Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/865B9F48C0D511EE842CD0BD775412E6.roa
File: 865B9F48C0D511EE842CD0BD775412E6.roa (raw, json)
Hash identifier: LOZEEhvqZAXSTVaJ4MpYMFljlPu8Nb5YcYObH2d3daE=
Subject key identifier: 18:0D:7B:9A:A0:79:18:0A:19:88:CB:B1:77:5E:E8:A7:9E:68:C6:67
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 8254
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/865B9F48C0D511EE842CD0BD775412E6.roa
Signing time: Thu 01 Feb 2024 07:43:01 +0000
ROA not before: Thu 01 Feb 2024 07:42:58 +0000
ROA not after: Mon 03 Feb 2025 07:42:58 +0000
asID: 40065
IP address blocks: 154.194.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33364 (0x8254)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 1 07:42:58 2024 GMT
Not After : Feb 3 07:42:58 2025 GMT
Subject: CN=65bb4b85-b896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d8:8f:8c:0f:1c:83:a3:98:85:7a:15:75:b9:
46:c4:6e:ad:c3:91:c3:01:3f:70:fb:3c:88:9b:47:
1f:07:61:28:d1:f9:d7:c1:d0:67:91:2e:27:26:d9:
f2:ba:7b:05:2e:77:17:f4:ae:01:4c:77:16:35:d5:
93:02:aa:f1:b2:9c:03:a1:48:fb:1b:57:3f:66:39:
79:1d:16:ea:78:3d:87:38:16:62:88:e3:5f:f9:95:
c6:ea:ac:5b:9d:4f:05:c0:40:b7:45:0d:01:28:15:
f7:ae:ef:ba:98:77:fd:f0:8c:0b:3f:0c:c9:f5:e4:
09:c9:cd:7a:77:6b:56:82:5c:01:c2:34:ea:50:91:
53:58:2b:0e:4a:17:b7:59:49:af:2a:8c:bd:63:08:
36:08:5e:c4:a0:0c:95:d2:e6:df:a2:01:46:99:ed:
e8:4b:fa:d4:e6:9e:6c:f0:63:b9:a7:6c:ba:c9:26:
80:ff:e8:96:57:b4:d6:99:6f:60:8e:39:96:13:fe:
2e:b8:cf:29:9d:04:ff:86:b9:d7:0f:74:aa:03:7b:
b1:c6:1a:6a:58:41:e3:16:3e:c3:df:11:cc:42:59:
5a:b5:e7:a5:ba:cd:32:3a:b4:f5:d3:e1:ba:13:76:
83:16:54:53:59:40:83:cf:0e:a6:51:05:fe:f0:17:
03:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:0D:7B:9A:A0:79:18:0A:19:88:CB:B1:77:5E:E8:A7:9E:68:C6:67
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/865B9F48C0D511EE842CD0BD775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.64.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:5e:ca:e9:df:f3:5f:b6:74:59:a6:2d:f9:44:17:ac:2b:85:
28:e0:4e:70:ae:80:41:f0:35:d1:03:ef:bd:3c:84:c4:4e:f4:
e5:26:70:91:28:bb:ca:74:9f:8b:8d:d6:6e:e2:c8:39:13:1d:
6e:35:65:39:ca:b3:bf:63:3b:43:9d:ab:21:1d:56:25:37:76:
90:9c:42:d2:a1:08:66:01:3f:fb:a3:04:21:d7:ef:99:1a:1b:
9a:05:43:1f:9e:82:a2:3d:c7:0b:9b:92:b4:27:69:1f:37:16:
78:dc:bc:bf:1b:b9:55:c6:f7:bd:e5:85:9a:03:4c:40:71:9a:
ec:c3:0e:71:fd:f5:2c:56:04:a4:27:63:ce:81:c3:fe:2e:67:
10:43:b6:8d:29:bb:22:27:ac:4e:7a:f7:87:ab:16:ba:5f:3f:
57:aa:20:94:b5:e1:e2:11:a2:f9:6e:0a:31:d1:5f:ca:eb:d2:
28:44:dd:b5:6e:45:2d:48:a7:35:e3:54:63:49:cb:b6:f5:67:
80:3e:32:eb:b4:23:db:f1:0e:57:f4:bf:55:09:4f:81:09:6f:
13:1f:4e:01:9b:5b:a9:7f:6e:63:fc:9a:3f:e9:fa:9c:5d:79:
d4:64:ec:f6:20:03:0c:bc:95:15:45:9a:4e:74:e4:e2:4c:1b:
b3:b2:52:fb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIJUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjAxMDc0MjU4WhcNMjUwMjAzMDc0MjU4WjAYMRYw
FAYDVQQDEw02NWJiNGI4NS1iODk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqtiPjA8cg6OYhXoVdblGxG6tw5HDAT9w+zyIm0cfB2Eo0fnXwdBnkS4n
JtnyunsFLncX9K4BTHcWNdWTAqrxspwDoUj7G1c/Zjl5HRbqeD2HOBZiiONf+ZXG
6qxbnU8FwEC3RQ0BKBX3ru+6mHf98IwLPwzJ9eQJyc16d2tWglwBwjTqUJFTWCsO
She3WUmvKoy9Ywg2CF7EoAyV0ubfogFGme3oS/rU5p5s8GO5p2y6ySaA/+iWV7TW
mW9gjjmWE/4uuM8pnQT/hrnXD3SqA3uxxhpqWEHjFj7D3xHMQllateelus0yOrT1
0+G6E3aDFlRTWUCDzw6mUQX+8BcDAQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBgN
e5qgeRgKGYjLsXde6KeeaMZnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NjVCOUY0OEMwRDUxMUVFODQyQ0QwQkQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsJAMA0GCSqGSIb3DQEB
CwUAA4IBAQA9Xsrp3/NftnRZpi35RBesK4Uo4E5wroBB8DXRA++9PITETvTlJnCR
KLvKdJ+LjdZu4sg5Ex1uNWU5yrO/YztDnashHVYlN3aQnELSoQhmAT/7owQh1++Z
GhuaBUMfnoKiPccLm5K0J2kfNxZ43Ly/G7lVxve95YWaA0xAcZrsww5x/fUsVgSk
J2POgcP+LmcQQ7aNKbsiJ6xOeveHqxa6Xz9XqiCUteHiEaL5bgox0V/K69IoRN21
bkUtSKc141RjScu29WeAPjLrtCPb8Q5X9L9VCU+BCW8TH04Bm1upf25j/Jo/6fqc
XXnUZOz2IAMMvJUVRZpOdOTiTBuzslL7
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:37 2024 by rpki-client on console-fra.rpki-client.org