Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BA6794E344A11EFA0FC077E762E951A.roa
File: 8BA6794E344A11EFA0FC077E762E951A.roa (raw, json)
Hash identifier: edI3+qIn5/ZYy4WM6sMTMWjGDot9HtaiM5AlTnXJa6s=
Subject key identifier: 3B:13:93:21:7A:74:55:79:9C:95:B1:36:82:8B:74:96:C4:48:30:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C777
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BA6794E344A11EFA0FC077E762E951A.roa
Signing time: Thu 27 Jun 2024 06:00:25 +0000
ROA not before: Thu 27 Jun 2024 06:00:21 +0000
ROA not after: Mon 30 Dec 2024 06:00:21 +0000
asID: 984
IP address blocks: 154.89.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51063 (0xc777)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 27 06:00:21 2024 GMT
Not After : Dec 30 06:00:21 2024 GMT
Subject: CN=667cfff9-005e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f5:6e:37:07:e1:02:34:b0:71:b6:6e:ea:49:
34:56:97:44:c4:87:36:d0:5b:31:89:59:b2:e2:ca:
93:a1:32:7f:e6:a7:4a:5b:25:1f:56:9d:01:59:0e:
50:73:b6:10:4b:8a:f4:ae:31:0c:cd:fa:8f:fd:b5:
ed:a5:7b:94:a3:7d:bd:7d:91:8c:64:47:2b:f3:19:
70:57:6f:7f:80:42:57:72:8d:b1:6c:c2:50:dc:bb:
fd:14:db:62:ee:af:9f:18:1b:12:4a:ec:3b:5e:6a:
97:eb:12:30:75:c0:59:eb:a9:b4:4a:a7:8a:5e:26:
ef:d2:32:58:f4:53:e0:9e:cc:3a:f3:21:b6:35:7f:
ee:35:42:23:0c:94:c0:eb:fb:3d:3a:5d:a6:1b:a6:
33:c6:53:b5:41:99:80:7d:62:1b:d5:53:8f:38:c1:
21:ca:24:06:c0:65:ea:60:53:6d:b6:8b:73:89:b8:
66:d8:fd:33:cf:b5:16:da:9e:4a:21:c3:40:68:91:
50:ee:97:54:0a:25:e4:f8:22:ab:5b:33:4e:6d:46:
7b:7b:c4:c1:0d:bf:ac:e3:13:f2:ed:ad:77:14:bf:
86:a4:bd:eb:f3:eb:77:44:23:06:d4:bc:94:56:c1:
2c:9a:54:92:1d:74:87:65:db:64:f9:fa:cb:a9:90:
2c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:13:93:21:7A:74:55:79:9C:95:B1:36:82:8B:74:96:C4:48:30:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8BA6794E344A11EFA0FC077E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.128.0/17
Signature Algorithm: sha256WithRSAEncryption
5f:dc:19:92:6d:c1:87:bb:2d:f9:12:08:c2:02:a4:b9:f9:36:
10:c2:c8:c8:31:ad:68:a0:82:ce:cc:cd:43:8f:0a:34:72:e0:
9f:1b:3e:57:2f:8f:2f:81:1a:3b:53:f4:01:b1:46:9e:23:d9:
35:85:92:df:0d:59:2f:a0:3d:41:f5:e6:f3:c5:f1:ab:ef:74:
18:06:ed:f2:bf:8c:27:07:43:b7:8b:b1:5d:62:ac:09:30:86:
2d:e2:91:bf:a2:f4:24:3b:65:4b:55:c1:fb:91:4f:13:d9:d6:
da:7e:45:cd:75:1d:da:14:81:ca:60:24:02:3c:24:8e:85:d5:
8d:1a:a7:71:79:20:5e:d5:da:92:88:b7:c6:d5:97:47:ef:00:
22:e2:b7:79:5b:f1:6e:11:20:8d:64:f7:e1:ef:2c:67:ab:dc:
b5:e4:d5:ff:e2:98:7b:b2:96:fe:bb:0e:9e:18:8b:1c:2a:05:
8c:d0:3a:cc:87:bb:81:0a:50:eb:d9:9e:b5:9a:83:9f:53:25:
da:9d:89:a6:90:e4:94:69:25:63:9b:11:84:f0:43:9c:36:ed:
a5:f9:f4:42:27:a4:41:3e:39:c5:1a:3d:58:51:1b:43:87:50:
13:7f:05:25:64:43:bf:5c:72:93:20:7d:8e:3f:4f:9d:b5:ca:
8e:9c:05:18
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMd3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjI3MDYwMDIxWhcNMjQxMjMwMDYwMDIxWjAYMRYw
FAYDVQQDEw02NjdjZmZmOS0wMDVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3fVuNwfhAjSwcbZu6kk0VpdExIc20FsxiVmy4sqToTJ/5qdKWyUfVp0B
WQ5Qc7YQS4r0rjEMzfqP/bXtpXuUo329fZGMZEcr8xlwV29/gEJXco2xbMJQ3Lv9
FNti7q+fGBsSSuw7XmqX6xIwdcBZ66m0SqeKXibv0jJY9FPgnsw68yG2NX/uNUIj
DJTA6/s9Ol2mG6YzxlO1QZmAfWIb1VOPOMEhyiQGwGXqYFNttotzibhm2P0zz7UW
2p5KIcNAaJFQ7pdUCiXk+CKrWzNObUZ7e8TBDb+s4xPy7a13FL+GpL3r8+t3RCMG
1LyUVsEsmlSSHXSHZdtk+frLqZAsiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDsT
kyF6dFV5nJWxNoKLdJbESDAfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QkE2Nzk0RTM0NEExMUVGQTBGQzA3N0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHmlmAMA0GCSqGSIb3DQEB
CwUAA4IBAQBf3BmSbcGHuy35EgjCAqS5+TYQwsjIMa1ooILOzM1Djwo0cuCfGz5X
L48vgRo7U/QBsUaeI9k1hZLfDVkvoD1B9ebzxfGr73QYBu3yv4wnB0O3i7FdYqwJ
MIYt4pG/ovQkO2VLVcH7kU8T2dbafkXNdR3aFIHKYCQCPCSOhdWNGqdxeSBe1dqS
iLfG1ZdH7wAi4rd5W/FuESCNZPfh7yxnq9y15NX/4ph7spb+uw6eGIscKgWM0DrM
h7uBClDr2Z61moOfUyXanYmmkOSUaSVjmxGE8EOcNu2l+fRCJ6RBPjnFGj1YURtD
h1ATfwUlZEO/XHKTIH2OP0+dtcqOnAUY
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:12 2024 by rpki-client on console-ams.rpki-client.org