Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B0642989B5C11EF85FA4844762E951A.roa
File: 8B0642989B5C11EF85FA4844762E951A.roa (raw, json)
Hash identifier: JQ6PJBknnBuyPNcgySkM+LWaB0I+EQTGTgLcv+TJuTg=
Subject key identifier: 47:7B:08:2E:E4:F8:80:CD:B3:89:23:A8:61:0F:E7:74:22:25:4F:CE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01077F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B0642989B5C11EF85FA4844762E951A.roa
Signing time: Tue 05 Nov 2024 09:58:44 +0000
ROA not before: Tue 05 Nov 2024 09:58:41 +0000
ROA not after: Mon 13 Jan 2025 09:58:41 +0000
asID: 7018
IP address blocks: 154.82.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67455 (0x1077f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 5 09:58:41 2024 GMT
Not After : Jan 13 09:58:41 2025 GMT
Subject: CN=6729ec54-6352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d6:1f:dd:fe:3d:75:5d:8d:f2:f4:26:8f:40:
2a:65:f5:7d:82:6e:f5:21:0f:ee:fa:f4:16:7b:66:
e8:e9:2b:6a:79:50:ae:1f:04:b0:49:0e:15:e6:19:
c0:8a:28:4e:58:5f:26:62:07:a0:fc:f9:d2:69:65:
a3:42:80:0f:7d:33:f7:0c:2a:42:26:0e:6a:64:4e:
96:33:d0:d0:55:1e:b5:a2:7e:90:b6:35:f5:f7:c6:
26:b0:40:d6:2a:d3:85:36:1f:56:70:04:fe:60:f1:
57:2f:03:7e:e7:75:9c:f7:39:35:ce:85:e9:7d:a2:
63:8a:60:b4:9e:b0:fb:3a:92:48:0c:1f:b3:dc:21:
8c:ce:37:6a:80:67:f7:1f:3e:93:b4:af:49:fe:5d:
11:cf:4e:1d:63:ed:99:34:05:20:08:63:21:53:fb:
fd:6b:3f:a6:3c:75:b5:ed:16:88:be:e7:db:43:c4:
c9:c5:a3:0c:81:84:b9:ae:37:ea:9f:9a:69:9a:91:
54:3d:90:84:18:1a:53:b4:08:43:18:3e:c3:64:8c:
95:f7:69:d2:14:46:7f:2c:b8:0e:51:95:35:c1:3e:
03:66:9c:4a:a9:7b:e7:50:b7:36:a2:25:7d:07:4f:
9e:8a:f0:6b:e1:e2:3c:08:d7:14:30:f8:2e:7e:61:
bd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7B:08:2E:E4:F8:80:CD:B3:89:23:A8:61:0F:E7:74:22:25:4F:CE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8B0642989B5C11EF85FA4844762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.8.0/21
Signature Algorithm: sha256WithRSAEncryption
62:f7:63:c7:83:15:00:58:9f:de:5f:74:2f:52:91:cc:3a:84:
a1:f5:a3:10:f9:61:31:5e:b5:42:0d:d3:4f:94:84:d3:d7:6e:
36:b3:94:68:22:f9:b9:7d:66:02:ab:70:e3:09:7e:6e:79:98:
e2:78:1a:04:b5:97:82:6c:d6:de:d0:c0:e6:7b:9c:9e:db:82:
56:7d:49:10:0a:75:7d:50:ee:b5:3a:2b:d1:47:8e:b2:27:c1:
39:f3:85:8b:b5:f8:97:78:00:55:c2:ee:d4:6c:3f:79:84:c1:
68:f4:78:10:cf:05:42:30:95:50:b5:ae:dc:87:4d:93:e8:ec:
c1:56:f8:76:0c:a8:69:4d:07:a3:5e:59:5c:d3:f3:3e:71:19:
53:5f:ae:f3:9b:34:bb:b9:9d:ba:df:9f:32:7a:8b:d0:34:50:
11:3d:5c:e7:c4:7c:09:87:e1:e5:f1:61:a0:6a:4f:45:d9:de:
3b:ee:27:4a:c4:42:f2:65:db:92:1a:21:b9:53:5d:17:25:ce:
94:db:45:f8:3e:80:c7:f4:45:6e:4a:ae:1b:aa:ab:e7:bf:c2:
17:fc:16:b8:3a:6e:4d:50:69:7f:10:c7:b5:03:30:46:ae:31:
8c:d4:60:a5:af:00:5d:01:10:ac:59:ac:ee:cf:52:a3:01:1a:
2f:3a:95:60
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQd/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MDk1ODQxWhcNMjUwMTEzMDk1ODQxWjAYMRYw
FAYDVQQDEw02NzI5ZWM1NC02MzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA29Yf3f49dV2N8vQmj0AqZfV9gm71IQ/u+vQWe2bo6StqeVCuHwSwSQ4V
5hnAiihOWF8mYgeg/PnSaWWjQoAPfTP3DCpCJg5qZE6WM9DQVR61on6QtjX198Ym
sEDWKtOFNh9WcAT+YPFXLwN+53Wc9zk1zoXpfaJjimC0nrD7OpJIDB+z3CGMzjdq
gGf3Hz6TtK9J/l0Rz04dY+2ZNAUgCGMhU/v9az+mPHW17RaIvufbQ8TJxaMMgYS5
rjfqn5ppmpFUPZCEGBpTtAhDGD7DZIyV92nSFEZ/LLgOUZU1wT4DZpxKqXvnULc2
oiV9B0+eivBr4eI8CNcUMPgufmG9zwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEd7
CC7k+IDNs4kjqGEP53QiJU/OMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QjA2NDI5ODlCNUMxMUVGODVGQTQ4NDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlIIMA0GCSqGSIb3DQEB
CwUAA4IBAQBi92PHgxUAWJ/eX3QvUpHMOoSh9aMQ+WExXrVCDdNPlITT1242s5Ro
Ivm5fWYCq3DjCX5ueZjieBoEtZeCbNbe0MDme5ye24JWfUkQCnV9UO61OivRR46y
J8E584WLtfiXeABVwu7UbD95hMFo9HgQzwVCMJVQta7ch02T6OzBVvh2DKhpTQej
Xllc0/M+cRlTX67zmzS7uZ26358yeovQNFARPVznxHwJh+Hl8WGgak9F2d477idK
xELyZduSGiG5U10XJc6U20X4PoDH9EVuSq4bqqvnv8IX/Ba4Om5NUGl/EMe1AzBG
rjGM1GClrwBdARCsWazuz1KjARovOpVg
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:14 2024 by rpki-client on console-fra.rpki-client.org