Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87CDCA6C9D1711EF89609AAA762E951A.roa
File: 87CDCA6C9D1711EF89609AAA762E951A.roa (raw, json)
Hash identifier: tsrILLb5d2pbiXVPjSrn7hrzq++9bQxUIr457XaAj94=
Subject key identifier: 6F:10:AF:64:EE:1B:6E:F4:F7:A1:57:18:1D:A6:E1:AB:67:7A:F7:C0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010959
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87CDCA6C9D1711EF89609AAA762E951A.roa
Signing time: Thu 07 Nov 2024 14:49:46 +0000
ROA not before: Thu 07 Nov 2024 14:49:42 +0000
ROA not after: Wed 05 Nov 2025 14:49:42 +0000
asID: 138995
IP address blocks: 154.223.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67929 (0x10959)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 14:49:42 2024 GMT
Not After : Nov 5 14:49:42 2025 GMT
Subject: CN=672cd38a-b5f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2b:bd:3a:44:45:26:c3:41:cc:a7:56:a1:80:
97:f9:6e:a4:42:0b:66:e7:63:70:4e:20:4f:68:23:
b8:31:a1:16:53:16:ad:60:5d:53:d9:d3:8e:7f:93:
f1:a9:42:f7:70:e1:8c:65:78:ab:8d:72:2e:83:93:
74:b2:6c:dc:81:90:ae:0d:1b:1d:25:99:27:96:b2:
bc:1a:df:6d:23:c0:09:bb:af:36:c4:0b:3d:76:e2:
41:89:2c:95:46:17:9f:3f:d2:94:54:4c:d9:3a:b4:
54:74:85:9f:1d:23:a3:53:49:ef:84:a0:92:3f:d2:
e1:2b:cb:48:a1:84:15:c5:72:7c:c0:b5:a1:0a:f3:
94:da:c3:26:89:1a:e0:90:7b:e6:78:c7:c0:53:5a:
20:f9:42:32:49:63:1c:23:2b:f9:9f:d8:68:08:17:
ba:2a:46:73:f5:60:e2:a7:39:a1:7c:38:e9:d6:29:
b5:42:3e:16:66:8d:90:4c:ff:69:eb:63:a8:48:df:
d5:d5:88:3b:ab:62:57:b8:91:3a:ee:93:9c:1d:c7:
f0:eb:f4:d6:b1:b1:60:ea:89:9e:30:85:71:bd:65:
bb:34:9d:47:13:d7:06:75:8e:ed:1b:d2:5c:ed:1d:
37:18:3d:b7:0c:57:c4:86:c5:9e:54:d9:59:35:f7:
c5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:10:AF:64:EE:1B:6E:F4:F7:A1:57:18:1D:A6:E1:AB:67:7A:F7:C0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/87CDCA6C9D1711EF89609AAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.3.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:e0:96:49:ff:21:83:bc:78:fa:58:3b:d0:1d:7b:e9:ee:05:
2e:87:14:69:80:20:b4:ac:6a:e8:a9:4d:cb:1d:80:de:d1:26:
b2:e9:d5:ed:cb:52:ac:d5:07:a9:d1:94:98:92:2b:66:4c:0e:
cf:33:fa:f0:11:fa:13:10:fb:2c:58:a0:82:c1:59:4e:93:bd:
61:83:ab:ed:2d:f2:b3:e4:25:1d:a3:c1:eb:4b:04:f8:7a:6e:
64:dc:8e:b8:2f:7c:d6:3e:9b:94:cf:ab:ad:1c:2e:67:9b:54:
ec:ee:c6:e3:8f:ea:9a:0a:9b:40:5d:81:27:1a:91:aa:bd:55:
2e:64:37:20:4d:10:b0:ab:77:8c:58:c2:fb:7c:99:72:a3:25:
43:19:df:1c:31:0c:1b:c5:86:af:06:1c:21:31:14:c5:72:9e:
54:08:34:dd:a2:4b:75:d9:1b:2b:f5:2b:00:5d:3c:96:f4:10:
df:97:e6:6b:71:08:6b:ae:59:2c:b2:aa:22:4f:b0:2f:63:78:
c4:b8:5e:03:aa:6a:e6:64:21:53:e3:c5:48:f4:c1:c2:ee:37:
b7:08:5d:64:98:83:57:bc:f2:f2:c4:a7:72:b8:37:46:c2:35:
19:37:85:15:ef:84:7b:3e:33:3d:c1:0c:fb:79:df:f7:7a:28:
2e:44:17:91
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQlZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MTQ0OTQyWhcNMjUxMTA1MTQ0OTQyWjAYMRYw
FAYDVQQDEw02NzJjZDM4YS1iNWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4Cu9OkRFJsNBzKdWoYCX+W6kQgtm52NwTiBPaCO4MaEWUxatYF1T2dOO
f5PxqUL3cOGMZXirjXIug5N0smzcgZCuDRsdJZknlrK8Gt9tI8AJu682xAs9duJB
iSyVRhefP9KUVEzZOrRUdIWfHSOjU0nvhKCSP9LhK8tIoYQVxXJ8wLWhCvOU2sMm
iRrgkHvmeMfAU1og+UIySWMcIyv5n9hoCBe6KkZz9WDipzmhfDjp1im1Qj4WZo2Q
TP9p62OoSN/V1Yg7q2JXuJE67pOcHcfw6/TWsbFg6omeMIVxvWW7NJ1HE9cGdY7t
G9Jc7R03GD23DFfEhsWeVNlZNffFVQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFG8Q
r2TuG27096FXGB2m4atnevfAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84N0NEQ0E2QzlEMTcxMUVGODk2MDlBQUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8DMA0GCSqGSIb3DQEB
CwUAA4IBAQCq4JZJ/yGDvHj6WDvQHXvp7gUuhxRpgCC0rGroqU3LHYDe0Say6dXt
y1Ks1Qep0ZSYkitmTA7PM/rwEfoTEPssWKCCwVlOk71hg6vtLfKz5CUdo8HrSwT4
em5k3I64L3zWPpuUz6utHC5nm1Ts7sbjj+qaCptAXYEnGpGqvVUuZDcgTRCwq3eM
WML7fJlyoyVDGd8cMQwbxYavBhwhMRTFcp5UCDTdokt12Rsr9SsAXTyW9BDfl+Zr
cQhrrlkssqoiT7AvY3jEuF4DqmrmZCFT48VI9MHC7je3CF1kmINXvPLyxKdyuDdG
wjUZN4UV74R7PjM9wQz7ed/3eiguRBeR
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:12 2024 by rpki-client on console-ams.rpki-client.org