Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99F8E3DEAD5C11EF8863CD40762E951A.roa
File: 99F8E3DEAD5C11EF8863CD40762E951A.roa (raw, json)
Hash identifier: AF6QsyeWvsk2zFUEWQh/O6zItz5uMm/WCprjOHuVuzo=
Subject key identifier: BA:24:F2:98:24:03:A1:77:AC:57:AA:4B:DC:72:E1:10:04:0D:0A:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0114EB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99F8E3DEAD5C11EF8863CD40762E951A.roa
Signing time: Thu 28 Nov 2024 07:44:31 +0000
ROA not before: Thu 28 Nov 2024 07:44:27 +0000
ROA not after: Tue 11 Feb 2025 07:44:27 +0000
asID: 9009
IP address blocks: 154.85.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 15 Jan 2025 00:05:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70891 (0x114eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 28 07:44:27 2024 GMT
Not After : Feb 11 07:44:27 2025 GMT
Subject: CN=67481f5e-58d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:19:8f:2e:8a:dd:32:f9:d5:97:bf:bf:c4:d9:
5d:aa:a3:ac:fe:44:e6:f0:27:cc:91:c8:b0:05:c5:
cb:2b:f0:54:30:f1:2a:f5:94:11:bc:16:de:90:81:
46:87:bd:6e:fd:bc:98:9a:0d:39:d8:ab:cc:ed:ef:
8a:22:55:14:8e:a1:75:78:5d:fa:e0:37:b2:47:0e:
d5:d9:43:c2:46:2a:31:9e:33:a2:7d:80:47:b9:06:
33:50:aa:bc:43:9e:af:f1:6c:f2:0a:99:b6:64:a0:
01:fd:84:5f:6f:81:1e:22:30:19:1f:4b:3d:25:49:
5d:0f:0f:b3:3b:60:e9:49:ac:14:9c:0d:75:5d:2a:
a9:93:8e:e0:01:8f:e1:c6:fb:e5:8d:47:a5:3e:a0:
e2:f1:55:20:18:c5:db:62:5d:e5:95:a2:9d:6a:79:
38:b4:d8:35:27:ff:3d:20:cb:14:5b:87:73:68:b3:
23:ad:3f:aa:81:37:fc:61:b3:96:a9:a9:26:f9:6f:
43:50:7d:5e:8b:fa:65:67:d0:cf:69:7c:2d:f4:3b:
47:5a:9f:2d:1a:b0:40:67:ae:9c:f1:98:fd:dd:29:
c7:ad:06:68:e9:40:3e:d8:4d:96:2c:57:fe:78:3d:
43:8e:8b:ce:fe:62:68:4b:84:9e:f0:f5:34:3c:3d:
44:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:24:F2:98:24:03:A1:77:AC:57:AA:4B:DC:72:E1:10:04:0D:0A:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/99F8E3DEAD5C11EF8863CD40762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.125.0/24
Signature Algorithm: sha256WithRSAEncryption
98:3c:e4:18:56:31:ec:5e:e7:c5:e4:d6:da:9d:ae:41:3a:31:
8b:7b:95:2d:01:ab:dc:6f:59:74:b1:6b:17:7c:da:57:cd:bd:
b2:03:5e:a4:7d:88:49:20:c9:3c:31:ec:d4:6e:82:80:f5:c5:
ff:93:fe:31:2d:3c:6e:00:81:51:87:58:64:1d:49:9f:85:da:
df:17:94:31:19:94:a9:b8:8b:41:e6:cd:38:7d:66:70:8e:3a:
32:4c:c5:9e:0c:e6:a2:ac:79:a1:ff:17:78:b7:e6:f5:09:19:
94:71:2b:01:36:39:08:1c:8e:8f:84:70:55:91:67:a0:29:ac:
a4:7c:ae:71:21:34:a0:fd:62:43:e3:19:8c:41:7d:cb:bd:e3:
b4:3d:24:a9:96:d8:be:92:fe:64:ef:5d:f2:96:74:a9:fa:1e:
97:64:a1:90:2b:49:0f:71:d6:47:ed:85:d4:54:76:98:b2:97:
8c:bb:11:3a:c1:84:c2:06:f5:94:47:ec:2d:78:62:be:c2:6e:
fc:1b:c0:e4:70:c7:97:00:c8:eb:1b:e8:11:76:fe:0b:2d:90:
f5:77:b6:ee:f3:49:5f:1e:1e:d8:d3:c3:5f:58:8a:45:6c:01:
c3:97:bd:f6:52:00:44:59:68:05:80:1d:88:c9:ef:2d:c2:8d:
45:77:7c:c8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARTrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTI4MDc0NDI3WhcNMjUwMjExMDc0NDI3WjAYMRYw
FAYDVQQDEw02NzQ4MWY1ZS01OGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArhmPLordMvnVl7+/xNldqqOs/kTm8CfMkciwBcXLK/BUMPEq9ZQRvBbe
kIFGh71u/byYmg052KvM7e+KIlUUjqF1eF364DeyRw7V2UPCRioxnjOifYBHuQYz
UKq8Q56v8WzyCpm2ZKAB/YRfb4EeIjAZH0s9JUldDw+zO2DpSawUnA11XSqpk47g
AY/hxvvljUelPqDi8VUgGMXbYl3llaKdank4tNg1J/89IMsUW4dzaLMjrT+qgTf8
YbOWqakm+W9DUH1ei/plZ9DPaXwt9DtHWp8tGrBAZ66c8Zj93SnHrQZo6UA+2E2W
LFf+eD1DjovO/mJoS4Se8PU0PD1E3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLok
8pgkA6F3rFeqS9xy4RAEDQr1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OUY4RTNERUFENUMxMUVGODg2M0NENDA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlV9MA0GCSqGSIb3DQEB
CwUAA4IBAQCYPOQYVjHsXufF5Nbana5BOjGLe5UtAavcb1l0sWsXfNpXzb2yA16k
fYhJIMk8MezUboKA9cX/k/4xLTxuAIFRh1hkHUmfhdrfF5QxGZSpuItB5s04fWZw
jjoyTMWeDOairHmh/xd4t+b1CRmUcSsBNjkIHI6PhHBVkWegKaykfK5xITSg/WJD
4xmMQX3LveO0PSSplti+kv5k713ylnSp+h6XZKGQK0kPcdZH7YXUVHaYspeMuxE6
wYTCBvWUR+wteGK+wm78G8DkcMeXAMjrG+gRdv4LLZD1d7bu80lfHh7Y08NfWIpF
bAHDl732UgBEWWgFgB2Iye8two1Fd3zI
-----END CERTIFICATE-----
Generated at Mon Jan 13 07:49:54 2025 by rpki-client on console-fra.rpki-client.org