Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1D169187CA711EFAEA0A7B4762E951A.roa
File: A1D169187CA711EFAEA0A7B4762E951A.roa (raw, json)
Hash identifier: AOVoJJRDBSNd6dUmQlomRwEI03sCP6VHRad3RlGhso8=
Subject key identifier: C1:CC:36:EC:9C:59:CB:44:86:66:E7:6F:DD:83:E2:AF:29:0F:20:A8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: F3D6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1D169187CA711EFAEA0A7B4762E951A.roa
Signing time: Fri 27 Sep 2024 08:08:09 +0000
ROA not before: Fri 27 Sep 2024 08:08:05 +0000
ROA not after: Tue 30 Sep 2025 08:08:05 +0000
asID: 201411
IP address blocks: 154.205.188.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62422 (0xf3d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 27 08:08:05 2024 GMT
Not After : Sep 30 08:08:05 2025 GMT
Subject: CN=66f667e9-aae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:37:c4:7a:64:af:81:b5:da:11:ea:83:38:31:
09:81:34:fb:89:90:7a:6c:df:03:f3:81:92:c2:7b:
18:82:2e:bf:7b:46:26:ff:fa:e2:2d:1a:4f:f1:19:
7d:94:bb:3a:b2:5d:01:fa:8b:a2:16:2b:aa:79:b4:
3e:35:3c:ed:e6:f5:b7:00:8d:a2:10:38:ed:da:57:
c1:5f:5a:a0:9c:64:8b:e8:ed:ee:ba:4c:9f:79:4c:
cf:22:e6:6f:d3:36:98:ac:12:01:bb:5e:90:1d:d4:
96:33:a8:dc:ab:70:62:8d:e1:c0:a8:3d:e4:5b:34:
35:c8:7c:69:34:7d:8b:e4:05:11:53:54:6a:01:8d:
2c:db:83:62:b0:11:fc:be:69:31:6d:5c:5d:b9:62:
87:d6:6b:0e:65:3a:df:28:53:69:40:5b:6f:9a:d9:
da:fa:2f:f5:3b:ac:42:42:b6:4f:08:43:72:88:e8:
6c:99:62:f2:d4:45:4b:68:ee:74:e1:01:19:ca:86:
c6:70:50:52:6f:ed:31:e1:af:0a:57:29:d6:6a:95:
f0:92:db:d2:56:96:20:5f:91:21:e9:23:63:f5:4d:
ce:cb:9c:70:d9:e6:17:29:c9:0a:db:a5:0e:17:ee:
2c:77:6a:0c:d0:bd:f0:a1:ba:46:e8:06:13:2f:c8:
89:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CC:36:EC:9C:59:CB:44:86:66:E7:6F:DD:83:E2:AF:29:0F:20:A8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A1D169187CA711EFAEA0A7B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.188.0/23
Signature Algorithm: sha256WithRSAEncryption
31:25:55:df:74:bc:cd:a6:2b:e4:f4:b7:03:a1:32:01:bb:b6:
aa:39:3a:02:41:f5:fe:85:19:51:20:b3:04:c0:87:5b:f3:a4:
59:3a:39:21:9f:23:41:1c:a9:ca:be:37:df:f4:2a:2f:65:69:
08:6b:e6:d8:af:71:55:27:b0:27:64:cb:00:78:55:17:72:19:
57:85:85:1f:1e:11:13:1a:be:ae:24:8f:f6:ca:f0:95:b7:48:
ac:51:75:44:55:06:6c:61:ed:c9:d3:4d:70:c5:3a:fc:79:f6:
d5:43:77:05:97:57:05:aa:e3:96:d8:1a:48:6c:05:23:da:48:
08:d4:0f:ef:e4:70:cd:d7:1b:4f:45:ca:c3:f3:ee:ae:7d:4c:
14:7b:7f:f4:f8:3d:37:30:99:03:70:1b:ed:aa:d1:5e:5d:67:
5c:fc:f2:b9:e4:19:f5:a4:00:41:d7:95:9e:80:63:4a:e1:b0:
37:fe:f4:57:b0:ef:89:90:fa:ee:4f:ba:08:f9:d1:ee:81:b4:
b3:dd:19:04:97:53:a3:dd:59:d3:cf:67:d5:2c:8a:c7:c5:07:
28:4b:34:c6:73:6c:b2:eb:4e:dd:e6:a4:6a:39:72:3d:9e:9a:
31:be:a0:50:8f:6f:54:1a:31:0b:a9:13:c2:83:45:bb:37:96:
a7:4b:7a:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAPPWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTI3MDgwODA1WhcNMjUwOTMwMDgwODA1WjAYMRYw
FAYDVQQDEw02NmY2NjdlOS1hYWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzjfEemSvgbXaEeqDODEJgTT7iZB6bN8D84GSwnsYgi6/e0Ym//riLRpP
8Rl9lLs6sl0B+ouiFiuqebQ+NTzt5vW3AI2iEDjt2lfBX1qgnGSL6O3uukyfeUzP
IuZv0zaYrBIBu16QHdSWM6jcq3BijeHAqD3kWzQ1yHxpNH2L5AURU1RqAY0s24Ni
sBH8vmkxbVxduWKH1msOZTrfKFNpQFtvmtna+i/1O6xCQrZPCENyiOhsmWLy1EVL
aO504QEZyobGcFBSb+0x4a8KVynWapXwktvSVpYgX5Eh6SNj9U3Oy5xw2eYXKckK
26UOF+4sd2oM0L3wobpG6AYTL8iJfQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMHM
NuycWctEhmbnb92D4q8pDyCoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMUQxNjkxODdDQTcxMUVGQUVBMEE3QjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms28MA0GCSqGSIb3DQEB
CwUAA4IBAQAxJVXfdLzNpivk9LcDoTIBu7aqOToCQfX+hRlRILMEwIdb86RZOjkh
nyNBHKnKvjff9CovZWkIa+bYr3FVJ7AnZMsAeFUXchlXhYUfHhETGr6uJI/2yvCV
t0isUXVEVQZsYe3J001wxTr8efbVQ3cFl1cFquOW2BpIbAUj2kgI1A/v5HDN1xtP
RcrD8+6ufUwUe3/0+D03MJkDcBvtqtFeXWdc/PK55Bn1pABB15WegGNK4bA3/vRX
sO+JkPruT7oI+dHugbSz3RkEl1Oj3VnTz2fVLIrHxQcoSzTGc2yy607d5qRqOXI9
npoxvqBQj29UGjELqRPCg0W7N5anS3oI
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:18 2024 by rpki-client on console-fra.rpki-client.org