Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74F2730C50CD11EFAFFC885E762E951A.roa
File: 74F2730C50CD11EFAFFC885E762E951A.roa (raw, json)
Hash identifier: LhNlW3zB15/ksUfPSYVs55gMR8mjKVxNhPjP3CIA83o=
Subject key identifier: 03:0A:69:54:2B:90:76:4A:B3:9C:5F:3A:E5:5B:56:D7:D6:7E:6C:58
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: DB75
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74F2730C50CD11EFAFFC885E762E951A.roa
Signing time: Fri 02 Aug 2024 12:48:03 +0000
ROA not before: Fri 02 Aug 2024 12:48:00 +0000
ROA not after: Thu 07 Aug 2025 12:48:00 +0000
asID: 137962
IP address blocks: 154.209.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56181 (0xdb75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 2 12:48:00 2024 GMT
Not After : Aug 7 12:48:00 2025 GMT
Subject: CN=66acd583-011c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f3:6f:c1:c4:5d:eb:0b:f2:9e:32:9e:7d:11:
04:4a:93:e1:bf:2c:6d:24:0e:0c:21:8b:36:5d:05:
27:ed:07:be:43:1b:be:60:02:b1:91:10:54:8a:07:
af:1d:9d:e2:6a:26:96:e0:98:b3:47:bf:ad:22:72:
e1:44:5a:ef:a7:5d:c3:06:fe:52:7e:9c:cc:92:d3:
92:dd:ad:e8:41:6b:73:4f:43:2d:0d:ae:97:28:e5:
5c:7b:61:82:1c:12:0a:d1:51:20:2e:e2:0f:c7:6d:
86:07:c4:37:89:6f:0b:be:24:77:74:fb:7b:b9:15:
d8:62:26:82:77:a3:14:e7:6f:23:2e:72:b6:61:5e:
ad:8c:ff:ac:fc:29:f1:7c:5c:cb:48:f1:01:aa:1b:
7b:26:65:ed:24:95:d6:82:63:1a:08:29:4b:5e:8e:
2e:d0:5f:62:c8:cc:04:ea:ca:21:2f:ca:32:da:bd:
7b:90:08:c9:eb:03:e6:e7:73:d4:a5:91:02:2d:fd:
db:7d:ec:73:22:72:9b:ab:96:6a:1f:ec:82:df:91:
c5:ee:4c:ba:2a:02:dc:04:37:d2:ee:6d:80:a4:37:
10:70:c6:8c:59:61:14:07:b1:59:e1:4c:04:92:3e:
46:ee:81:cd:37:97:5e:43:e8:08:ea:74:98:69:71:
08:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:0A:69:54:2B:90:76:4A:B3:9C:5F:3A:E5:5B:56:D7:D6:7E:6C:58
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74F2730C50CD11EFAFFC885E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.1.0/24
Signature Algorithm: sha256WithRSAEncryption
17:38:4b:37:c1:92:75:71:2e:7c:e5:a9:52:5f:8b:e8:47:67:
db:eb:12:72:86:08:61:24:b6:57:1c:ea:a2:4f:1e:2b:db:94:
dd:c0:46:e7:b8:d0:fe:10:ab:b1:29:05:4e:ce:27:44:eb:d8:
d7:1c:49:a4:da:2f:1d:c4:aa:b4:ec:7e:47:e3:76:e5:02:a7:
df:2c:69:e5:67:9d:a7:e7:b7:a2:8b:b0:4b:8d:f7:54:26:0a:
a1:d1:d0:b9:f0:69:f8:0a:0f:cb:f1:3b:4f:13:a5:1e:e8:49:
81:c8:23:f8:5a:b2:70:57:c3:a3:b3:b0:fd:57:fa:da:0c:bc:
59:ab:5a:f8:a1:b9:10:a3:67:62:7e:f7:8c:e5:d1:da:4d:77:
9c:b1:85:f5:88:0e:8a:1e:5d:ff:b5:46:94:75:97:0b:96:47:
b9:cd:30:18:36:be:c2:30:a7:60:bb:3c:8d:31:61:d4:db:f4:
9a:32:4f:3f:3c:06:86:b3:a0:80:27:b8:d6:3a:2d:87:ab:8e:
91:02:83:0c:3c:f2:a9:2f:4d:31:82:39:69:1e:ff:be:d9:65:
2d:74:e9:f5:d3:9e:22:9a:3e:5a:fb:0e:99:5c:59:08:91:85:
4f:90:80:7e:09:f6:8a:00:2b:47:8c:18:f6:60:1c:17:71:40:
52:9d:9d:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDANt1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwODAyMTI0ODAwWhcNMjUwODA3MTI0ODAwWjAYMRYw
FAYDVQQDEw02NmFjZDU4My0wMTFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAofNvwcRd6wvynjKefREESpPhvyxtJA4MIYs2XQUn7Qe+Qxu+YAKxkRBU
igevHZ3iaiaW4JizR7+tInLhRFrvp13DBv5SfpzMktOS3a3oQWtzT0MtDa6XKOVc
e2GCHBIK0VEgLuIPx22GB8Q3iW8LviR3dPt7uRXYYiaCd6MU528jLnK2YV6tjP+s
/CnxfFzLSPEBqht7JmXtJJXWgmMaCClLXo4u0F9iyMwE6sohL8oy2r17kAjJ6wPm
53PUpZECLf3bfexzInKbq5ZqH+yC35HF7ky6KgLcBDfS7m2ApDcQcMaMWWEUB7FZ
4UwEkj5G7oHNN5deQ+gI6nSYaXEITwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAMK
aVQrkHZKs5xfOuVbVtfWfmxYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NEYyNzMwQzUwQ0QxMUVGQUZGQzg4NUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtEBMA0GCSqGSIb3DQEB
CwUAA4IBAQAXOEs3wZJ1cS585alSX4voR2fb6xJyhghhJLZXHOqiTx4r25TdwEbn
uND+EKuxKQVOzidE69jXHEmk2i8dxKq07H5H43blAqffLGnlZ52n57eii7BLjfdU
Jgqh0dC58Gn4Cg/L8TtPE6Ue6EmByCP4WrJwV8Ojs7D9V/raDLxZq1r4obkQo2di
fveM5dHaTXecsYX1iA6KHl3/tUaUdZcLlke5zTAYNr7CMKdguzyNMWHU2/SaMk8/
PAaGs6CAJ7jWOi2Hq46RAoMMPPKpL00xgjlpHv++2WUtdOn1054imj5a+w6ZXFkI
kYVPkIB+CfaKACtHjBj2YBwXcUBSnZ0j
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:35 2024 by rpki-client on console-fra.rpki-client.org