Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AE672AAA44E11EF9D4C36B9762E951A.roa
File: 9AE672AAA44E11EF9D4C36B9762E951A.roa (raw, json)
Hash identifier: ZMB+gMReYmOjkLa6EY7lkaJAJ/gCNz8pHVtOu+o5D3Y=
Subject key identifier: 18:2A:78:9C:33:46:45:CA:8B:2F:3E:3F:05:23:4D:15:AD:57:48:F6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010E0B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AE672AAA44E11EF9D4C36B9762E951A.roa
Signing time: Sat 16 Nov 2024 19:11:38 +0000
ROA not before: Sat 16 Nov 2024 19:11:34 +0000
ROA not after: Mon 25 Nov 2024 19:11:34 +0000
asID: 9009
IP address blocks: 154.95.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 08:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69131 (0x10e0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 16 19:11:34 2024 GMT
Not After : Nov 25 19:11:34 2024 GMT
Subject: CN=6738ee6a-d380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:86:7d:be:a9:28:85:d9:d8:1e:2d:a1:50:c8:
73:06:4c:28:d2:d9:45:db:56:15:70:01:94:ab:ce:
ff:6b:a0:51:cb:ca:cd:2e:0b:01:c5:f8:91:e6:c4:
27:86:78:23:9b:e0:3d:c5:27:e2:31:78:0a:d1:9d:
12:c3:80:fd:4e:56:da:64:5c:87:73:96:41:34:74:
d2:39:ea:0d:cc:47:84:90:de:14:87:e7:bc:dd:62:
d0:94:41:82:b7:00:4c:1e:09:0a:e0:2b:88:09:c7:
bb:d7:0c:90:12:2d:57:78:ff:34:1f:4c:e2:bb:1a:
9e:29:66:c3:8c:0a:97:2a:58:2b:28:4d:b0:0d:4b:
da:66:29:b2:76:98:49:5f:0b:62:46:31:75:b6:61:
03:9f:7b:8d:ec:0c:ad:e1:b0:a5:4b:02:73:c0:b0:
d4:0a:a4:e7:4c:d6:0a:e0:08:7a:dd:e2:6c:0a:2a:
b3:ef:66:6d:5b:18:ee:7f:03:a1:20:7e:ef:13:2e:
66:40:38:1f:ea:40:58:91:4e:07:20:f7:39:fc:7d:
6c:dd:d3:79:ad:b6:82:b0:fa:14:35:71:70:da:4e:
d9:ab:b9:1e:fa:f6:a0:74:f7:ff:d8:e4:bc:3c:8c:
bb:d2:ad:21:91:22:57:0d:0f:34:4c:6b:76:b3:95:
fb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:2A:78:9C:33:46:45:CA:8B:2F:3E:3F:05:23:4D:15:AD:57:48:F6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AE672AAA44E11EF9D4C36B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.0.0/23
Signature Algorithm: sha256WithRSAEncryption
24:08:1b:09:65:52:ec:53:38:47:4c:9e:4f:b0:de:b2:e1:c7:
ff:35:15:ef:28:19:ef:ef:e0:43:f0:fb:79:7e:5e:f6:74:3d:
2d:41:15:45:24:d2:2b:ac:91:10:61:e3:9a:84:52:6d:44:ea:
c3:8d:b7:d1:15:2f:d4:37:3a:ad:ed:b6:b0:66:74:82:38:5a:
5a:33:d6:7e:95:a8:96:63:43:23:6b:24:54:93:2d:05:54:31:
4c:ea:eb:c2:7e:58:ef:cb:5f:1b:9b:85:d0:aa:52:0f:39:56:
31:73:83:90:29:df:fa:c6:56:ed:a5:e5:d1:c6:5d:37:1c:18:
b2:53:8e:84:09:38:25:f0:73:e5:8d:ee:2e:fd:7a:15:44:7b:
b8:01:db:df:75:2f:f5:70:74:28:41:20:f9:6d:bc:24:a2:c2:
24:de:e8:03:34:e9:a9:c8:18:c6:41:f5:d1:cd:a3:d3:f2:e4:
f3:3e:60:e5:96:19:b0:58:07:d4:7a:87:e9:0a:c8:0a:b8:9b:
7a:77:6d:fe:85:ce:40:d1:f0:71:a0:45:f3:b5:28:b3:9e:26:
e6:7f:48:1c:68:37:1d:5f:de:b9:b5:55:41:58:e9:30:9d:31:
a8:0a:11:fd:40:5f:d8:68:75:dc:a0:22:e2:8d:11:8b:60:91:
05:2a:a3:25
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ4LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE2MTkxMTM0WhcNMjQxMTI1MTkxMTM0WjAYMRYw
FAYDVQQDEw02NzM4ZWU2YS1kMzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6oZ9vqkohdnYHi2hUMhzBkwo0tlF21YVcAGUq87/a6BRy8rNLgsBxfiR
5sQnhngjm+A9xSfiMXgK0Z0Sw4D9TlbaZFyHc5ZBNHTSOeoNzEeEkN4Uh+e83WLQ
lEGCtwBMHgkK4CuICce71wyQEi1XeP80H0ziuxqeKWbDjAqXKlgrKE2wDUvaZimy
dphJXwtiRjF1tmEDn3uN7Ayt4bClSwJzwLDUCqTnTNYK4Ah63eJsCiqz72ZtWxju
fwOhIH7vEy5mQDgf6kBYkU4HIPc5/H1s3dN5rbaCsPoUNXFw2k7Zq7ke+vagdPf/
2OS8PIy70q0hkSJXDQ80TGt2s5X7YQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBgq
eJwzRkXKiy8+PwUjTRWtV0j2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QUU2NzJBQUE0NEUxMUVGOUQ0QzM2Qjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml8AMA0GCSqGSIb3DQEB
CwUAA4IBAQAkCBsJZVLsUzhHTJ5PsN6y4cf/NRXvKBnv7+BD8Pt5fl72dD0tQRVF
JNIrrJEQYeOahFJtROrDjbfRFS/UNzqt7bawZnSCOFpaM9Z+laiWY0MjayRUky0F
VDFM6uvCfljvy18bm4XQqlIPOVYxc4OQKd/6xlbtpeXRxl03HBiyU46ECTgl8HPl
je4u/XoVRHu4AdvfdS/1cHQoQSD5bbwkosIk3ugDNOmpyBjGQfXRzaPT8uTzPmDl
lhmwWAfUeofpCsgKuJt6d23+hc5A0fBxoEXztSiznibmf0gcaDcdX965tVVBWOkw
nTGoChH9QF/YaHXcoCLijRGLYJEFKqMl
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:58 2024 by rpki-client on console-fra.rpki-client.org