009)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 12:22:24 2024 GMT
Not After : Nov 30 12:22:24 2024 GMT
Subject: CN=67407784-5f27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e4:51:69:56:83:08:28:24:79:d7:94:de:21:
b8:0c:9e:f7:6f:22:ac:7c:e5:96:17:90:a0:4d:61:
45:2e:35:27:85:ab:5c:b4:f6:51:e7:de:85:35:0d:
8e:fb:09:7b:41:94:d2:8d:b0:af:08:cd:d5:00:21:
53:be:e0:62:0d:06:1f:e0:7d:ff:94:a7:bc:54:34:
fa:c1:99:ef:9a:37:4a:5a:f7:f7:4b:d5:b9:5e:bc:
01:4f:ce:b3:ea:71:f3:e6:57:bd:3c:26:b2:d7:9d:
37:6b:7c:1c:20:66:3f:60:ec:8f:5d:aa:8d:50:06:
99:79:0b:6e:29:59:d5:36:92:c5:38:2c:5a:b5:8f:
5d:ab:0e:23:ab:c7:cc:eb:8c:ee:5b:ef:2a:7b:90:
93:03:4d:aa:e7:53:2c:f6:43:dd:76:68:b7:f7:c6:
80:63:a7:e5:ca:9f:06:f3:36:d1:12:c9:8e:ed:11:
53:f7:44:ee:f5:70:37:52:2f:24:e4:5e:38:10:90:
9a:7b:8b:ec:9a:96:89:d1:6b:22:0d:ec:6c:c4:36:
47:e8:0b:d8:03:33:9d:68:93:d4:76:6b:36:1a:b9:
5e:bb:f1:8d:b1:00:2b:4d:51:e5:79:c8:86:bd:a0:
64:a6:33:2a:0c:46:a9:20:ce:3c:3f:0d:ef:05:c5:
6b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:7C:2A:58:82:37:50:90:D4:FD:A2:E6:3A:72:B6:B8:AF:24:41:F1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7009E95EA8CC11EFA7A4487A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.188.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:fa:02:3f:b1:0b:c5:1d:8c:dc:8e:3d:ac:63:bd:3f:e4:f7:
98:f2:72:60:3a:00:53:c6:45:f2:29:9b:d1:77:61:e8:e3:4b:
ba:ba:5d:05:a1:44:84:90:e9:07:d6:6e:6a:f1:6d:12:45:f9:
d6:ab:ac:70:3c:af:97:db:97:66:1c:fd:18:b8:32:51:2e:4b:
9d:72:a0:71:a4:4b:46:b7:70:51:de:61:df:5e:e5:bc:8e:bc:
45:48:5a:aa:2d:dd:a7:3a:46:e6:28:fe:c7:f1:20:8c:12:c0:
18:5a:f7:91:19:0c:98:fd:b7:8f:00:21:63:31:41:43:ce:eb:
e3:6b:93:88:ff:b3:62:71:63:41:51:01:3b:d4:f7:ec:9d:46:
50:39:47:30:29:d1:18:0b:df:1a:4e:2d:f7:01:35:95:ea:18:
52:98:99:c4:7a:a6:a4:e6:9f:10:a0:bb:c7:7f:83:9d:83:3d:
cb:cf:c1:e5:42:2d:74:1b:e3:fc:2f:9a:20:68:14:4b:87:6a:
d0:0d:1e:d1:05:78:2e:4e:f2:89:c2:a7:8e:c7:ee:07:4e:c6:
db:29:d9:3a:02:40:5d:21:b5:25:9a:e2:95:7f:c0:c0:cd:fe:
09:40:f2:1e:10:05:db:6e:8a:2e:56:46:0f:9f:03:63:e3:b8:
b2:6f:37:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARAJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTIyMjI0WhcNMjQxMTMwMTIyMjI0WjAYMRYw
FAYDVQQDEw02NzQwNzc4NC01ZjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2eRRaVaDCCgkedeU3iG4DJ73byKsfOWWF5CgTWFFLjUnhatctPZR596F
NQ2O+wl7QZTSjbCvCM3VACFTvuBiDQYf4H3/lKe8VDT6wZnvmjdKWvf3S9W5XrwB
T86z6nHz5le9PCay1503a3wcIGY/YOyPXaqNUAaZeQtuKVnVNpLFOCxatY9dqw4j
q8fM64zuW+8qe5CTA02q51Ms9kPddmi398aAY6flyp8G8zbREsmO7RFT90Tu9XA3
Ui8k5F44EJCae4vsmpaJ0WsiDexsxDZH6AvYAzOdaJPUdms2Grleu/GNsQArTVHl
eciGvaBkpjMqDEapIM48Pw3vBcVrywIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEZ8
KliCN1CQ1P2i5jpytrivJEHxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MDA5RTk1RUE4Q0MxMUVGQTdBNDQ4N0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt+8MA0GCSqGSIb3DQEB
CwUAA4IBAQBr+gI/sQvFHYzcjj2sY70/5PeY8nJgOgBTxkXyKZvRd2Ho40u6ul0F
oUSEkOkH1m5q8W0SRfnWq6xwPK+X25dmHP0YuDJRLkudcqBxpEtGt3BR3mHfXuW8
jrxFSFqqLd2nOkbmKP7H8SCMEsAYWveRGQyY/bePACFjMUFDzuvja5OI/7NicWNB
UQE71PfsnUZQOUcwKdEYC98aTi33ATWV6hhSmJnEeqak5p8QoLvHf4Odgz3Lz8Hl
Qi10G+P8L5ogaBRLh2rQDR7RBXguTvKJwqeOx+4HTsbbKdk6AkBdIbUlmuKVf8DA
zf4JQPIeEAXbboouVkYPnwNj47iybzeM
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:34 2024 by rpki-client on console-fra.rpki-client.org