Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/928F61A2A74111EF9BCE0E46762E951A.roa
File: 928F61A2A74111EF9BCE0E46762E951A.roa (raw, json)
Hash identifier: pwD9jaDyE80FZPSrHrq5KFoAZmeX9RJQq47n8zs7IpE=
Subject key identifier: 50:44:6C:AF:17:A6:73:A0:75:E4:78:7D:CF:32:F1:1B:BB:ED:1E:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010FB7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/928F61A2A74111EF9BCE0E46762E951A.roa
Signing time: Wed 20 Nov 2024 13:15:55 +0000
ROA not before: Wed 20 Nov 2024 13:15:51 +0000
ROA not after: Sat 30 Nov 2024 13:15:51 +0000
asID: 136778
IP address blocks: 154.212.144.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69559 (0x10fb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 20 13:15:51 2024 GMT
Not After : Nov 30 13:15:51 2024 GMT
Subject: CN=673de10a-4e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:92:00:6e:86:b8:4f:12:0f:0e:cb:98:53:d1:
84:cb:08:23:9a:db:e1:cf:83:ab:c2:c1:56:11:30:
77:33:b5:9d:14:c2:c0:06:3c:d1:df:be:42:64:70:
c2:a5:71:46:1a:64:fa:f9:b4:13:d2:e1:97:25:db:
0e:05:cb:26:1b:df:8c:07:64:7d:31:40:f6:9c:b4:
95:73:af:26:9b:1c:cb:03:92:89:98:1a:eb:d5:0c:
d6:50:a6:e8:21:02:2b:17:a5:67:c8:59:16:dd:bc:
09:37:ff:46:b4:82:22:37:c6:b3:79:87:dd:30:40:
ef:0a:14:de:a0:7b:09:a7:2b:75:c2:97:75:28:33:
a0:0e:34:a0:8f:c6:03:05:c4:11:22:9c:1c:bb:8d:
34:7b:3a:82:3a:3f:c7:1f:0f:10:f3:02:e2:24:6a:
6d:1e:57:e6:e9:24:df:cf:dc:39:fb:27:09:07:dd:
cd:ea:f0:b8:9d:81:24:7e:18:f4:3b:d9:e2:da:67:
b8:e7:1d:12:98:09:f0:3e:79:b7:e0:ef:42:0d:8e:
d2:04:5e:8e:98:b2:f5:e1:dc:2b:b4:c4:fd:3b:07:
89:3d:af:a8:ea:c1:f0:18:ea:d9:78:cf:48:ab:57:
92:99:e4:55:08:d2:28:a8:67:47:8c:c7:8c:34:fa:
b0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:44:6C:AF:17:A6:73:A0:75:E4:78:7D:CF:32:F1:1B:BB:ED:1E:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/928F61A2A74111EF9BCE0E46762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.144.0/23
Signature Algorithm: sha256WithRSAEncryption
09:87:59:94:c0:75:21:71:23:27:c8:91:4a:ee:7c:3e:e6:2b:
ce:f9:72:3d:70:83:7d:d5:0f:c1:d7:a1:cb:ad:8c:72:ae:c9:
ba:ec:71:8a:1c:a2:e7:7e:63:51:b6:9c:cb:8c:47:cd:ce:c2:
64:31:b8:02:58:54:8c:4d:c6:b8:6d:3d:68:5d:2d:08:51:a5:
44:fc:97:cd:d8:f7:07:76:eb:37:71:55:e4:d9:b1:69:7e:72:
e7:4a:ab:2e:10:80:45:3a:64:e3:b0:ed:10:aa:1e:97:ab:7b:
60:af:71:59:7e:5b:a1:b7:6f:33:8c:40:c1:14:34:e1:50:40:
7e:f9:f2:0c:47:6b:64:98:d3:5e:08:f7:53:dc:db:94:cd:c1:
4e:c1:a5:a5:7d:1a:00:e3:23:ee:3f:4a:3f:52:19:46:d7:3f:
1e:96:9a:12:08:48:a7:49:f5:ce:dc:1e:ff:03:41:1d:99:2e:
58:7a:c4:1e:77:74:ca:17:90:b4:01:68:7f:aa:c8:1f:d1:75:
98:60:7e:84:b6:0a:65:4f:46:a4:3e:22:8e:a9:ea:a0:22:e0:
0b:4d:c0:bd:c7:e0:ee:c4:82:6a:4b:74:37:d6:c6:0a:eb:63:
04:f1:89:e6:f8:19:0f:c2:2a:c7:c4:95:d9:4d:71:7e:cf:3e:
45:11:01:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ+3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMTMxNTUxWhcNMjQxMTMwMTMxNTUxWjAYMRYw
FAYDVQQDEw02NzNkZTEwYS00ZThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxJIAboa4TxIPDsuYU9GEywgjmtvhz4OrwsFWETB3M7WdFMLABjzR375C
ZHDCpXFGGmT6+bQT0uGXJdsOBcsmG9+MB2R9MUD2nLSVc68mmxzLA5KJmBrr1QzW
UKboIQIrF6VnyFkW3bwJN/9GtIIiN8azeYfdMEDvChTeoHsJpyt1wpd1KDOgDjSg
j8YDBcQRIpwcu400ezqCOj/HHw8Q8wLiJGptHlfm6STfz9w5+ycJB93N6vC4nYEk
fhj0O9ni2me45x0SmAnwPnm34O9CDY7SBF6OmLL14dwrtMT9OweJPa+o6sHwGOrZ
eM9Iq1eSmeRVCNIoqGdHjMeMNPqwwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFBE
bK8XpnOgdeR4fc8y8Ru77R4YMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MjhGNjFBMkE3NDExMUVGOUJDRTBFNDY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtSQMA0GCSqGSIb3DQEB
CwUAA4IBAQAJh1mUwHUhcSMnyJFK7nw+5ivO+XI9cIN91Q/B16HLrYxyrsm67HGK
HKLnfmNRtpzLjEfNzsJkMbgCWFSMTca4bT1oXS0IUaVE/JfN2PcHdus3cVXk2bFp
fnLnSqsuEIBFOmTjsO0Qqh6Xq3tgr3FZfluht28zjEDBFDThUEB++fIMR2tkmNNe
CPdT3NuUzcFOwaWlfRoA4yPuP0o/UhlG1z8elpoSCEinSfXO3B7/A0EdmS5YesQe
d3TKF5C0AWh/qsgf0XWYYH6EtgplT0akPiKOqeqgIuALTcC9x+DuxIJqS3Q31sYK
62ME8Ynm+BkPwirHxJXZTXF+zz5FEQF2
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:15 2024 by rpki-client on console-ams.rpki-client.org