Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7892CA69B8311EF885B50B6762E951A.roa
File: A7892CA69B8311EF885B50B6762E951A.roa (raw, json)
Hash identifier: ks00prBYoz3xqAg0kJS/iSYx2VeJKVO7Zz+lLKncR1Y=
Subject key identifier: CF:55:2C:57:38:92:12:57:6E:50:46:61:3C:DB:C0:10:F5:C9:28:20
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010803
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7892CA69B8311EF885B50B6762E951A.roa
Signing time: Tue 05 Nov 2024 14:38:43 +0000
ROA not before: Tue 05 Nov 2024 14:38:39 +0000
ROA not after: Mon 20 Jan 2025 14:38:39 +0000
asID: 135097
IP address blocks: 154.212.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67587 (0x10803)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 5 14:38:39 2024 GMT
Not After : Jan 20 14:38:39 2025 GMT
Subject: CN=672a2df2-8741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1f:6d:5a:f1:66:7e:82:77:5f:83:b9:c6:62:
08:01:2c:e8:d0:da:a0:c2:7a:c9:0a:60:07:2c:2e:
e6:f4:7a:7b:dc:bf:7e:5d:bf:ce:87:11:59:d2:91:
48:c9:53:d6:f8:8d:12:b1:31:72:fd:9f:a9:77:bb:
9b:1e:ef:cc:fd:51:cf:2a:c2:be:82:73:62:79:a1:
ad:36:53:b8:b4:75:34:14:95:e6:a9:04:fd:b6:1e:
0f:42:96:72:63:ab:cb:8e:cc:9e:34:e6:22:c9:12:
12:36:28:3c:16:5e:9e:85:ee:07:63:2b:d3:42:73:
cd:5b:a0:f3:09:9d:a9:1b:60:4d:66:65:4d:12:1a:
6a:7a:e0:03:c2:ce:d0:41:4f:b5:f4:45:2e:62:f2:
ba:6d:be:b2:8c:8b:c8:de:24:77:b4:de:2a:d0:9a:
38:75:2c:e9:bc:80:d1:c1:39:fa:3f:cf:b2:0b:b1:
0f:c1:c8:d5:43:a9:3f:7e:1d:5f:5a:72:3f:f9:d3:
7c:d3:9b:6a:51:93:ff:c6:cc:c8:5d:ad:23:c3:91:
43:4f:a6:ef:8c:79:28:af:ed:2f:fd:61:d4:e9:8e:
03:2f:1a:72:72:3f:ed:0c:1c:93:7f:56:1b:7b:09:
36:fd:e5:e4:3a:12:38:14:51:e2:29:5a:a7:05:66:
cf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:55:2C:57:38:92:12:57:6E:50:46:61:3C:DB:C0:10:F5:C9:28:20
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A7892CA69B8311EF885B50B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.176.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:a1:f2:60:c8:d0:51:63:f8:32:b6:80:c7:ea:ca:01:58:59:
81:fd:b3:98:3c:09:ba:83:84:47:af:83:db:20:b2:ce:c1:ac:
be:bc:c8:5d:1e:a3:79:dd:c3:c0:30:9b:94:70:9b:c2:30:c6:
61:db:94:64:1f:11:a1:ca:12:c1:37:1b:27:fc:97:e7:d6:ce:
00:15:a6:6e:2d:1d:fe:bc:c5:38:c4:3e:cb:18:19:4e:ac:1d:
27:3e:33:98:52:a3:07:74:6f:ae:a3:1e:18:57:06:e3:8a:46:
38:50:1f:c2:3a:56:6a:1f:a7:4b:33:9d:15:29:22:a6:19:28:
fc:1b:42:9c:75:cc:32:fc:bc:ed:2d:6f:55:86:b7:9c:b1:af:
17:25:53:9a:79:1b:d0:4d:67:bc:1d:56:18:87:00:5c:e2:e4:
8c:0d:3b:6f:6e:b2:74:ba:48:6b:6e:1b:1b:22:6c:84:7e:38:
21:44:13:02:78:59:cc:0b:74:af:31:09:bf:05:eb:f4:61:7c:
c0:04:6a:b5:ff:b5:77:8b:3c:af:c7:d7:40:69:5d:11:8d:b9:
9e:b1:25:1a:b3:a9:b0:21:1a:51:fd:ee:df:f5:30:86:28:55:
c2:70:96:3b:da:85:37:9e:7f:1b:92:d6:dd:ad:33:85:be:ab:
28:af:ec:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQgDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTQzODM5WhcNMjUwMTIwMTQzODM5WjAYMRYw
FAYDVQQDEw02NzJhMmRmMi04NzQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvh9tWvFmfoJ3X4O5xmIIASzo0NqgwnrJCmAHLC7m9Hp73L9+Xb/OhxFZ
0pFIyVPW+I0SsTFy/Z+pd7ubHu/M/VHPKsK+gnNieaGtNlO4tHU0FJXmqQT9th4P
QpZyY6vLjsyeNOYiyRISNig8Fl6ehe4HYyvTQnPNW6DzCZ2pG2BNZmVNEhpqeuAD
ws7QQU+19EUuYvK6bb6yjIvI3iR3tN4q0Jo4dSzpvIDRwTn6P8+yC7EPwcjVQ6k/
fh1fWnI/+dN805tqUZP/xszIXa0jw5FDT6bvjHkor+0v/WHU6Y4DLxpycj/tDByT
f1Ybewk2/eXkOhI4FFHiKVqnBWbPdwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM9V
LFc4khJXblBGYTzbwBD1ySggMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNzg5MkNBNjlCODMxMUVGODg1QjUwQjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtSwMA0GCSqGSIb3DQEB
CwUAA4IBAQB9ofJgyNBRY/gytoDH6soBWFmB/bOYPAm6g4RHr4PbILLOway+vMhd
HqN53cPAMJuUcJvCMMZh25RkHxGhyhLBNxsn/Jfn1s4AFaZuLR3+vMU4xD7LGBlO
rB0nPjOYUqMHdG+uox4YVwbjikY4UB/COlZqH6dLM50VKSKmGSj8G0Kcdcwy/Lzt
LW9Vhrecsa8XJVOaeRvQTWe8HVYYhwBc4uSMDTtvbrJ0ukhrbhsbImyEfjghRBMC
eFnMC3SvMQm/Bev0YXzABGq1/7V3izyvx9dAaV0RjbmesSUas6mwIRpR/e7f9TCG
KFXCcJY72oU3nn8bktbdrTOFvqsor+wJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:21 2024 by rpki-client on console-ams.rpki-client.org