Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9123AFE866A111EF80FF2451762E951A.roa
File: 9123AFE866A111EF80FF2451762E951A.roa (raw, json)
Hash identifier: e3+qYfAK/IaDD9MFZNmkaYC//UjNhfwwCDbIJ0dwBfw=
Subject key identifier: 04:62:26:A5:32:4B:4A:A3:74:8B:F5:64:46:3F:6D:0F:DF:8A:D0:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: E762
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9123AFE866A111EF80FF2451762E951A.roa
Signing time: Fri 30 Aug 2024 07:29:18 +0000
ROA not before: Fri 30 Aug 2024 07:29:15 +0000
ROA not after: Mon 01 Sep 2025 07:29:15 +0000
asID: 140659
IP address blocks: 154.222.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59234 (0xe762)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Aug 30 07:29:15 2024 GMT
Not After : Sep 1 07:29:15 2025 GMT
Subject: CN=66d174ce-56d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cc:71:86:93:e7:d6:ae:4e:22:a9:b4:dc:75:
81:29:0c:9c:f6:e5:43:ba:00:1d:4f:47:d1:8d:8f:
5c:90:cf:0b:06:4f:56:b2:fb:eb:da:3c:7a:c1:22:
3e:7d:44:cc:a4:8c:b4:35:04:ca:2c:4c:c7:d6:a1:
6a:60:bf:37:8f:79:67:e2:77:99:46:02:d3:6e:fc:
90:10:fe:b3:b9:e7:cd:8e:59:86:b9:4b:ef:d8:a3:
6f:af:cc:bd:d9:73:73:2f:90:a7:f9:c0:7d:df:65:
8f:df:e0:d2:b0:0a:92:54:86:28:f3:08:57:b4:33:
2c:2a:a6:76:4e:fb:ed:d0:1d:7b:65:0a:23:9c:a0:
da:39:85:bf:df:38:5d:03:c1:90:00:4b:31:15:54:
2e:2f:04:27:8a:27:92:15:78:7c:c1:7c:7b:92:89:
7d:b7:b2:27:87:a7:24:dd:2f:b3:e6:34:c3:4d:27:
5e:a2:e9:37:57:9f:58:c7:b2:79:2c:cc:3e:34:31:
52:78:c2:1f:eb:a7:29:94:fb:ee:05:b7:68:90:35:
28:95:69:a9:13:7d:01:be:cc:41:50:d6:98:8f:c0:
f9:07:2e:53:80:7e:88:8d:ad:26:a1:36:1a:e0:0a:
e7:c4:cb:51:40:58:6c:2f:c0:7d:f5:d1:97:cb:26:
f8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:62:26:A5:32:4B:4A:A3:74:8B:F5:64:46:3F:6D:0F:DF:8A:D0:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9123AFE866A111EF80FF2451762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.64.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:7a:76:06:db:20:94:ef:33:72:36:1a:47:be:0e:89:05:e8:
2d:0a:91:12:e4:55:3b:44:ff:ec:0c:97:fb:25:74:0b:a6:fc:
78:15:b9:b3:75:ba:79:c3:e7:68:bd:bd:8b:15:e4:b1:65:d7:
4f:07:a3:95:2b:7f:c4:d4:70:be:73:da:fc:cd:99:fe:ee:29:
db:ef:9b:c5:4b:82:b1:4b:e5:e1:fb:70:63:2f:26:6e:80:3b:
b7:56:c7:e1:ea:ac:2e:0d:bd:17:3a:d3:a6:b0:6a:c6:73:ef:
93:e9:74:2a:bc:49:b5:5b:53:e8:09:cb:a9:fc:79:da:2e:22:
c2:72:91:4a:74:0b:e5:ab:b2:03:b8:80:8a:fe:d9:eb:3d:fe:
5b:fa:64:af:28:10:ad:24:d4:39:06:56:88:6b:18:61:d9:ad:
90:4d:57:1d:7c:ea:12:9e:22:99:ea:01:db:23:b4:b9:e1:bd:
be:6a:b7:a0:f1:c5:26:69:df:54:c0:99:08:9e:5d:62:b4:7b:
31:34:46:d8:7b:1a:56:4a:9e:7c:46:06:f7:99:4e:fa:f9:8b:
cf:20:80:7e:e4:61:0a:bc:92:4a:71:68:10:7e:9b:ac:28:25:
da:a8:21:52:50:2a:7d:a6:1d:91:1b:cd:26:c2:51:03:cc:39:
86:39:89:57
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAOdiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwODMwMDcyOTE1WhcNMjUwOTAxMDcyOTE1WjAYMRYw
FAYDVQQDEw02NmQxNzRjZS01NmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw8xxhpPn1q5OIqm03HWBKQyc9uVDugAdT0fRjY9ckM8LBk9Wsvvr2jx6
wSI+fUTMpIy0NQTKLEzH1qFqYL83j3ln4neZRgLTbvyQEP6zuefNjlmGuUvv2KNv
r8y92XNzL5Cn+cB932WP3+DSsAqSVIYo8whXtDMsKqZ2Tvvt0B17ZQojnKDaOYW/
3zhdA8GQAEsxFVQuLwQniieSFXh8wXx7kol9t7Inh6ck3S+z5jTDTSdeouk3V59Y
x7J5LMw+NDFSeMIf66cplPvuBbdokDUolWmpE30BvsxBUNaYj8D5By5TgH6Ija0m
oTYa4ArnxMtRQFhsL8B99dGXyyb4mQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFARi
JqUyS0qjdIv1ZEY/bQ/fitAvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MTIzQUZFODY2QTExMUVGODBGRjI0NTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt5AMA0GCSqGSIb3DQEB
CwUAA4IBAQBLenYG2yCU7zNyNhpHvg6JBegtCpES5FU7RP/sDJf7JXQLpvx4Fbmz
dbp5w+dovb2LFeSxZddPB6OVK3/E1HC+c9r8zZn+7inb75vFS4KxS+Xh+3BjLyZu
gDu3Vsfh6qwuDb0XOtOmsGrGc++T6XQqvEm1W1PoCcup/HnaLiLCcpFKdAvlq7ID
uICK/tnrPf5b+mSvKBCtJNQ5BlaIaxhh2a2QTVcdfOoSniKZ6gHbI7S54b2+areg
8cUmad9UwJkInl1itHsxNEbYexpWSp58Rgb3mU76+YvPIIB+5GEKvJJKcWgQfpus
KCXaqCFSUCp9ph2RG80mwlEDzDmGOYlX
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:18:09 2024 by rpki-client on console-ams.rpki-client.org