Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E367DAE9B6F11EFA48EC6B7762E951A.roa
File: 7E367DAE9B6F11EFA48EC6B7762E951A.roa (raw, json)
Hash identifier: uso02wtWNZ/aQvj58BPxd/Hwqh1Abk5Jm6zy4PiQAtM=
Subject key identifier: 32:32:E4:0B:0C:CE:E0:DD:0A:39:0C:C8:C7:D3:63:1C:9D:69:64:DE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107A5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E367DAE9B6F11EFA48EC6B7762E951A.roa
Signing time: Tue 05 Nov 2024 12:14:23 +0000
ROA not before: Tue 05 Nov 2024 12:14:20 +0000
ROA not after: Mon 13 Jan 2025 12:14:20 +0000
asID: 5065
IP address blocks: 154.85.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 08:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67493 (0x107a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 5 12:14:20 2024 GMT
Not After : Jan 13 12:14:20 2025 GMT
Subject: CN=672a0c1f-b4be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:66:c2:20:ca:7c:89:7a:94:62:7c:16:f8:23:
48:1d:ef:2c:f4:ed:f2:af:1c:58:31:55:ff:63:c1:
1c:38:f0:29:4a:d0:76:e2:9a:ab:d1:36:3f:4d:5e:
73:69:c9:1a:8f:5b:75:66:91:e5:8c:b6:65:c8:40:
fe:ae:a9:95:3b:e9:12:87:47:9b:f1:9c:65:ac:4b:
28:10:8c:52:70:40:00:85:7c:43:c8:62:6e:c7:7d:
e4:82:93:55:43:32:fd:3c:e2:8f:31:07:24:06:33:
7c:57:c4:de:9c:9e:e9:74:85:65:81:73:8c:20:bc:
f6:7c:5c:48:18:a4:ee:3d:cf:08:e4:bd:6b:6f:ec:
6e:99:76:da:ad:18:f8:1a:92:36:59:c8:ab:39:b9:
07:4c:58:48:33:fb:b8:bc:6a:5f:a0:f3:68:83:dd:
90:4d:d6:c9:e5:3d:59:48:8e:17:d2:44:ad:90:39:
3e:06:5e:72:32:28:23:5e:8e:08:9d:1a:ca:02:ea:
f6:b8:8b:4e:5b:bc:51:da:ec:42:2d:0b:d6:b2:5d:
be:a4:dd:f1:b9:01:9d:a8:fa:8d:fc:48:0b:d4:37:
ef:c9:e7:a8:5b:c1:4d:f4:f6:cc:74:e3:a0:11:e7:
e5:73:41:05:6b:f9:22:3f:2a:75:f9:8d:19:e3:7f:
f0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:32:E4:0B:0C:CE:E0:DD:0A:39:0C:C8:C7:D3:63:1C:9D:69:64:DE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E367DAE9B6F11EFA48EC6B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.120.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:7a:4c:dc:7b:d1:01:51:9c:8d:2b:9a:21:45:20:28:3d:ad:
8f:5f:e0:98:76:86:40:5b:d9:63:49:b8:0b:16:b1:b7:7e:ce:
22:0d:4d:46:dd:8d:b7:ea:42:d9:36:a0:2e:12:83:9d:bc:05:
46:34:cc:2c:b4:7a:c2:71:fc:f9:88:22:15:35:a9:eb:d3:ed:
6a:cf:c8:d3:77:a8:eb:5d:e3:49:ed:8f:b4:bf:d6:88:6c:21:
44:55:fa:e3:ab:97:57:6e:bd:92:68:67:3d:eb:38:fd:78:02:
53:62:c3:ab:8b:fd:55:4c:49:4f:4a:34:d7:9a:3a:de:e6:9c:
c3:b2:49:74:b3:fa:90:6d:aa:ea:9f:63:f7:15:a4:f8:13:18:
62:54:25:7e:6d:a1:17:64:55:9f:7c:73:8d:43:2e:b0:3a:55:
6d:e1:1c:ea:a4:c4:37:bd:02:63:c2:d0:62:9e:db:a0:34:18:
53:8b:1a:a6:77:d4:51:5c:1d:36:46:a7:6d:48:ec:c1:0e:c8:
6e:9b:29:13:01:29:72:8b:40:ae:d9:fa:23:ca:4b:a1:c9:16:
f2:87:79:b1:73:13:a5:ca:10:12:b4:ce:ba:de:f5:e2:af:44:
ac:83:8a:74:79:5a:2f:6c:82:6a:7f:2c:4d:93:e4:82:cb:56:
ca:fc:50:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQelMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTIxNDIwWhcNMjUwMTEzMTIxNDIwWjAYMRYw
FAYDVQQDEw02NzJhMGMxZi1iNGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtGbCIMp8iXqUYnwW+CNIHe8s9O3yrxxYMVX/Y8EcOPApStB24pqr0TY/
TV5zackaj1t1ZpHljLZlyED+rqmVO+kSh0eb8ZxlrEsoEIxScEAAhXxDyGJux33k
gpNVQzL9POKPMQckBjN8V8TenJ7pdIVlgXOMILz2fFxIGKTuPc8I5L1rb+xumXba
rRj4GpI2WcirObkHTFhIM/u4vGpfoPNog92QTdbJ5T1ZSI4X0kStkDk+Bl5yMigj
Xo4InRrKAur2uItOW7xR2uxCLQvWsl2+pN3xuQGdqPqN/EgL1DfvyeeoW8FN9PbM
dOOgEeflc0EFa/kiPyp1+Y0Z43/w9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDIy
5AsMzuDdCjkMyMfTYxydaWTeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RTM2N0RBRTlCNkYxMUVGQTQ4RUM2Qjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmlV4MA0GCSqGSIb3DQEB
CwUAA4IBAQCsekzce9EBUZyNK5ohRSAoPa2PX+CYdoZAW9ljSbgLFrG3fs4iDU1G
3Y236kLZNqAuEoOdvAVGNMwstHrCcfz5iCIVNanr0+1qz8jTd6jrXeNJ7Y+0v9aI
bCFEVfrjq5dXbr2SaGc96zj9eAJTYsOri/1VTElPSjTXmjre5pzDskl0s/qQbarq
n2P3FaT4ExhiVCV+baEXZFWffHONQy6wOlVt4RzqpMQ3vQJjwtBintugNBhTixqm
d9RRXB02RqdtSOzBDshumykTASlyi0Cu2fojykuhyRbyh3mxcxOlyhAStM663vXi
r0Ssg4p0eVovbIJqfyxNk+SCy1bK/FC0
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:09:46 2024 by rpki-client on console-ams.rpki-client.org