Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D8465E8950E11EF99C7527E762E951A.roa
File: 9D8465E8950E11EF99C7527E762E951A.roa (raw, json)
Hash identifier: iKnntE4nquXxQF+FAdA30y1w7gV2bYhzrzL8++ZLWyc=
Subject key identifier: FA:EC:0C:B4:A2:6F:43:F1:4D:99:97:FC:98:FC:F7:EF:A5:B9:84:6F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0102B3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D8465E8950E11EF99C7527E762E951A.roa
Signing time: Mon 28 Oct 2024 09:25:48 +0000
ROA not before: Mon 28 Oct 2024 09:25:44 +0000
ROA not after: Wed 27 Nov 2024 09:25:44 +0000
asID: 44559
IP address blocks: 154.203.224.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66227 (0x102b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 28 09:25:44 2024 GMT
Not After : Nov 27 09:25:44 2024 GMT
Subject: CN=671f589c-ba24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:10:20:4d:c3:e2:b9:af:d1:8c:a5:8c:01:8a:
de:93:c3:16:70:d5:20:a1:59:9c:51:0c:96:00:d0:
92:7f:42:2b:78:c1:05:f7:5f:a0:d2:06:1a:23:7a:
10:6f:27:57:79:a8:a1:82:f8:09:a9:73:48:69:7c:
de:62:4f:47:ae:b6:38:8b:e8:d0:35:8b:b1:be:e2:
fd:23:5c:31:fc:11:51:ee:f8:b1:2d:b0:2d:10:e6:
e8:6a:61:87:d9:c5:da:40:98:c7:fa:7a:55:68:3e:
1f:0a:5e:25:5c:1b:5c:56:c5:71:bb:39:e5:49:e6:
33:a7:68:d5:dd:31:9a:90:75:1c:18:47:d4:aa:d0:
f2:80:2c:d2:0f:a1:64:e5:5f:80:1b:5d:6a:ed:bd:
1b:f6:0a:96:08:43:e7:b3:8c:5f:b4:83:e9:cb:07:
ab:fe:9d:cb:78:3c:e0:a6:c9:d0:83:5a:0c:d5:bc:
3a:2f:d4:a0:44:3f:a5:21:d6:62:74:bb:2d:04:7f:
15:f6:d0:a6:fc:5e:a2:73:e9:f8:fe:c0:b0:ff:e8:
a2:19:2c:07:9c:8a:1f:b5:60:c4:49:03:88:57:2a:
7f:0f:26:99:e9:90:20:9a:2e:79:b5:12:ee:f4:ab:
c0:39:6f:4a:79:30:2b:5c:e7:84:c5:78:1e:90:a4:
2d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EC:0C:B4:A2:6F:43:F1:4D:99:97:FC:98:FC:F7:EF:A5:B9:84:6F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9D8465E8950E11EF99C7527E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.224.0/21
Signature Algorithm: sha256WithRSAEncryption
67:e7:c8:d6:31:90:53:cd:40:34:23:16:85:5a:19:f2:6c:7e:
56:ce:e6:0e:77:09:94:6d:9a:77:d1:96:5c:e9:11:3f:45:f4:
4a:35:74:d8:fa:62:2f:f0:ba:e0:95:40:b9:8e:e0:50:4c:36:
65:87:3e:b0:db:51:55:49:eb:31:04:8b:57:cd:2e:73:ce:70:
7c:c4:31:1e:33:dd:40:82:fb:16:26:7d:22:14:d8:df:ee:bd:
4d:9a:35:f7:d1:2c:15:f0:55:92:12:96:10:41:d1:f0:03:74:
69:49:5f:59:af:1c:cc:85:b6:c8:5b:59:52:aa:92:22:55:e2:
10:14:53:ae:a9:ab:07:e2:32:d9:cd:aa:c3:a4:01:b0:ba:65:
17:60:4f:92:25:93:99:59:50:6e:ce:c9:f1:d1:c0:c5:19:92:
4c:2b:da:bc:48:e7:a4:1b:89:80:8e:bf:89:37:1e:5f:85:68:
84:21:44:5f:6e:92:b3:3a:f9:4f:bd:52:00:b7:eb:3f:f0:f8:
70:95:e5:c7:f8:1d:42:66:a2:f3:dd:dc:ab:fc:d6:1b:c1:22:
78:ad:b1:6a:55:ec:a0:2a:d6:14:1b:14:21:d3:14:e5:e7:ec:
30:6c:76:1d:43:fa:7d:d1:32:32:18:0f:60:a6:ce:0d:73:e0:
a0:4f:99:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQKzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDI4MDkyNTQ0WhcNMjQxMTI3MDkyNTQ0WjAYMRYw
FAYDVQQDEw02NzFmNTg5Yy1iYTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyBAgTcPiua/RjKWMAYrek8MWcNUgoVmcUQyWANCSf0IreMEF91+g0gYa
I3oQbydXeaihgvgJqXNIaXzeYk9HrrY4i+jQNYuxvuL9I1wx/BFR7vixLbAtEObo
amGH2cXaQJjH+npVaD4fCl4lXBtcVsVxuznlSeYzp2jV3TGakHUcGEfUqtDygCzS
D6Fk5V+AG11q7b0b9gqWCEPns4xftIPpywer/p3LeDzgpsnQg1oM1bw6L9SgRD+l
IdZidLstBH8V9tCm/F6ic+n4/sCw/+iiGSwHnIoftWDESQOIVyp/DyaZ6ZAgmi55
tRLu9KvAOW9KeTArXOeExXgekKQtZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPrs
DLSib0PxTZmX/Jj89++luYRvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85RDg0NjVFODk1MEUxMUVGOTlDNzUyN0U3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmsvgMA0GCSqGSIb3DQEB
CwUAA4IBAQBn58jWMZBTzUA0IxaFWhnybH5WzuYOdwmUbZp30ZZc6RE/RfRKNXTY
+mIv8LrglUC5juBQTDZlhz6w21FVSesxBItXzS5zznB8xDEeM91AgvsWJn0iFNjf
7r1NmjX30SwV8FWSEpYQQdHwA3RpSV9ZrxzMhbbIW1lSqpIiVeIQFFOuqasH4jLZ
zarDpAGwumUXYE+SJZOZWVBuzsnx0cDFGZJMK9q8SOekG4mAjr+JNx5fhWiEIURf
bpKzOvlPvVIAt+s/8PhwleXH+B1CZqLz3dyr/NYbwSJ4rbFqVeygKtYUGxQh0xTl
5+wwbHYdQ/p90TIyGA9gps4Nc+CgT5mU
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:20 2024 by rpki-client on console-ams.rpki-client.org