Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7B206D1A9D1211EFB63F5B8C762E951A.roa
File: 7B206D1A9D1211EFB63F5B8C762E951A.roa (raw, json)
Hash identifier: RMQCA5Ms/2xCsRq6BcCB4VXdXMhu6W3kqFezFPIQ7zY=
Subject key identifier: 3D:74:A8:BF:30:E0:16:F4:50:52:2D:C9:BF:AC:5D:35:55:48:18:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010937
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7B206D1A9D1211EFB63F5B8C762E951A.roa
Signing time: Thu 07 Nov 2024 14:13:37 +0000
ROA not before: Thu 07 Nov 2024 14:13:34 +0000
ROA not after: Fri 13 Jun 2025 14:13:34 +0000
asID: 139811
IP address blocks: 154.205.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67895 (0x10937)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 14:13:34 2024 GMT
Not After : Jun 13 14:13:34 2025 GMT
Subject: CN=672ccb11-51ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:75:42:3d:f8:77:5d:2b:32:b4:1a:5b:5e:20:
e4:e5:f4:42:de:56:09:f6:ca:20:68:ec:78:e3:59:
6a:89:ff:48:7d:66:ba:09:9d:29:e3:19:c1:6e:01:
36:59:e6:c5:01:7e:5c:a3:26:2e:bc:5e:46:5a:e7:
40:42:9f:f6:cb:eb:7b:9d:15:30:14:c4:bc:9a:70:
75:b0:7d:57:e4:a6:c2:ae:20:61:82:fd:d8:e1:71:
09:9c:d1:66:7a:c7:c2:99:e0:dc:ce:07:2f:c8:89:
90:0e:97:a3:d7:7c:2a:e3:67:2d:b6:ab:35:ae:b1:
7a:55:cf:50:6a:76:73:67:a4:3b:7a:88:4a:92:bf:
3c:e1:11:50:0c:45:14:6c:41:21:68:18:e3:95:ec:
ab:9c:d2:9c:26:8d:0b:38:4e:71:4f:5b:68:5a:7b:
69:f5:68:e2:f0:9d:f0:31:28:ce:16:3d:20:cf:ca:
cb:ac:c7:65:ab:41:79:29:a9:f8:67:aa:14:ef:a4:
bf:4f:93:fe:9f:ab:c1:f1:22:ff:c6:43:16:44:76:
3a:d5:70:cd:f2:03:66:76:04:9d:dc:d6:fc:8a:4d:
0f:ad:5f:07:14:61:9e:c2:68:cc:5c:91:b9:47:ae:
7a:9c:c2:8a:e9:01:8b:78:b1:04:ce:6d:70:71:be:
6b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:74:A8:BF:30:E0:16:F4:50:52:2D:C9:BF:AC:5D:35:55:48:18:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7B206D1A9D1211EFB63F5B8C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.4.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:52:ec:96:41:70:74:e0:dd:13:fe:d1:d4:2d:a8:8c:5b:96:
18:2b:37:65:c8:cc:bc:44:67:4c:4e:8f:7e:95:01:e2:35:1b:
8f:75:9e:49:84:bd:1a:e9:3f:13:f3:d1:a2:48:ec:50:8f:cc:
f3:35:86:27:48:ca:c3:18:40:6c:31:2d:5c:bc:18:6e:3b:b2:
76:2f:33:be:4d:30:33:70:fe:f0:56:5d:5d:a2:da:07:38:38:
0b:3a:c8:96:fc:b0:00:1c:97:99:9c:ff:aa:ad:03:17:4e:5e:
10:fa:6c:58:2d:6d:a6:b1:3b:92:35:22:d2:c5:8e:88:59:4d:
f8:e0:5a:93:32:dc:35:54:df:c6:ae:c7:36:dc:a0:36:91:cf:
7a:3f:60:cf:cd:31:7d:d0:83:b7:1c:d4:1f:ab:48:3a:e7:1f:
37:ad:16:5b:e9:30:47:a7:0b:62:f6:25:57:4d:c9:db:ef:e8:
c3:ae:67:78:d8:af:40:27:24:d6:2d:6c:01:e1:16:55:72:32:
40:8b:e0:d7:42:27:61:d8:34:91:bc:78:9a:e8:6b:73:d6:c2:
33:f7:78:b7:95:55:7e:1a:e0:14:e8:99:a6:72:14:a9:e8:05:
b1:91:ca:50:e8:9a:55:b1:5c:b7:0e:c5:ec:7d:1d:7e:d3:dc:
ac:59:d1:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQk3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MTQxMzM0WhcNMjUwNjEzMTQxMzM0WjAYMRYw
FAYDVQQDEw02NzJjY2IxMS01MWZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz3VCPfh3XSsytBpbXiDk5fRC3lYJ9sogaOx441lqif9IfWa6CZ0p4xnB
bgE2WebFAX5coyYuvF5GWudAQp/2y+t7nRUwFMS8mnB1sH1X5KbCriBhgv3Y4XEJ
nNFmesfCmeDczgcvyImQDpej13wq42cttqs1rrF6Vc9QanZzZ6Q7eohKkr884RFQ
DEUUbEEhaBjjleyrnNKcJo0LOE5xT1toWntp9Wji8J3wMSjOFj0gz8rLrMdlq0F5
Kan4Z6oU76S/T5P+n6vB8SL/xkMWRHY61XDN8gNmdgSd3Nb8ik0PrV8HFGGewmjM
XJG5R656nMKK6QGLeLEEzm1wcb5rKQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD10
qL8w4Bb0UFItyb+sXTVVSBioMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QjIwNkQxQTlEMTIxMUVGQjYzRjVCOEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms0EMA0GCSqGSIb3DQEB
CwUAA4IBAQCeUuyWQXB04N0T/tHULaiMW5YYKzdlyMy8RGdMTo9+lQHiNRuPdZ5J
hL0a6T8T89GiSOxQj8zzNYYnSMrDGEBsMS1cvBhuO7J2LzO+TTAzcP7wVl1dotoH
ODgLOsiW/LAAHJeZnP+qrQMXTl4Q+mxYLW2msTuSNSLSxY6IWU344FqTMtw1VN/G
rsc23KA2kc96P2DPzTF90IO3HNQfq0g65x83rRZb6TBHpwti9iVXTcnb7+jDrmd4
2K9AJyTWLWwB4RZVcjJAi+DXQidh2DSRvHia6Gtz1sIz93i3lVV+GuAU6JmmchSp
6AWxkcpQ6JpVsVy3DsXsfR1+09ysWdF/
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:10 2024 by rpki-client on console-ams.rpki-client.org