Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/78A7E10EA9CD11EF91245E4B762E951A.roa
File: 78A7E10EA9CD11EF91245E4B762E951A.roa (raw, json)
Hash identifier: CmLxwHKOU6XmjnQZ6o+jTWkW/x41bgMp6Ow9Qr8zAz0=
Subject key identifier: 05:86:24:29:8F:60:17:7A:CF:F9:5D:83:3A:14:D6:F9:3A:07:53:15
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0111FC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/78A7E10EA9CD11EF91245E4B762E951A.roa
Signing time: Sat 23 Nov 2024 19:02:23 +0000
ROA not before: Sat 23 Nov 2024 19:02:19 +0000
ROA not after: Mon 02 Dec 2024 19:02:19 +0000
asID: 9009
IP address blocks: 154.95.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70140 (0x111fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 23 19:02:19 2024 GMT
Not After : Dec 2 19:02:19 2024 GMT
Subject: CN=674226bf-3621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d8:eb:51:41:98:97:b4:b1:b2:fd:a4:82:fe:
85:bc:a5:fa:bc:c3:af:38:e7:1a:40:08:90:bb:dc:
29:80:06:c4:4a:18:16:0c:2e:4d:5c:4d:88:e6:f1:
49:2b:1f:ea:d3:f8:dc:a3:d8:18:c9:a2:1b:ec:da:
a5:7d:82:d8:11:76:d4:63:d3:b1:7c:cf:cd:43:d3:
3e:11:31:ea:34:b6:97:74:20:d7:f0:a7:5c:08:f5:
18:8d:d1:25:61:0d:b8:ec:8e:dd:7b:0e:67:2f:71:
87:f1:49:67:b7:68:98:1d:31:b4:48:c8:a1:cd:01:
78:42:e7:e5:b9:11:b2:93:3f:c0:0a:fd:9b:9b:6d:
c0:c7:32:51:6d:2d:65:13:3b:5e:7f:ac:e9:4b:f0:
7e:a9:88:93:45:80:08:0e:a4:70:5e:a6:ad:77:d8:
f8:56:02:41:c3:0f:f6:04:56:4e:0d:02:ac:80:2d:
ee:fe:54:51:eb:3b:fe:44:04:5d:27:6b:37:36:d6:
50:a6:04:03:c1:e3:d2:fd:b7:ac:b2:72:73:95:9d:
4c:42:cc:bb:56:37:98:56:90:6e:58:0b:f0:10:74:
70:44:24:d0:db:93:85:38:c7:e8:58:0d:e2:6a:f2:
00:80:a2:7d:be:05:5a:55:82:79:7e:97:64:8a:c0:
ae:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:86:24:29:8F:60:17:7A:CF:F9:5D:83:3A:14:D6:F9:3A:07:53:15
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/78A7E10EA9CD11EF91245E4B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.0.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:7f:1c:3b:74:8c:bb:c4:44:90:06:6b:31:fa:b9:e5:e9:bf:
0a:c4:59:eb:4c:6e:98:51:bd:3a:91:73:48:3c:bf:28:17:10:
7f:9f:15:00:5d:e4:a6:d4:0c:14:61:34:6d:ce:82:8c:cc:3e:
fc:e1:db:ef:13:ea:84:60:39:cb:72:5c:47:b6:e8:7e:11:2a:
e5:33:5a:11:60:9f:46:eb:85:5d:7d:4a:fa:12:93:d8:fb:a4:
b8:38:8c:7e:97:6d:06:c5:b6:42:16:f5:64:b4:49:20:8a:53:
f8:01:d9:95:5c:94:18:86:d3:91:dc:2d:b9:81:8d:fb:02:40:
1b:cb:a9:db:58:53:af:fe:8e:80:58:90:ef:7f:1d:e1:a6:4c:
a4:28:6f:7d:bc:da:10:09:4d:cd:bb:27:21:9c:5f:b1:64:45:
6d:5a:11:71:be:a3:3b:47:70:cb:4c:0e:19:20:47:77:f5:c8:
d5:6c:0e:09:b2:25:2a:09:96:46:2f:ac:6e:98:f5:d8:2e:90:
7c:0d:7a:08:b7:29:bc:c0:5c:5d:c1:f6:b0:93:c7:a4:59:da:
45:8b:cc:f1:a8:d3:28:75:60:68:af:62:d3:34:c1:2b:6b:c6:
b9:62:64:8e:a7:e2:1f:d3:39:76:c0:4e:60:9e:e5:0e:98:e9:
a8:ec:99:da
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARH8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIzMTkwMjE5WhcNMjQxMjAyMTkwMjE5WjAYMRYw
FAYDVQQDEw02NzQyMjZiZi0zNjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApNjrUUGYl7Sxsv2kgv6FvKX6vMOvOOcaQAiQu9wpgAbEShgWDC5NXE2I
5vFJKx/q0/jco9gYyaIb7NqlfYLYEXbUY9OxfM/NQ9M+ETHqNLaXdCDX8KdcCPUY
jdElYQ247I7dew5nL3GH8Ulnt2iYHTG0SMihzQF4QufluRGykz/ACv2bm23AxzJR
bS1lEztef6zpS/B+qYiTRYAIDqRwXqatd9j4VgJBww/2BFZODQKsgC3u/lRR6zv+
RARdJ2s3NtZQpgQDwePS/bessnJzlZ1MQsy7VjeYVpBuWAvwEHRwRCTQ25OFOMfo
WA3iavIAgKJ9vgVaVYJ5fpdkisCugwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAWG
JCmPYBd6z/ldgzoU1vk6B1MVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83OEE3RTEwRUE5Q0QxMUVGOTEyNDVFNEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml8AMA0GCSqGSIb3DQEB
CwUAA4IBAQDSfxw7dIy7xESQBmsx+rnl6b8KxFnrTG6YUb06kXNIPL8oFxB/nxUA
XeSm1AwUYTRtzoKMzD784dvvE+qEYDnLclxHtuh+ESrlM1oRYJ9G64VdfUr6EpPY
+6S4OIx+l20GxbZCFvVktEkgilP4AdmVXJQYhtOR3C25gY37AkAby6nbWFOv/o6A
WJDvfx3hpkykKG99vNoQCU3NuychnF+xZEVtWhFxvqM7R3DLTA4ZIEd39cjVbA4J
siUqCZZGL6xumPXYLpB8DXoItym8wFxdwfawk8ekWdpFi8zxqNModWBor2LTNMEr
a8a5YmSOp+If0zl2wE5gnuUOmOmo7Jna
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:19 2024 by rpki-client on console-ams.rpki-client.org