Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9898E0EAA9AE11EFAF00B68A762E951A.roa
File: 9898E0EAA9AE11EFAF00B68A762E951A.roa (raw, json)
Hash identifier: Wx6MzR2e0WVyxX72wtBCSLNB+DhcxW3c3FgvMHkkY7k=
Subject key identifier: A5:24:BF:CF:6C:C5:35:48:A3:55:2C:66:00:34:78:17:23:98:AB:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011190
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9898E0EAA9AE11EFAF00B68A762E951A.roa
Signing time: Sat 23 Nov 2024 15:21:22 +0000
ROA not before: Sat 23 Nov 2024 15:21:18 +0000
ROA not after: Thu 26 Dec 2024 15:21:18 +0000
asID: 8796
IP address blocks: 154.201.72.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70032 (0x11190)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 23 15:21:18 2024 GMT
Not After : Dec 26 15:21:18 2024 GMT
Subject: CN=6741f2f2-e5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:31:c7:71:96:55:a3:04:e3:e3:be:45:d6:51:
63:30:bf:c0:f7:fa:d8:dd:51:0e:2f:6d:94:01:0a:
66:e0:3c:8a:25:0c:d1:71:a6:e8:54:01:ad:86:32:
2c:be:6e:6a:4b:ab:74:00:ed:a3:b0:0f:d3:fd:9a:
bd:38:d9:60:3b:34:fa:0a:7a:7c:9e:19:43:47:0f:
0a:9b:b6:50:82:74:54:95:3f:0f:b6:ef:19:c9:5c:
56:6a:72:3e:4d:22:05:eb:45:86:19:28:d3:39:76:
a2:79:89:74:74:4a:df:21:b1:f7:cb:82:1d:83:d9:
3f:70:fc:df:15:39:24:aa:e5:9a:b3:9d:ea:48:63:
87:9b:ad:6a:67:62:56:b0:84:f9:48:cc:ef:2f:b7:
03:b4:6f:d5:ff:3c:8f:f5:4d:ee:2e:8d:15:4a:79:
a5:64:a7:2b:ae:b5:03:89:2d:c7:af:22:c7:4b:63:
8b:ad:de:2f:1b:01:ad:64:c8:67:0d:7d:ce:fe:2b:
0c:08:64:d0:61:b6:42:ed:7c:58:6e:cb:49:c0:8c:
1d:0c:ec:20:64:4b:19:af:1d:c2:e9:dd:a8:f6:af:
ac:c6:13:84:96:15:77:37:58:0b:5a:df:8b:38:ec:
12:0c:39:4a:3f:df:38:35:3d:03:d9:bb:6b:2f:86:
40:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:24:BF:CF:6C:C5:35:48:A3:55:2C:66:00:34:78:17:23:98:AB:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9898E0EAA9AE11EFAF00B68A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.72.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:b1:c3:eb:cd:4a:49:a0:a7:e1:a6:42:24:77:e4:52:8c:fa:
a6:a3:4f:1b:89:91:e3:df:ff:fb:23:49:70:8f:42:c0:28:4b:
d0:28:cb:7e:1b:a5:a8:67:86:b7:c6:db:af:1c:74:7a:47:4f:
77:fd:8d:29:69:f6:58:2e:ba:f6:02:c5:22:5c:b2:20:3e:9a:
49:bd:37:6f:e8:bb:b0:25:ba:1d:b3:ec:ba:c2:24:86:97:61:
fe:f4:24:27:b0:45:2a:53:72:ef:ed:99:28:cf:80:c3:96:88:
e6:60:d4:4b:7e:ca:80:dd:ba:e1:24:27:04:62:ca:42:07:b5:
9d:ea:63:67:6e:14:3c:b7:e8:18:6c:38:76:b9:7e:7d:42:9d:
c9:b2:55:f8:d9:1d:cf:56:61:ac:f9:24:89:93:a0:1f:37:8a:
2a:d9:9b:78:e9:1e:8e:07:d4:a4:d5:d0:a0:60:d1:26:05:f9:
b1:0f:2b:65:48:e1:75:e8:32:ed:73:10:34:03:83:9b:66:38:
8c:ae:4b:96:ce:03:97:3e:48:36:0a:46:a9:8e:55:a3:7c:cc:
1c:66:f7:cf:a8:e9:63:15:49:b3:44:2b:14:c5:37:cd:42:ae:
3b:fb:f8:c6:9f:d8:b6:60:7a:ed:1e:b2:b4:da:c8:50:ba:18:
d8:f3:d6:e9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARGQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIzMTUyMTE4WhcNMjQxMjI2MTUyMTE4WjAYMRYw
FAYDVQQDEw02NzQxZjJmMi1lNWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApDHHcZZVowTj475F1lFjML/A9/rY3VEOL22UAQpm4DyKJQzRcaboVAGt
hjIsvm5qS6t0AO2jsA/T/Zq9ONlgOzT6Cnp8nhlDRw8Km7ZQgnRUlT8Ptu8ZyVxW
anI+TSIF60WGGSjTOXaieYl0dErfIbH3y4Idg9k/cPzfFTkkquWas53qSGOHm61q
Z2JWsIT5SMzvL7cDtG/V/zyP9U3uLo0VSnmlZKcrrrUDiS3HryLHS2OLrd4vGwGt
ZMhnDX3O/isMCGTQYbZC7XxYbstJwIwdDOwgZEsZrx3C6d2o9q+sxhOElhV3N1gL
Wt+LOOwSDDlKP984NT0D2btrL4ZAOwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKUk
v89sxTVIo1UsZgA0eBcjmKvSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85ODk4RTBFQUE5QUUxMUVGQUYwMEI2OEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmslIMA0GCSqGSIb3DQEB
CwUAA4IBAQAuscPrzUpJoKfhpkIkd+RSjPqmo08biZHj3//7I0lwj0LAKEvQKMt+
G6WoZ4a3xtuvHHR6R093/Y0pafZYLrr2AsUiXLIgPppJvTdv6LuwJbods+y6wiSG
l2H+9CQnsEUqU3Lv7Zkoz4DDlojmYNRLfsqA3brhJCcEYspCB7Wd6mNnbhQ8t+gY
bDh2uX59Qp3JslX42R3PVmGs+SSJk6AfN4oq2Zt46R6OB9Sk1dCgYNEmBfmxDytl
SOF16DLtcxA0A4ObZjiMrkuWzgOXPkg2CkapjlWjfMwcZvfPqOljFUmzRCsUxTfN
Qq47+/jGn9i2YHrtHrK02shQuhjY89bp
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:40 2024 by rpki-client on console-fra.rpki-client.org