Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/945CAB589D1811EF8E7AFBB0762E951A.roa
File: 945CAB589D1811EF8E7AFBB0762E951A.roa (raw, json)
Hash identifier: EQ0VbycsdevsQbmFVgcTxpizN1ibaqWp3xBir3jFtCA=
Subject key identifier: B5:3F:AA:DB:BE:B3:25:1B:BF:6C:06:54:38:B3:D7:26:13:DC:6E:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010965
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/945CAB589D1811EF8E7AFBB0762E951A.roa
Signing time: Thu 07 Nov 2024 14:57:17 +0000
ROA not before: Thu 07 Nov 2024 14:57:13 +0000
ROA not after: Wed 11 Dec 2024 14:57:13 +0000
asID: 203020
IP address blocks: 154.209.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67941 (0x10965)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 14:57:13 2024 GMT
Not After : Dec 11 14:57:13 2024 GMT
Subject: CN=672cd54c-7660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b2:fc:df:1f:71:9e:67:90:92:2a:28:a8:4d:
04:3c:56:94:a6:db:da:54:46:63:a2:45:19:20:7c:
df:fb:54:1f:20:d9:e5:0c:89:e6:24:7f:4b:f5:b7:
be:40:4d:6b:68:28:b3:30:89:12:93:45:eb:f6:95:
dd:57:93:58:77:9b:7f:ce:7a:f6:b7:01:ef:6a:80:
17:1a:79:c4:5f:7a:3a:bb:73:0f:5c:75:f5:b4:85:
76:ab:99:58:dc:78:3f:cb:47:11:39:60:cf:4d:0b:
3a:0c:95:2a:92:1b:56:67:55:c8:c7:c5:f6:3c:8c:
16:c5:d4:8c:26:68:fb:49:94:c5:32:df:66:a3:cc:
7f:70:10:1e:50:dd:12:24:b7:30:e2:1f:5a:79:b8:
d9:f6:ad:8b:af:d4:46:11:6f:45:b8:52:72:d2:21:
60:43:6e:9f:a4:3c:59:84:56:e4:be:82:b1:89:7b:
d9:c7:3b:5f:93:5f:c4:16:42:b5:48:6c:9c:d2:d7:
d0:ff:34:8e:18:6a:d0:84:e2:ac:e6:9d:7e:18:01:
0f:64:a8:3e:fc:39:67:24:c3:16:86:fb:3f:40:53:
3b:8e:b3:7a:14:48:93:6b:c9:54:43:fb:35:22:ec:
32:93:99:d7:bf:32:eb:e4:4b:31:0c:30:2f:70:46:
42:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:3F:AA:DB:BE:B3:25:1B:BF:6C:06:54:38:B3:D7:26:13:DC:6E:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/945CAB589D1811EF8E7AFBB0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:81:fd:84:09:2d:a8:f8:a6:bf:43:ce:ed:96:23:6f:12:72:
af:2c:c0:65:fd:53:76:5c:3d:a0:5f:21:70:c4:8a:70:6f:88:
54:b1:01:ae:f6:dd:ac:e4:b8:09:1a:fd:8f:1b:09:66:bc:19:
c5:9f:bf:79:27:97:36:95:49:ec:4e:28:ef:a7:d6:56:0c:39:
d9:0b:fa:4a:42:b3:84:0f:3c:27:16:c2:55:a3:0e:e7:41:c3:
26:76:7d:0d:e1:c9:28:6c:85:08:27:a8:3c:27:f0:49:05:4f:
bf:be:e9:d0:2d:77:50:3f:79:bc:83:31:dc:3d:b3:03:e3:b4:
09:ad:ea:25:b4:a3:95:e1:20:62:4a:87:1c:4d:de:9e:24:6c:
e3:d7:85:2d:67:76:f6:c6:cb:e7:9f:6e:50:cd:cb:aa:88:3b:
bf:88:21:4a:52:09:74:15:15:bc:d3:6c:36:70:99:b9:56:5b:
3c:b6:b7:69:65:e4:c9:4c:5d:f6:65:be:fa:9d:e7:40:5c:e9:
a5:af:0c:a8:74:73:c6:b6:51:24:86:84:b1:1c:56:c2:e9:b8:
7e:f8:24:cd:67:d8:58:88:18:c0:03:3a:f6:ce:ed:e3:24:f7:
2d:00:ad:fe:42:f3:35:d0:0f:bf:ab:2a:78:b3:11:85:5e:27:
8e:9d:4e:24
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQllMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MTQ1NzEzWhcNMjQxMjExMTQ1NzEzWjAYMRYw
FAYDVQQDEw02NzJjZDU0Yy03NjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyLL83x9xnmeQkiooqE0EPFaUptvaVEZjokUZIHzf+1QfINnlDInmJH9L
9be+QE1raCizMIkSk0Xr9pXdV5NYd5t/znr2twHvaoAXGnnEX3o6u3MPXHX1tIV2
q5lY3Hg/y0cROWDPTQs6DJUqkhtWZ1XIx8X2PIwWxdSMJmj7SZTFMt9mo8x/cBAe
UN0SJLcw4h9aebjZ9q2Lr9RGEW9FuFJy0iFgQ26fpDxZhFbkvoKxiXvZxztfk1/E
FkK1SGyc0tfQ/zSOGGrQhOKs5p1+GAEPZKg+/DlnJMMWhvs/QFM7jrN6FEiTa8lU
Q/s1Iuwyk5nXvzLr5EsxDDAvcEZCbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLU/
qtu+syUbv2wGVDiz1yYT3G7YMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NDVDQUI1ODlEMTgxMUVGOEU3QUZCQjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtHgMA0GCSqGSIb3DQEB
CwUAA4IBAQB9gf2ECS2o+Ka/Q87tliNvEnKvLMBl/VN2XD2gXyFwxIpwb4hUsQGu
9t2s5LgJGv2PGwlmvBnFn795J5c2lUnsTijvp9ZWDDnZC/pKQrOEDzwnFsJVow7n
QcMmdn0N4ckobIUIJ6g8J/BJBU+/vunQLXdQP3m8gzHcPbMD47QJreoltKOV4SBi
SoccTd6eJGzj14UtZ3b2xsvnn25QzcuqiDu/iCFKUgl0FRW802w2cJm5Vls8trdp
ZeTJTF32Zb76nedAXOmlrwyodHPGtlEkhoSxHFbC6bh++CTNZ9hYiBjAAzr2zu3j
JPctAK3+QvM10A+/qyp4sxGFXieOnU4k
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:16 2024 by rpki-client on console-fra.rpki-client.org