Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84C3E76E7B1D11EF94EC2A87762E951A.roa
File: 84C3E76E7B1D11EF94EC2A87762E951A.roa (raw, json)
Hash identifier: AiftvKYFfvIAMWokxbquAziIt03oqgURMmukLrifkLw=
Subject key identifier: CC:79:05:AC:CA:F3:3D:10:F0:E3:6C:FB:7E:8D:E1:19:1C:EC:7B:07
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: F320
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84C3E76E7B1D11EF94EC2A87762E951A.roa
Signing time: Wed 25 Sep 2024 09:06:59 +0000
ROA not before: Wed 25 Sep 2024 09:06:55 +0000
ROA not after: Wed 18 Dec 2024 09:06:55 +0000
asID: 328608
IP address blocks: 154.214.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62240 (0xf320)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 25 09:06:55 2024 GMT
Not After : Dec 18 09:06:55 2024 GMT
Subject: CN=66f3d2b2-d3d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:13:92:35:4f:f1:fe:7a:b6:56:78:c1:13:47:
7c:fe:45:86:b3:58:bb:88:38:65:5e:de:81:24:31:
99:66:b3:53:19:39:1b:4c:71:b5:39:23:40:13:2d:
f6:ac:60:e2:6b:cd:77:a4:32:d9:13:f2:e4:b8:5e:
ec:2d:b4:24:af:c1:4a:c9:d5:b7:70:52:7f:a6:53:
02:3f:40:f6:cb:d7:ec:88:3b:a3:c5:a2:73:d2:bb:
9a:73:cf:52:68:07:54:e3:ae:55:bb:87:58:a5:66:
9e:84:54:a3:7f:06:20:0e:77:94:46:fe:15:e7:80:
ec:fa:c7:c6:94:38:a3:91:93:f9:25:3d:52:5e:4f:
ec:ff:14:13:ed:3a:af:55:f3:1c:f7:da:12:fe:fd:
2e:19:71:d6:c3:4a:68:60:28:48:d3:7c:e9:bf:37:
02:27:b8:35:94:5e:1b:c8:0a:26:8b:f3:ee:0c:dc:
1b:d9:ca:b7:30:4a:d9:f0:75:a6:13:d7:c9:26:7c:
15:5f:25:6b:83:78:7b:a3:be:76:e3:a0:9d:44:ba:
da:dd:5c:67:e4:41:d5:10:02:e8:02:cc:1f:fb:d0:
6e:44:1c:88:87:b1:9b:7c:9a:07:59:e7:4e:a6:de:
0b:92:4d:34:93:46:8f:4e:64:73:db:6d:c1:67:e1:
8e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:79:05:AC:CA:F3:3D:10:F0:E3:6C:FB:7E:8D:E1:19:1C:EC:7B:07
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/84C3E76E7B1D11EF94EC2A87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.214.212.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:01:9d:ea:0f:c7:c2:c3:c9:c6:bc:42:ff:43:44:9f:93:79:
12:6f:c6:47:4b:5c:c1:29:fe:5d:ff:bb:b5:de:6b:b5:b1:01:
f5:6a:21:0a:9e:ce:5c:39:0a:ab:ad:85:01:1d:02:69:aa:36:
12:e5:34:7c:cf:e1:a5:a3:9d:d7:87:a5:f6:9e:fe:50:6c:d9:
12:4c:ed:70:10:23:a5:10:23:44:e7:eb:1a:12:37:a3:3c:d7:
0b:eb:45:ab:1e:f7:95:27:9a:67:d7:d5:af:77:d0:34:41:1f:
ff:14:0e:41:67:ec:d1:07:79:27:83:2a:5e:35:53:e5:7f:db:
88:97:d5:ba:06:a3:50:1f:f8:a0:54:a1:80:a0:81:b5:64:1c:
56:b8:31:e4:6a:40:25:dd:22:df:0a:0f:de:f3:31:c0:6b:3b:
39:50:5f:4e:ca:21:bf:8c:7f:05:92:60:ef:68:dd:cf:7d:e5:
47:61:35:cb:0a:ed:3c:c6:f3:7b:b2:43:c7:37:de:f8:75:79:
4b:c6:44:24:f6:a9:b0:a4:bc:25:e0:4c:16:4f:a7:c3:1f:3d:
3f:67:d2:a2:9f:e9:5a:17:0c:fd:e0:ae:dc:6a:8e:32:ec:8c:
f2:07:3b:9b:3b:fd:0e:fb:43:02:96:2f:09:4d:be:bc:96:82:
32:f2:1d:5f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAPMgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTI1MDkwNjU1WhcNMjQxMjE4MDkwNjU1WjAYMRYw
FAYDVQQDEw02NmYzZDJiMi1kM2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvxOSNU/x/nq2VnjBE0d8/kWGs1i7iDhlXt6BJDGZZrNTGTkbTHG1OSNA
Ey32rGDia813pDLZE/LkuF7sLbQkr8FKydW3cFJ/plMCP0D2y9fsiDujxaJz0rua
c89SaAdU465Vu4dYpWaehFSjfwYgDneURv4V54Ds+sfGlDijkZP5JT1SXk/s/xQT
7TqvVfMc99oS/v0uGXHWw0poYChI03zpvzcCJ7g1lF4byAomi/PuDNwb2cq3MErZ
8HWmE9fJJnwVXyVrg3h7o75246CdRLra3Vxn5EHVEALoAswf+9BuRByIh7GbfJoH
WedOpt4Lkk00k0aPTmRz223BZ+GO0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMx5
BazK8z0Q8ONs+36N4Rkc7HsHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NEMzRTc2RTdCMUQxMUVGOTRFQzJBODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtbUMA0GCSqGSIb3DQEB
CwUAA4IBAQCpAZ3qD8fCw8nGvEL/Q0Sfk3kSb8ZHS1zBKf5d/7u13mu1sQH1aiEK
ns5cOQqrrYUBHQJpqjYS5TR8z+Glo53Xh6X2nv5QbNkSTO1wECOlECNE5+saEjej
PNcL60WrHveVJ5pn19Wvd9A0QR//FA5BZ+zRB3kngypeNVPlf9uIl9W6BqNQH/ig
VKGAoIG1ZBxWuDHkakAl3SLfCg/e8zHAazs5UF9OyiG/jH8FkmDvaN3PfeVHYTXL
Cu08xvN7skPHN974dXlLxkQk9qmwpLwl4EwWT6fDHz0/Z9Kin+laFwz94K7cao4y
7IzyBzubO/0O+0MCli8JTb68loIy8h1f
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:13 2024 by rpki-client on console-fra.rpki-client.org