Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/838D8D7AA8E811EF9E8B96AB762E951A.roa
File: 838D8D7AA8E811EF9E8B96AB762E951A.roa (raw, json)
Hash identifier: RTmZOLvujmnJyEfzxgXT74qvzT7X3R5q4BgxnA5Omc4=
Subject key identifier: 7B:3A:DC:E1:D2:B5:E1:E8:56:0F:6D:53:68:30:6B:35:12:79:CA:36
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0110ED
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/838D8D7AA8E811EF9E8B96AB762E951A.roa
Signing time: Fri 22 Nov 2024 15:43:26 +0000
ROA not before: Fri 22 Nov 2024 15:43:23 +0000
ROA not after: Tue 03 Dec 2024 15:43:23 +0000
asID: 62240
IP address blocks: 154.194.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69869 (0x110ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 15:43:23 2024 GMT
Not After : Dec 3 15:43:23 2024 GMT
Subject: CN=6740a69e-a70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:17:b5:39:d4:fc:75:76:32:24:b4:7a:b7:7b:
6e:6e:d4:bb:58:f4:ea:6c:22:53:8a:27:88:d6:a4:
71:37:d8:67:67:5a:ac:27:fe:48:a7:61:2e:04:86:
4b:54:80:78:15:21:a2:1d:22:6c:14:3c:9c:bc:d8:
dd:01:82:21:18:10:18:06:ab:c4:25:78:08:c2:77:
27:a7:71:53:48:86:8a:11:53:dc:99:ba:5d:82:1f:
fd:2a:17:35:3d:eb:2f:05:e8:5b:8d:fd:77:97:24:
80:60:8d:b7:94:f1:59:46:1d:da:9f:7a:2a:2f:ff:
17:30:54:60:1e:6c:d4:97:85:5f:50:e7:d9:1b:a3:
a5:6d:97:67:19:6e:09:9a:6a:c2:f0:ea:f3:c3:8d:
0b:2d:5d:6c:c0:17:26:82:e5:8d:70:03:6b:20:a4:
d9:9e:dd:d2:ff:82:2a:0e:cc:ed:91:56:3d:04:b1:
02:99:eb:d5:74:e9:6b:f7:87:04:43:0c:66:3c:d0:
c5:b7:58:77:4a:5e:01:ff:ee:86:0c:97:72:57:03:
23:df:fe:c6:d8:56:22:e8:13:fb:ef:6e:ac:b5:72:
3e:92:7a:be:cc:1e:e1:da:54:f0:2b:b6:a7:07:ec:
70:13:0c:5d:45:34:13:23:7b:e3:03:fc:de:8d:5d:
1d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:3A:DC:E1:D2:B5:E1:E8:56:0F:6D:53:68:30:6B:35:12:79:CA:36
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/838D8D7AA8E811EF9E8B96AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.119.0/24
Signature Algorithm: sha256WithRSAEncryption
55:db:72:e7:9d:d6:dd:bb:57:c4:b0:e1:31:cb:c3:88:9d:85:
0b:59:ae:49:b3:dc:4c:1a:c2:a2:9c:05:b8:8c:2f:56:d7:5f:
06:6e:40:16:b3:6e:5a:b3:34:e5:fc:03:90:a4:35:42:3b:5b:
61:5a:e6:d6:81:f7:29:fa:45:96:18:41:36:8b:d8:d0:8e:3d:
85:62:4b:42:c9:ff:8d:6c:f8:62:76:47:30:ba:fa:f0:0d:6b:
a2:9b:95:b2:67:5c:96:1f:2d:6d:fb:de:34:a3:eb:e8:f1:9b:
6b:90:47:c0:63:82:99:08:9e:d5:21:20:34:0b:f9:15:3e:c3:
31:18:f3:36:07:83:d4:88:f5:47:c7:ca:60:36:1f:47:09:32:
06:6e:f5:e9:cf:72:91:8c:e2:24:f1:4a:bf:48:31:d4:e5:42:
09:cd:4b:c7:f2:89:1a:56:b1:44:cb:14:40:3c:0c:7a:16:aa:
26:78:bc:75:70:0b:ff:73:44:dc:bf:13:c2:42:ae:d4:6a:4d:
01:55:04:44:4a:b9:1c:20:68:fa:b3:ad:fc:7b:44:d6:83:80:
2e:d1:68:ff:25:f6:fe:65:a7:9e:9f:44:61:08:a0:bd:57:63:
d9:f7:7d:09:06:fe:9c:42:4e:50:f3:7d:26:7a:88:19:ab:70:
bd:74:4c:ff
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARDtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTU0MzIzWhcNMjQxMjAzMTU0MzIzWjAYMRYw
FAYDVQQDEw02NzQwYTY5ZS1hNzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArBe1OdT8dXYyJLR6t3tubtS7WPTqbCJTiieI1qRxN9hnZ1qsJ/5Ip2Eu
BIZLVIB4FSGiHSJsFDycvNjdAYIhGBAYBqvEJXgIwncnp3FTSIaKEVPcmbpdgh/9
Khc1PesvBehbjf13lySAYI23lPFZRh3an3oqL/8XMFRgHmzUl4VfUOfZG6OlbZdn
GW4JmmrC8Orzw40LLV1swBcmguWNcANrIKTZnt3S/4IqDsztkVY9BLECmevVdOlr
94cEQwxmPNDFt1h3Sl4B/+6GDJdyVwMj3/7G2FYi6BP7726stXI+knq+zB7h2lTw
K7anB+xwEwxdRTQTI3vjA/zejV0dqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHs6
3OHSteHoVg9tU2gwazUSeco2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MzhEOEQ3QUE4RTgxMUVGOUU4Qjk2QUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsJ3MA0GCSqGSIb3DQEB
CwUAA4IBAQBV23Lnndbdu1fEsOExy8OInYULWa5Js9xMGsKinAW4jC9W118GbkAW
s25aszTl/AOQpDVCO1thWubWgfcp+kWWGEE2i9jQjj2FYktCyf+NbPhidkcwuvrw
DWuim5WyZ1yWHy1t+940o+vo8ZtrkEfAY4KZCJ7VISA0C/kVPsMxGPM2B4PUiPVH
x8pgNh9HCTIGbvXpz3KRjOIk8Uq/SDHU5UIJzUvH8okaVrFEyxRAPAx6FqomeLx1
cAv/c0TcvxPCQq7Uak0BVQRESrkcIGj6s638e0TWg4Au0Wj/Jfb+Zaeen0RhCKC9
V2PZ930JBv6cQk5Q830meogZq3C9dEz/
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:20 2024 by rpki-client on console-ams.rpki-client.org