Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70FEC8A49B7811EF9E279C70762E951A.roa
File: 70FEC8A49B7811EF9E279C70762E951A.roa (raw, json)
Hash identifier: oRSa9rE6L3TzgHO1+6X+bUrgKRpAmAJRO6e3ygLy4Iw=
Subject key identifier: 3E:41:D0:72:2E:DA:3F:56:A1:65:27:BF:A9:21:B5:EB:82:A6:65:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107DB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70FEC8A49B7811EF9E279C70762E951A.roa
Signing time: Tue 05 Nov 2024 13:18:27 +0000
ROA not before: Tue 05 Nov 2024 13:18:23 +0000
ROA not after: Mon 13 Jan 2025 13:18:23 +0000
asID: 22773
IP address blocks: 154.212.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67547 (0x107db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 5 13:18:23 2024 GMT
Not After : Jan 13 13:18:23 2025 GMT
Subject: CN=672a1b23-b197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:48:18:fa:12:f8:18:5b:49:5c:9d:14:20:32:
c8:b0:8b:e7:e9:f3:77:17:61:28:00:fa:ed:fe:5c:
8f:bc:6a:1f:bf:1b:bd:ec:d3:9e:15:3c:6e:e2:c8:
e6:77:b5:d2:3f:26:d3:42:83:11:85:62:12:52:ae:
ee:70:d6:95:be:d4:cc:fd:4b:7a:70:67:3e:e8:dc:
1c:70:3a:d0:34:6e:c6:26:7c:1f:ae:81:3f:b1:4d:
e4:62:ae:13:85:05:80:0a:b5:9e:2c:7e:a7:d1:0c:
67:10:35:e8:f0:63:58:b4:4e:dc:4b:f7:c5:6f:68:
32:8b:48:f7:e0:2e:95:37:84:14:50:83:ca:6f:31:
72:c2:e2:fa:7d:aa:6f:c8:94:dd:49:ff:5e:98:e5:
d7:f0:b8:87:4c:b4:54:b0:b9:a9:fc:87:a5:8c:28:
53:64:d6:d7:28:7e:68:7d:ad:de:d1:72:e1:05:26:
5a:28:6b:2b:f8:ff:e8:64:21:f4:6e:f6:e7:42:77:
fc:8b:53:c0:c8:3b:fa:96:d1:a4:d3:10:d2:d6:5c:
43:01:01:2d:7c:09:54:0b:d9:bc:93:f1:81:c3:3d:
a9:44:42:50:92:59:ce:b5:ca:14:2c:b4:be:9f:06:
90:8c:0f:33:5b:c4:6c:70:0f:49:b2:ab:88:2b:7c:
a9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:41:D0:72:2E:DA:3F:56:A1:65:27:BF:A9:21:B5:EB:82:A6:65:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/70FEC8A49B7811EF9E279C70762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.16.0/22
Signature Algorithm: sha256WithRSAEncryption
17:55:18:46:fc:ca:1f:52:81:3c:51:3d:46:81:fd:0c:f6:98:
35:87:ff:bb:ee:1e:00:e5:e1:6b:e8:aa:fc:5a:0f:e2:0b:f4:
bc:2e:65:e6:05:17:1f:fc:46:c5:4a:1a:7f:90:19:27:69:48:
e5:7c:6b:d1:7a:11:7e:31:06:7a:f7:33:3a:58:51:67:d8:16:
7e:1c:89:e5:bb:bc:7a:6b:91:37:d8:6c:58:23:26:49:10:03:
66:f6:95:fd:c2:5e:b6:2e:4c:09:ca:c9:7c:96:ab:b0:d6:2d:
da:4e:21:8f:6d:cf:97:00:e7:ea:ef:f7:8a:0c:76:48:8b:7b:
eb:11:a9:bb:75:a2:e4:4a:eb:7a:18:26:bc:76:7b:c3:be:cf:
e4:a9:9c:8a:1c:9c:55:f5:91:02:a3:07:6a:ee:db:7f:2e:55:
43:60:0e:e5:3a:e9:b9:16:48:43:6d:39:ad:9d:27:d1:e8:5f:
47:5f:fa:e0:43:00:82:58:45:b6:7b:12:18:a0:77:49:b3:58:
0f:0f:ee:c9:26:51:eb:32:ca:98:60:88:cc:6b:ac:81:59:bd:
95:0a:92:3c:25:18:7e:22:a6:13:33:cd:82:b0:23:b7:5b:08:
64:5c:1b:d8:77:1c:a7:f5:9c:96:56:89:21:81:50:80:da:ae:
12:26:16:96
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQfbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTMxODIzWhcNMjUwMTEzMTMxODIzWjAYMRYw
FAYDVQQDEw02NzJhMWIyMy1iMTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsEgY+hL4GFtJXJ0UIDLIsIvn6fN3F2EoAPrt/lyPvGofvxu97NOeFTxu
4sjmd7XSPybTQoMRhWISUq7ucNaVvtTM/Ut6cGc+6NwccDrQNG7GJnwfroE/sU3k
Yq4ThQWACrWeLH6n0QxnEDXo8GNYtE7cS/fFb2gyi0j34C6VN4QUUIPKbzFywuL6
fapvyJTdSf9emOXX8LiHTLRUsLmp/IeljChTZNbXKH5ofa3e0XLhBSZaKGsr+P/o
ZCH0bvbnQnf8i1PAyDv6ltGk0xDS1lxDAQEtfAlUC9m8k/GBwz2pREJQklnOtcoU
LLS+nwaQjA8zW8RscA9JsquIK3yp/wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD5B
0HIu2j9WoWUnv6khteuCpmX3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MEZFQzhBNDlCNzgxMUVGOUUyNzlDNzA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtQQMA0GCSqGSIb3DQEB
CwUAA4IBAQAXVRhG/MofUoE8UT1Ggf0M9pg1h/+77h4A5eFr6Kr8Wg/iC/S8LmXm
BRcf/EbFShp/kBknaUjlfGvRehF+MQZ69zM6WFFn2BZ+HInlu7x6a5E32GxYIyZJ
EANm9pX9wl62LkwJysl8lquw1i3aTiGPbc+XAOfq7/eKDHZIi3vrEam7daLkSut6
GCa8dnvDvs/kqZyKHJxV9ZECowdq7tt/LlVDYA7lOum5FkhDbTmtnSfR6F9HX/rg
QwCCWEW2exIYoHdJs1gPD+7JJlHrMsqYYIjMa6yBWb2VCpI8JRh+IqYTM82CsCO3
WwhkXBvYdxyn9ZyWVokhgVCA2q4SJhaW
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:10 2024 by rpki-client on console-fra.rpki-client.org