Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7CD2B1A4952E11EF8DB20943762E951A.roa
File: 7CD2B1A4952E11EF8DB20943762E951A.roa (raw, json)
Hash identifier: 8EaEnlmMgOYLADDphFR3neU33GZA5LVQu+/yruJBTlQ=
Subject key identifier: B9:BF:97:0B:B1:98:B2:75:D4:60:93:D9:0E:E6:CB:3C:CA:6D:00:FC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0102D1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7CD2B1A4952E11EF8DB20943762E951A.roa
Signing time: Mon 28 Oct 2024 13:13:57 +0000
ROA not before: Mon 28 Oct 2024 13:13:53 +0000
ROA not after: Sat 30 Nov 2024 13:13:53 +0000
asID: 203020
IP address blocks: 154.200.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66257 (0x102d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 28 13:13:53 2024 GMT
Not After : Nov 30 13:13:53 2024 GMT
Subject: CN=671f8e15-23cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ce:c1:a8:05:af:7b:f6:62:97:49:3f:e9:56:
85:be:a9:43:f6:f7:5f:39:5e:e6:08:fa:6c:66:f5:
ed:e5:28:f4:53:ff:5b:76:5b:28:49:5a:7f:c6:82:
e3:8c:61:e0:d4:5c:80:09:c2:f3:b4:21:81:9e:2e:
cf:76:40:4e:2e:e4:f6:23:d4:d1:ef:fb:61:a1:24:
6f:e0:7b:69:4c:e8:cc:01:07:5f:85:22:8e:04:24:
43:57:45:22:83:4c:49:f2:00:99:72:20:40:d5:b9:
cd:52:f3:3b:95:f6:af:48:8a:1e:c7:b4:2d:96:51:
f5:b2:80:f2:e3:63:53:94:8f:ec:6a:06:38:5d:b4:
d4:05:2a:1a:f3:b3:8a:5c:b7:5a:9a:2e:b7:2b:c6:
7c:01:e4:3a:a6:e6:a2:70:7e:3e:26:b3:75:a1:7b:
7d:ba:87:ce:d6:6e:3c:bc:a0:5c:0b:4d:97:9b:37:
ae:f1:d2:3f:88:8b:6b:2f:f1:99:b8:e5:5a:33:87:
6d:1f:c6:70:85:4a:8c:4e:7f:7c:b3:ae:65:2a:ba:
c7:8d:a9:6d:36:ea:8c:59:88:75:0a:ba:6f:33:39:
89:52:6e:b9:1a:79:d8:ae:ca:48:65:9d:68:dd:ea:
c7:0c:08:3e:4c:c9:1e:0e:59:24:a8:42:30:5e:2b:
55:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:BF:97:0B:B1:98:B2:75:D4:60:93:D9:0E:E6:CB:3C:CA:6D:00:FC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7CD2B1A4952E11EF8DB20943762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.220.0/24
Signature Algorithm: sha256WithRSAEncryption
65:05:85:ff:5f:e3:2a:cb:77:fa:f3:e4:e9:f9:1a:ad:6c:a9:
66:b0:a0:1f:01:e8:4b:2b:09:f6:28:06:af:b2:83:79:7c:dc:
2b:11:ed:40:9d:c1:77:8b:05:04:2e:00:fe:ef:1c:6f:da:a9:
2a:63:e2:fc:c8:1f:f8:38:a8:78:76:da:f7:ff:d9:f7:78:69:
09:94:10:49:5c:db:53:70:40:51:cc:ab:40:42:fc:c6:5f:18:
96:ac:be:79:d1:68:eb:be:c9:64:d4:5d:5f:9a:a5:f7:02:a0:
96:10:34:ce:29:e0:12:1c:06:1d:51:a9:9a:42:71:2c:98:99:
75:7a:52:e8:08:25:cb:81:0b:c3:68:49:c7:ab:0c:58:5d:df:
6d:fb:e2:8b:dd:ff:d9:aa:05:d9:8c:a9:f9:1b:39:dc:da:f6:
25:44:44:12:56:7a:42:c8:14:0e:09:b9:c3:fa:49:0e:64:97:
c0:a6:51:fe:29:38:dc:55:6a:df:c1:f5:2d:da:44:04:9c:41:
18:15:9c:4e:a2:ec:4a:a6:c5:63:83:4b:69:a5:56:b4:cb:b1:
e2:d7:0e:59:7c:3e:1f:14:b9:42:5c:78:ce:af:2f:0e:a1:15:
f5:16:98:1e:c9:b2:90:52:e3:cf:71:e8:45:97:81:a0:8c:80:
77:1f:59:e5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQLRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDI4MTMxMzUzWhcNMjQxMTMwMTMxMzUzWjAYMRYw
FAYDVQQDEw02NzFmOGUxNS0yM2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwc7BqAWve/Zil0k/6VaFvqlD9vdfOV7mCPpsZvXt5Sj0U/9bdlsoSVp/
xoLjjGHg1FyACcLztCGBni7PdkBOLuT2I9TR7/thoSRv4HtpTOjMAQdfhSKOBCRD
V0Uig0xJ8gCZciBA1bnNUvM7lfavSIoex7QtllH1soDy42NTlI/sagY4XbTUBSoa
87OKXLdami63K8Z8AeQ6puaicH4+JrN1oXt9uofO1m48vKBcC02Xmzeu8dI/iItr
L/GZuOVaM4dtH8ZwhUqMTn98s65lKrrHjaltNuqMWYh1CrpvMzmJUm65GnnYrspI
ZZ1o3erHDAg+TMkeDlkkqEIwXitV8QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLm/
lwuxmLJ11GCT2Q7myzzKbQD8MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83Q0QyQjFBNDk1MkUxMUVGOERCMjA5NDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjcMA0GCSqGSIb3DQEB
CwUAA4IBAQBlBYX/X+Mqy3f68+Tp+RqtbKlmsKAfAehLKwn2KAavsoN5fNwrEe1A
ncF3iwUELgD+7xxv2qkqY+L8yB/4OKh4dtr3/9n3eGkJlBBJXNtTcEBRzKtAQvzG
XxiWrL550Wjrvslk1F1fmqX3AqCWEDTOKeASHAYdUamaQnEsmJl1elLoCCXLgQvD
aEnHqwxYXd9t++KL3f/ZqgXZjKn5Gznc2vYlREQSVnpCyBQOCbnD+kkOZJfAplH+
KTjcVWrfwfUt2kQEnEEYFZxOouxKpsVjg0tppVa0y7Hi1w5ZfD4fFLlCXHjOry8O
oRX1FpgeybKQUuPPcehFl4GgjIB3H1nl
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:12 2024 by rpki-client on console-fra.rpki-client.org