Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C8F6EE6985F11EF97D42064762E951A.roa
File: 8C8F6EE6985F11EF97D42064762E951A.roa (raw, json)
Hash identifier: jEQDkR46iTHPAYiWxmpG5a9T93YdZ33NMWp8TfAHqsU=
Subject key identifier: B6:3D:84:C4:3A:8D:C7:90:1C:BB:51:6B:F9:D7:FD:86:07:6A:87:E9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0104DF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C8F6EE6985F11EF97D42064762E951A.roa
Signing time: Fri 01 Nov 2024 14:42:42 +0000
ROA not before: Fri 01 Nov 2024 14:42:38 +0000
ROA not after: Tue 03 Dec 2024 14:42:38 +0000
asID: 203020
IP address blocks: 154.207.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66783 (0x104df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 1 14:42:38 2024 GMT
Not After : Dec 3 14:42:38 2024 GMT
Subject: CN=6724e8e2-d368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:20:c7:30:8b:fc:af:81:1a:5a:d7:68:b5:6f:
30:99:23:ac:4b:37:56:2a:16:57:1e:d8:9f:d9:50:
25:bd:ad:5a:6a:ef:df:2e:a8:5a:ad:5a:03:a7:fa:
51:09:88:1c:68:59:a3:a3:95:7e:d5:f8:a7:82:25:
4f:a8:ce:b3:2e:02:7f:b0:42:e1:0e:4e:26:54:58:
4d:dd:80:9c:9c:e0:e0:38:f0:ab:a7:7f:51:da:b4:
b9:5e:dc:1a:ed:2f:76:0c:e1:5e:2f:22:e3:f0:a0:
22:6a:6c:03:7a:cc:f8:5c:51:8f:58:65:ee:4e:93:
9b:b1:1c:eb:c3:52:08:68:dc:f9:36:d9:3c:c3:1a:
96:bf:26:6c:3e:83:ec:be:d8:59:11:0d:3d:97:a7:
8e:2b:8f:cd:4b:69:df:9d:8a:1b:f6:5b:b4:16:c2:
d2:f2:fe:01:7f:70:e4:f8:0b:ca:1d:45:eb:d5:cc:
99:f9:b9:05:86:20:94:80:0a:f1:1d:0a:59:9f:6d:
a3:e3:3a:30:fe:b2:a4:e7:26:72:82:bc:0a:bc:b6:
0f:8a:fe:d9:93:8e:43:df:87:bb:0d:2d:90:19:ed:
07:63:a8:e7:bc:d2:55:c1:b4:01:91:4c:b3:1e:d1:
00:b8:e8:fd:49:ad:24:fb:da:f5:12:33:1a:10:8e:
e3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3D:84:C4:3A:8D:C7:90:1C:BB:51:6B:F9:D7:FD:86:07:6A:87:E9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C8F6EE6985F11EF97D42064762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.228.0/22
Signature Algorithm: sha256WithRSAEncryption
73:97:63:c6:b5:d1:48:e5:76:23:8d:58:83:54:62:68:e9:67:
86:82:ee:4a:69:4a:c6:17:40:b0:e7:76:ca:b8:08:95:f5:5d:
26:db:92:2c:ec:c8:9a:3e:98:a0:aa:24:7e:d4:03:8c:86:83:
37:c5:62:a8:78:2a:a4:dc:3b:b2:0b:9c:85:dd:b4:e1:20:5c:
9a:7e:b1:ed:ad:ea:eb:31:82:33:ac:c2:72:fd:86:f7:11:f5:
fb:84:be:50:93:37:06:88:80:2f:e2:05:69:19:d9:37:0b:25:
a3:4b:ed:ab:c7:84:3d:08:d1:34:d0:22:30:a2:89:11:bd:6b:
f4:c4:26:de:47:8f:de:56:6d:b0:fd:83:cc:85:f0:96:cf:a1:
10:b0:27:c8:28:01:46:3d:ab:81:fe:ea:f0:78:b1:69:7c:e2:
5f:f7:a8:2b:d6:3f:ff:b3:51:2a:27:ad:8b:e8:ce:40:63:20:
89:06:80:92:1f:a5:2a:9a:69:4d:03:fb:68:ba:6e:a9:cf:3f:
7f:e5:db:14:c0:47:80:49:3d:95:ec:64:00:5d:c8:c8:14:b5:
7b:70:9f:76:d8:a5:b4:fa:87:ad:19:71:b1:4d:c2:26:98:21:
de:54:89:63:66:b0:00:3d:71:3d:44:ed:bf:cf:95:6e:53:10:
f2:4f:cd:52
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQTfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTAxMTQ0MjM4WhcNMjQxMjAzMTQ0MjM4WjAYMRYw
FAYDVQQDEw02NzI0ZThlMi1kMzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2iDHMIv8r4EaWtdotW8wmSOsSzdWKhZXHtif2VAlva1aau/fLqharVoD
p/pRCYgcaFmjo5V+1fingiVPqM6zLgJ/sELhDk4mVFhN3YCcnODgOPCrp39R2rS5
Xtwa7S92DOFeLyLj8KAiamwDesz4XFGPWGXuTpObsRzrw1IIaNz5Ntk8wxqWvyZs
PoPsvthZEQ09l6eOK4/NS2nfnYob9lu0FsLS8v4Bf3Dk+AvKHUXr1cyZ+bkFhiCU
gArxHQpZn22j4zow/rKk5yZygrwKvLYPiv7Zk45D34e7DS2QGe0HY6jnvNJVwbQB
kUyzHtEAuOj9Sa0k+9r1EjMaEI7jBwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLY9
hMQ6jceQHLtRa/nX/YYHaofpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QzhGNkVFNjk4NUYxMUVGOTdENDIwNjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms/kMA0GCSqGSIb3DQEB
CwUAA4IBAQBzl2PGtdFI5XYjjViDVGJo6WeGgu5KaUrGF0Cw53bKuAiV9V0m25Is
7MiaPpigqiR+1AOMhoM3xWKoeCqk3DuyC5yF3bThIFyafrHtrerrMYIzrMJy/Yb3
EfX7hL5QkzcGiIAv4gVpGdk3CyWjS+2rx4Q9CNE00CIwookRvWv0xCbeR4/eVm2w
/YPMhfCWz6EQsCfIKAFGPauB/urweLFpfOJf96gr1j//s1EqJ62L6M5AYyCJBoCS
H6UqmmlNA/toum6pzz9/5dsUwEeAST2V7GQAXcjIFLV7cJ922KW0+oetGXGxTcIm
mCHeVIljZrAAPXE9RO2/z5VuUxDyT81S
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:15 2024 by rpki-client on console-fra.rpki-client.org