Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5937900A26E11EFAE92406C762E951A.roa
File: A5937900A26E11EFAE92406C762E951A.roa (raw, json)
Hash identifier: SIzQuOUQzq94iexY/0IJFSEZ9ZmgqDZjQGCz8f+oAO0=
Subject key identifier: 12:4D:71:59:15:1E:2B:64:45:6B:92:CD:7F:06:5E:32:9E:2A:11:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010D04
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5937900A26E11EFAE92406C762E951A.roa
Signing time: Thu 14 Nov 2024 09:55:58 +0000
ROA not before: Thu 14 Nov 2024 09:55:54 +0000
ROA not after: Sat 23 Nov 2024 09:55:54 +0000
asID: 137443
IP address blocks: 154.223.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 09:55:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68868 (0x10d04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 14 09:55:54 2024 GMT
Not After : Nov 23 09:55:54 2024 GMT
Subject: CN=6735c92e-9cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:3a:75:61:0f:cd:64:6d:8a:6b:a9:1c:16:
27:a3:84:4c:3f:15:c5:70:48:18:0e:8a:97:d1:f2:
f4:7d:92:02:4a:be:5a:cf:50:79:c0:de:8a:dc:2c:
6b:1a:fd:12:76:ef:fd:4f:3d:86:3d:92:07:d5:10:
9d:9e:f0:3f:2c:6d:4f:f0:90:b5:70:22:96:4a:3f:
05:da:88:e9:d8:6d:84:14:bb:33:99:16:86:35:ec:
62:9f:f8:87:e5:f1:85:14:f7:26:14:e7:a6:b1:82:
07:4d:3c:cc:a4:46:15:b9:25:88:41:80:c6:ee:d2:
a6:40:57:06:8a:dd:5c:fe:ab:2b:1c:45:83:9d:89:
e6:fb:13:6e:76:56:ae:eb:29:19:aa:9b:e0:0e:cb:
6e:36:16:52:de:e7:57:0d:55:c3:a1:1b:b4:6d:5f:
d6:9d:b5:e9:32:98:54:b6:1b:66:1d:05:0e:4f:b3:
46:b6:ed:46:6b:44:4f:63:2e:be:a9:1c:cb:81:ce:
d8:ec:88:fc:fe:f7:e1:d0:5a:ce:f3:63:72:42:f8:
3e:47:3b:e7:5f:91:d5:43:4d:43:a0:db:75:6b:19:
7e:5e:eb:e8:97:ce:7d:c3:98:1e:a1:a1:7b:46:53:
e5:3a:c2:72:ed:e5:78:e0:f7:d3:30:63:00:44:ea:
99:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:4D:71:59:15:1E:2B:64:45:6B:92:CD:7F:06:5E:32:9E:2A:11:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5937900A26E11EFAE92406C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.188.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:bc:3f:f1:d2:c5:bf:e9:a8:44:cc:45:7d:3a:32:a2:45:3e:
cd:81:26:62:f4:c8:00:bc:19:51:d4:1c:2a:41:dc:26:b6:2a:
14:08:6e:45:fb:55:c4:f1:e0:9b:35:dd:2f:e0:96:44:f5:26:
13:31:e3:7e:4f:d8:26:0f:e7:af:f2:87:cf:82:5e:98:bd:69:
4a:26:22:3e:c6:bd:73:e3:07:fa:36:78:7c:99:b3:44:e4:65:
d9:0c:db:34:84:8f:7b:49:bf:0f:33:d9:2f:4a:52:3b:f7:87:
a7:d2:5b:d6:95:1f:7e:47:4c:fd:a6:76:c0:42:e2:01:17:a1:
36:24:66:b1:30:8d:8d:ea:d4:4c:3d:9d:fb:3b:8d:9e:10:81:
6f:fc:ee:24:7b:b4:c1:22:f0:4c:50:84:96:b0:f0:98:bf:74:
91:5f:ab:f2:36:34:54:f7:1c:d0:74:d6:5c:ba:88:20:ca:62:
55:05:c2:85:3d:16:34:33:7c:65:a8:b7:bc:d8:28:6d:0d:82:
36:cb:a4:80:36:be:36:8f:b5:02:3b:00:51:f2:d8:40:59:f3:
2b:74:62:da:ae:32:12:b9:95:f4:6c:8e:2c:52:2f:ba:69:f6:
09:10:10:96:40:c1:0e:bc:7f:d7:db:3c:0c:97:3e:3f:a7:b5:
35:48:9a:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ0EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE0MDk1NTU0WhcNMjQxMTIzMDk1NTU0WjAYMRYw
FAYDVQQDEw02NzM1YzkyZS05Y2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAupY6dWEPzWRtimupHBYno4RMPxXFcEgYDoqX0fL0fZICSr5az1B5wN6K
3CxrGv0Sdu/9Tz2GPZIH1RCdnvA/LG1P8JC1cCKWSj8F2ojp2G2EFLszmRaGNexi
n/iH5fGFFPcmFOemsYIHTTzMpEYVuSWIQYDG7tKmQFcGit1c/qsrHEWDnYnm+xNu
dlau6ykZqpvgDstuNhZS3udXDVXDoRu0bV/WnbXpMphUthtmHQUOT7NGtu1Ga0RP
Yy6+qRzLgc7Y7Ij8/vfh0FrO82NyQvg+RzvnX5HVQ01DoNt1axl+Xuvol859w5ge
oaF7RlPlOsJy7eV44PfTMGMAROqZdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBJN
cVkVHitkRWuSzX8GXjKeKhH3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNTkzNzkwMEEyNkUxMUVGQUU5MjQwNkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt+8MA0GCSqGSIb3DQEB
CwUAA4IBAQBKvD/x0sW/6ahEzEV9OjKiRT7NgSZi9MgAvBlR1BwqQdwmtioUCG5F
+1XE8eCbNd0v4JZE9SYTMeN+T9gmD+ev8ofPgl6YvWlKJiI+xr1z4wf6Nnh8mbNE
5GXZDNs0hI97Sb8PM9kvSlI794en0lvWlR9+R0z9pnbAQuIBF6E2JGaxMI2N6tRM
PZ37O42eEIFv/O4ke7TBIvBMUISWsPCYv3SRX6vyNjRU9xzQdNZcuoggymJVBcKF
PRY0M3xlqLe82ChtDYI2y6SANr42j7UCOwBR8thAWfMrdGLarjISuZX0bI4sUi+6
afYJEBCWQMEOvH/X2zwMlz4/p7U1SJr0
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:19 2024 by rpki-client on console-fra.rpki-client.org