Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86D8C16AA8EE11EFB80A3852762E951A.roa
File: 86D8C16AA8EE11EFB80A3852762E951A.roa (raw, json)
Hash identifier: U7HoBeUvBwqOgx7kHqLSSDWEPnRQyIAG2q91zWxE36I=
Subject key identifier: 2C:CD:44:2D:45:56:41:26:0A:3D:12:3B:43:19:E9:A5:44:24:B3:8F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011135
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86D8C16AA8EE11EFB80A3852762E951A.roa
Signing time: Fri 22 Nov 2024 16:26:29 +0000
ROA not before: Fri 22 Nov 2024 16:26:25 +0000
ROA not after: Tue 03 Dec 2024 16:26:25 +0000
asID: 62240
IP address blocks: 154.195.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69941 (0x11135)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 16:26:25 2024 GMT
Not After : Dec 3 16:26:25 2024 GMT
Subject: CN=6740b0b5-b1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:57:ba:39:3c:26:52:c0:3f:b7:b6:ee:cc:f5:
8b:ec:5d:ef:8b:8b:c7:5e:e8:ab:66:68:fb:6f:44:
50:5e:cf:87:39:f9:21:c2:af:61:e9:85:9d:74:83:
e3:10:49:1f:35:ab:bc:2e:8b:37:82:4e:7a:74:34:
38:78:14:33:fc:65:41:d6:b8:e0:69:2e:83:68:f4:
00:c5:e2:d5:9e:39:a0:7d:8d:2f:96:15:a2:f1:0a:
30:f9:75:5b:47:b7:2f:93:a5:4f:37:fc:64:ea:67:
27:1e:6a:42:4f:64:6b:c1:e5:6b:b2:f8:c6:f0:4a:
4e:8c:7d:7c:d1:a9:83:72:ab:18:49:66:50:8c:62:
95:1a:c6:52:e0:df:bf:6c:ad:ae:ab:25:5d:85:89:
a8:95:cb:c0:d3:68:02:40:39:52:ac:97:32:0b:4e:
c2:2d:d2:d5:7a:b3:af:26:bb:52:1e:2b:d6:46:25:
5d:7a:ef:73:3e:56:41:92:81:2a:1e:0e:aa:18:39:
b0:2a:2a:ee:cf:73:14:4b:01:86:48:97:8d:f5:01:
9f:8b:db:bd:df:01:46:17:10:1e:fa:37:93:8f:c5:
2d:fb:f1:7f:87:88:9a:47:36:6d:34:7b:0c:8c:3c:
20:b2:b9:6e:bf:e6:df:a1:e0:a6:a1:c6:e4:b4:f4:
11:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CD:44:2D:45:56:41:26:0A:3D:12:3B:43:19:E9:A5:44:24:B3:8F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/86D8C16AA8EE11EFB80A3852762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.149.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:b2:a3:72:a4:da:b3:08:71:f0:cd:02:90:ba:2c:f2:07:37:
ec:cf:87:73:a5:db:cb:37:cc:42:b1:b3:a1:6c:6b:a2:76:80:
1d:57:ae:e2:9e:85:14:05:e5:6a:ae:14:a1:94:1d:61:63:ca:
86:d4:49:44:1b:ba:00:6f:69:17:73:37:35:83:6a:0c:1d:b6:
72:c8:3e:68:3b:e0:0c:84:b8:4f:fa:23:25:17:90:71:46:94:
4f:af:0f:f9:c9:f3:f1:af:0c:87:71:79:0e:a0:89:b0:1b:32:
03:aa:21:ad:99:76:8f:d0:e5:fe:2f:d6:a3:05:0d:8a:34:fb:
c3:76:f3:ce:04:90:be:2c:3a:7f:27:db:0f:08:ee:f0:1a:20:
2d:de:fd:c7:46:42:3d:ea:71:e2:d6:9b:86:62:04:27:a8:b6:
d4:d9:1a:e6:09:10:16:fc:22:ea:b5:3f:08:70:a4:fa:62:4a:
57:82:13:7a:15:4f:46:f8:9b:66:6a:db:00:24:59:ef:2b:44:
bc:a5:03:c9:12:af:0e:f0:32:ec:e8:70:92:44:6c:86:23:10:
c5:ec:b8:e3:fc:58:c2:84:f9:b6:1b:57:27:cc:dc:fe:a4:6b:
0e:07:90:38:de:3b:54:3d:ec:0f:cf:6e:60:b5:fa:48:ae:ca:
22:c9:bd:11
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARE1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTYyNjI1WhcNMjQxMjAzMTYyNjI1WjAYMRYw
FAYDVQQDEw02NzQwYjBiNS1iMWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4Fe6OTwmUsA/t7buzPWL7F3vi4vHXuirZmj7b0RQXs+HOfkhwq9h6YWd
dIPjEEkfNau8Los3gk56dDQ4eBQz/GVB1rjgaS6DaPQAxeLVnjmgfY0vlhWi8Qow
+XVbR7cvk6VPN/xk6mcnHmpCT2RrweVrsvjG8EpOjH180amDcqsYSWZQjGKVGsZS
4N+/bK2uqyVdhYmolcvA02gCQDlSrJcyC07CLdLVerOvJrtSHivWRiVdeu9zPlZB
koEqHg6qGDmwKiruz3MUSwGGSJeN9QGfi9u93wFGFxAe+jeTj8Ut+/F/h4iaRzZt
NHsMjDwgsrluv+bfoeCmocbktPQRlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCzN
RC1FVkEmCj0SO0MZ6aVEJLOPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NkQ4QzE2QUE4RUUxMUVGQjgwQTM4NTI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOVMA0GCSqGSIb3DQEB
CwUAA4IBAQBOsqNypNqzCHHwzQKQuizyBzfsz4dzpdvLN8xCsbOhbGuidoAdV67i
noUUBeVqrhShlB1hY8qG1ElEG7oAb2kXczc1g2oMHbZyyD5oO+AMhLhP+iMlF5Bx
RpRPrw/5yfPxrwyHcXkOoImwGzIDqiGtmXaP0OX+L9ajBQ2KNPvDdvPOBJC+LDp/
J9sPCO7wGiAt3v3HRkI96nHi1puGYgQnqLbU2RrmCRAW/CLqtT8IcKT6YkpXghN6
FU9G+JtmatsAJFnvK0S8pQPJEq8O8DLs6HCSRGyGIxDF7Ljj/FjChPm2G1cnzNz+
pGsOB5A43jtUPewPz25gtfpIrsoiyb0R
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:21 2024 by rpki-client on console-ams.rpki-client.org