Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71C2518892DC11EF941AFEA2762E951A.roa
File: 71C2518892DC11EF941AFEA2762E951A.roa (raw, json)
Hash identifier: 1XHvKI5aQMKoBXziGESo/uUWvI5PP5DiR5lnWouK7T4=
Subject key identifier: 16:67:16:B5:A2:E2:3F:05:F2:6C:5D:1F:29:97:D7:BE:53:F3:B4:37
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010222
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71C2518892DC11EF941AFEA2762E951A.roa
Signing time: Fri 25 Oct 2024 14:21:37 +0000
ROA not before: Fri 25 Oct 2024 14:21:34 +0000
ROA not after: Sun 01 Dec 2024 14:21:34 +0000
asID: 44559
IP address blocks: 154.209.152.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66082 (0x10222)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 25 14:21:34 2024 GMT
Not After : Dec 1 14:21:34 2024 GMT
Subject: CN=671ba971-994f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:77:26:da:ce:d8:95:de:9e:18:0d:d0:cd:fe:
db:16:81:a8:fd:28:ac:47:68:01:e1:f1:3a:67:21:
e4:76:82:1b:26:16:75:94:10:b4:2e:84:be:d4:83:
72:55:84:d0:0c:26:ae:fa:0e:93:56:ca:01:7c:b2:
92:1b:d1:6a:f5:de:63:e4:b0:6b:fa:26:44:fa:0e:
97:66:e7:7b:29:b2:74:e4:fe:fc:11:c5:7a:aa:e4:
b2:18:87:14:2d:f6:7b:23:31:1b:32:c3:30:df:65:
6f:a0:67:74:be:81:aa:54:63:c7:e4:85:06:b2:51:
cf:1c:34:97:e2:7b:1f:bb:a3:be:11:a6:b6:9b:b5:
74:2f:6d:c3:91:e1:d0:a3:76:d4:60:6a:82:fe:16:
45:41:b3:14:bd:13:c6:ac:aa:f9:ca:38:de:20:cd:
b4:16:7c:c5:7b:bf:dd:70:c4:03:21:e1:ab:30:bf:
15:f8:27:86:38:3b:df:22:6c:58:57:ba:0d:84:e4:
d8:39:45:11:b9:15:8d:a6:4d:d6:4c:c4:74:2b:d6:
df:8e:b2:62:ef:a3:bb:a6:38:6e:26:99:b3:fc:f1:
af:c1:61:eb:7b:34:ab:2a:fd:33:62:43:ea:db:e3:
ec:4d:04:e3:ed:be:a6:a0:9c:52:a3:6e:ab:26:a6:
dc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:67:16:B5:A2:E2:3F:05:F2:6C:5D:1F:29:97:D7:BE:53:F3:B4:37
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71C2518892DC11EF941AFEA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.152.0/21
Signature Algorithm: sha256WithRSAEncryption
bd:dc:c0:7f:b0:f1:40:6e:15:7f:8a:b4:cd:66:24:06:21:ad:
bb:84:8d:02:39:0b:09:ec:fe:90:d0:c6:9d:6e:1c:38:00:2b:
48:63:5f:45:2b:f2:e1:0e:5a:ab:ee:29:01:cb:f2:ee:36:ce:
01:9c:48:b7:2f:0d:76:de:50:c0:30:0b:48:b1:76:8f:82:69:
1e:ae:31:cf:a8:fd:00:0d:01:dd:c9:1f:99:a7:e9:5e:1c:ee:
ae:1c:b6:75:cb:01:53:13:7c:c1:59:71:e2:ef:fd:ce:3c:17:
d9:c3:4f:49:9e:f4:c9:50:97:a1:83:02:e6:86:0e:f6:51:9b:
ae:01:f3:37:73:00:fb:59:ed:7e:0d:6a:d6:ec:cb:3b:aa:7d:
3c:39:87:55:e8:bc:3f:f4:27:5c:ab:3d:16:12:80:65:d1:85:
e0:7c:fc:b9:95:b5:f2:e5:cf:a7:bf:53:94:13:45:f1:2a:7e:
f2:5e:0d:73:73:7f:e3:c8:41:9c:e9:f1:49:c6:fa:92:fb:28:
d4:d7:34:ce:e2:29:2b:ba:39:a4:0d:f0:64:1b:c4:80:e9:07:
50:92:86:97:54:5a:47:e0:b0:49:6d:7a:13:71:4a:33:a7:c4:
f4:b5:aa:7f:c5:04:c1:7d:cd:14:94:af:cb:e0:5b:a9:4e:8d:
2e:4c:7b:24
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQIiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDI1MTQyMTM0WhcNMjQxMjAxMTQyMTM0WjAYMRYw
FAYDVQQDEw02NzFiYTk3MS05OTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmncm2s7Yld6eGA3Qzf7bFoGo/SisR2gB4fE6ZyHkdoIbJhZ1lBC0LoS+
1INyVYTQDCau+g6TVsoBfLKSG9Fq9d5j5LBr+iZE+g6XZud7KbJ05P78EcV6quSy
GIcULfZ7IzEbMsMw32VvoGd0voGqVGPH5IUGslHPHDSX4nsfu6O+Eaa2m7V0L23D
keHQo3bUYGqC/hZFQbMUvRPGrKr5yjjeIM20FnzFe7/dcMQDIeGrML8V+CeGODvf
ImxYV7oNhOTYOUURuRWNpk3WTMR0K9bfjrJi76O7pjhuJpmz/PGvwWHrezSrKv0z
YkPq2+PsTQTj7b6moJxSo26rJqbctQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBZn
FrWi4j8F8mxdHymX175T87Q3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MUMyNTE4ODkyREMxMUVGOTQxQUZFQTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtGYMA0GCSqGSIb3DQEB
CwUAA4IBAQC93MB/sPFAbhV/irTNZiQGIa27hI0COQsJ7P6Q0Madbhw4ACtIY19F
K/LhDlqr7ikBy/LuNs4BnEi3Lw123lDAMAtIsXaPgmkerjHPqP0ADQHdyR+Zp+le
HO6uHLZ1ywFTE3zBWXHi7/3OPBfZw09JnvTJUJehgwLmhg72UZuuAfM3cwD7We1+
DWrW7Ms7qn08OYdV6Lw/9Cdcqz0WEoBl0YXgfPy5lbXy5c+nv1OUE0XxKn7yXg1z
c3/jyEGc6fFJxvqS+yjU1zTO4ikrujmkDfBkG8SA6QdQkoaXVFpH4LBJbXoTcUoz
p8T0tap/xQTBfc0UlK/L4FupTo0uTHsk
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:09 2024 by rpki-client on console-ams.rpki-client.org