Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/884BEE4A32B611EF90EC8F8D762E951A.roa
File: 884BEE4A32B611EF90EC8F8D762E951A.roa (raw, json)
Hash identifier: xmKKN72YxER4+38queh1XTYY/ruUlAQOW1Hlctk4ftY=
Subject key identifier: 8D:D0:FD:DB:65:AA:C3:BC:7A:3E:96:DB:A9:6E:1D:71:0B:04:00:B4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C635
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/884BEE4A32B611EF90EC8F8D762E951A.roa
Signing time: Tue 25 Jun 2024 05:48:22 +0000
ROA not before: Tue 25 Jun 2024 05:48:19 +0000
ROA not after: Fri 03 Jan 2025 05:48:19 +0000
asID: 40065
IP address blocks: 154.208.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50741 (0xc635)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 25 05:48:19 2024 GMT
Not After : Jan 3 05:48:19 2025 GMT
Subject: CN=667a5a26-d59b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f5:b8:a8:e8:3b:4a:a5:d3:d2:8e:9a:6f:65:
13:12:d1:b1:56:e1:fc:e5:42:17:6f:44:ad:14:8a:
c2:41:d1:d0:24:b0:8c:6a:95:e7:54:4d:93:d9:8e:
0c:56:00:d5:dd:24:78:fe:8b:b5:4d:ff:99:62:44:
b7:a2:2e:de:d9:39:e5:18:75:ca:8d:5d:15:f6:47:
e5:27:c1:c8:72:4a:1c:a8:44:ae:bd:fe:c8:b3:a6:
ab:5f:de:3e:f3:b4:37:e1:e5:c3:7e:ed:17:25:e5:
2c:77:bc:1b:fd:22:09:96:bb:0b:86:b7:f7:3f:33:
80:52:c8:de:f0:dd:60:8c:21:2c:07:7f:b2:e4:77:
fe:78:fb:71:78:c3:8d:eb:eb:0d:18:73:80:3b:51:
c5:58:4d:28:4a:55:c2:43:63:a9:ce:c1:85:e0:d5:
7a:e7:2f:2c:da:28:0a:74:f9:e3:be:9f:9f:56:a6:
76:07:ee:d0:ed:91:1b:3c:f4:0c:bc:ad:dd:16:1c:
e5:59:17:54:14:94:48:14:14:7d:25:1f:b1:f9:0b:
97:0e:79:06:c4:cf:69:e1:f1:60:37:8d:1a:2d:e4:
8f:a4:8e:db:32:07:53:12:af:e0:90:ea:73:42:86:
cb:0c:7d:1e:a3:c4:f3:fb:48:1e:b2:57:a3:5d:c7:
80:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D0:FD:DB:65:AA:C3:BC:7A:3E:96:DB:A9:6E:1D:71:0B:04:00:B4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/884BEE4A32B611EF90EC8F8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.4.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:23:59:75:ad:58:7b:25:88:c1:9d:7b:ef:30:ea:47:c7:9b:
f5:e6:11:8f:0e:37:c5:28:47:d0:fc:bd:59:cc:e9:a8:5a:ce:
00:03:5e:ea:01:88:64:43:2b:02:84:75:8b:7a:94:8c:ea:76:
50:7c:63:75:50:a2:41:bc:be:96:0f:ab:cd:aa:48:58:68:35:
27:65:51:fd:ce:c3:b0:9a:1b:f6:96:71:f4:7e:a3:57:79:fa:
68:43:72:29:a0:c7:32:5e:cd:49:96:8d:52:40:1a:fa:a3:00:
a5:89:48:0a:e2:c8:d4:e1:f7:30:97:b1:77:a7:14:0a:cd:38:
fe:0f:14:2a:72:ad:20:8d:1b:87:08:c6:99:2c:6e:bb:4c:42:
f9:a8:fc:a5:1c:30:27:68:84:2d:2a:af:9d:1a:b8:a0:f5:0f:
d0:0f:d7:0a:6f:57:bd:e7:37:b4:37:a1:f3:b1:ac:62:11:a0:
68:fd:1b:c1:6a:91:ef:2e:d9:7e:14:f8:b3:67:e0:dc:95:e7:
58:22:cc:19:64:62:72:13:b5:25:21:4b:74:19:e1:cf:bd:70:
04:d4:82:2c:85:50:21:3d:f0:f0:30:7b:52:3c:90:d7:e3:e0:
45:b9:cd:83:d2:46:fa:2c:f6:e3:29:5d:7b:21:44:ff:d3:aa:
76:5b:dd:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMY1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjI1MDU0ODE5WhcNMjUwMTAzMDU0ODE5WjAYMRYw
FAYDVQQDEw02NjdhNWEyNi1kNTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwPW4qOg7SqXT0o6ab2UTEtGxVuH85UIXb0StFIrCQdHQJLCMapXnVE2T
2Y4MVgDV3SR4/ou1Tf+ZYkS3oi7e2TnlGHXKjV0V9kflJ8HIckocqESuvf7Is6ar
X94+87Q34eXDfu0XJeUsd7wb/SIJlrsLhrf3PzOAUsje8N1gjCEsB3+y5Hf+ePtx
eMON6+sNGHOAO1HFWE0oSlXCQ2OpzsGF4NV65y8s2igKdPnjvp+fVqZ2B+7Q7ZEb
PPQMvK3dFhzlWRdUFJRIFBR9JR+x+QuXDnkGxM9p4fFgN40aLeSPpI7bMgdTEq/g
kOpzQobLDH0eo8Tz+0geslejXceAIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFI3Q
/dtlqsO8ej6W26luHXELBAC0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84ODRCRUU0QTMyQjYxMUVGOTBFQzhGOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtAEMA0GCSqGSIb3DQEB
CwUAA4IBAQChI1l1rVh7JYjBnXvvMOpHx5v15hGPDjfFKEfQ/L1ZzOmoWs4AA17q
AYhkQysChHWLepSM6nZQfGN1UKJBvL6WD6vNqkhYaDUnZVH9zsOwmhv2lnH0fqNX
efpoQ3IpoMcyXs1Jlo1SQBr6owCliUgK4sjU4fcwl7F3pxQKzTj+DxQqcq0gjRuH
CMaZLG67TEL5qPylHDAnaIQtKq+dGrig9Q/QD9cKb1e95ze0N6HzsaxiEaBo/RvB
apHvLtl+FPizZ+DcledYIswZZGJyE7UlIUt0GeHPvXAE1IIshVAhPfDwMHtSPJDX
4+BFuc2D0kb6LPbjKV17IUT/06p2W90A
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:21 2024 by rpki-client on console-ams.rpki-client.org