Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A93DCFD0E1FB11EE8CEB438D775412E6.roa
File: A93DCFD0E1FB11EE8CEB438D775412E6.roa (raw, json)
Hash identifier: +McgrGeH6KT6brA+6g26MzzusuJQ+Ko09X6Kct0aPPw=
Subject key identifier: D2:2C:71:8B:53:65:68:A7:3D:98:EC:3B:BA:40:CB:88:A8:24:A1:73
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: A140
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A93DCFD0E1FB11EE8CEB438D775412E6.roa
Signing time: Thu 14 Mar 2024 12:09:09 +0000
ROA not before: Thu 14 Mar 2024 12:09:04 +0000
ROA not after: Mon 10 Mar 2025 12:09:04 +0000
asID: 55720
IP address blocks: 154.220.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41280 (0xa140)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 14 12:09:04 2024 GMT
Not After : Mar 10 12:09:04 2025 GMT
Subject: CN=65f2e8e5-a220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e9:98:b4:84:f0:6d:fa:61:8c:03:09:c6:34:
14:eb:15:be:2e:3c:e0:6d:81:58:ec:b5:76:27:18:
cd:99:da:e2:8c:7c:57:df:01:29:6d:3c:87:f1:63:
13:bf:3a:67:db:04:89:92:46:34:d3:43:c1:e6:c1:
bd:4d:9e:3d:36:e8:ce:40:26:56:80:d6:f9:e9:e9:
dc:eb:0e:81:ea:8f:06:db:4e:2c:f6:50:70:28:04:
80:11:c2:77:03:aa:ec:10:35:c4:94:c4:8d:2e:c9:
bd:b7:16:73:3e:cd:f4:71:de:fc:de:5b:56:80:bf:
08:98:f8:b3:2c:e1:e8:96:f0:14:77:74:47:1b:9a:
0f:ae:22:09:c2:5b:b3:7b:77:1c:5c:49:18:ec:ed:
6f:44:18:23:82:97:9d:1e:c8:2c:52:68:21:c4:5d:
a8:b3:7d:82:57:f0:66:32:5e:d4:19:35:6d:a2:e2:
58:ee:56:00:96:d1:ef:72:df:69:1e:72:9f:2f:fa:
31:26:0e:f4:5c:76:86:12:29:0e:8e:8e:e2:62:1a:
bf:cd:dc:b2:49:c9:d5:59:5b:dd:2b:8e:54:d2:f6:
bb:10:9e:75:c7:95:77:42:ba:f6:de:25:24:a6:6c:
24:ab:8a:d4:91:f4:0d:60:8a:9e:d6:0f:32:32:ed:
37:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2C:71:8B:53:65:68:A7:3D:98:EC:3B:BA:40:CB:88:A8:24:A1:73
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A93DCFD0E1FB11EE8CEB438D775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.2.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c0:20:c0:58:29:4d:58:14:d5:9e:72:c1:b0:d6:5b:2b:5b:
16:0b:f0:df:a5:0a:db:40:d6:07:9d:17:38:58:12:47:50:da:
ee:39:13:0f:bc:e4:c8:6f:28:5a:d0:a9:5e:ce:4e:a6:32:14:
24:b4:fe:0f:92:f9:ba:61:9a:d3:85:5d:e9:e1:61:48:b5:a4:
b4:45:29:9e:86:b5:33:b3:52:fc:b5:fc:61:cd:b9:af:47:ba:
4f:d3:2e:56:1b:9d:69:04:f2:cd:15:8b:b4:4b:de:7c:8c:43:
11:f2:8d:3a:cb:f8:7f:f8:65:41:ad:1c:30:ca:d1:a1:3a:aa:
63:2c:a2:10:0f:b3:9e:9c:7a:7d:dd:f2:f3:02:e1:c6:74:7c:
f0:de:ab:bf:0c:6f:a3:c3:50:e5:80:38:18:8b:42:62:c3:29:
d1:cf:75:3a:d4:1a:6c:0c:5f:b9:b8:e9:93:3c:b6:a6:9a:8a:
ad:30:33:8f:7e:9b:c6:4d:3e:43:dc:be:f3:bf:22:a5:35:9a:
c8:d8:53:33:6d:90:6f:43:87:4b:48:cc:92:03:5a:85:94:92:
b2:2d:47:5c:40:9d:cb:78:98:23:18:e3:51:d1:f6:23:51:a3:
46:c9:ba:96:27:7f:7d:6f:69:18:33:48:08:f3:19:4d:1c:12:
71:14:34:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKFAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMzE0MTIwOTA0WhcNMjUwMzEwMTIwOTA0WjAYMRYw
FAYDVQQDEw02NWYyZThlNS1hMjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7OmYtITwbfphjAMJxjQU6xW+LjzgbYFY7LV2JxjNmdrijHxX3wEpbTyH
8WMTvzpn2wSJkkY000PB5sG9TZ49NujOQCZWgNb56enc6w6B6o8G204s9lBwKASA
EcJ3A6rsEDXElMSNLsm9txZzPs30cd783ltWgL8ImPizLOHolvAUd3RHG5oPriIJ
wluze3ccXEkY7O1vRBgjgpedHsgsUmghxF2os32CV/BmMl7UGTVtouJY7lYAltHv
ct9pHnKfL/oxJg70XHaGEikOjo7iYhq/zdyyScnVWVvdK45U0va7EJ51x5V3Qrr2
3iUkpmwkq4rUkfQNYIqe1g8yMu03/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNIs
cYtTZWinPZjsO7pAy4ioJKFzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOTNEQ0ZEMEUxRkIxMUVFOENFQjQzOEQ3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtwCMA0GCSqGSIb3DQEB
CwUAA4IBAQCawCDAWClNWBTVnnLBsNZbK1sWC/DfpQrbQNYHnRc4WBJHUNruORMP
vOTIbyha0Klezk6mMhQktP4Pkvm6YZrThV3p4WFItaS0RSmehrUzs1L8tfxhzbmv
R7pP0y5WG51pBPLNFYu0S958jEMR8o06y/h/+GVBrRwwytGhOqpjLKIQD7OenHp9
3fLzAuHGdHzw3qu/DG+jw1DlgDgYi0JiwynRz3U61BpsDF+5uOmTPLammoqtMDOP
fpvGTT5D3L7zvyKlNZrI2FMzbZBvQ4dLSMySA1qFlJKyLUdcQJ3LeJgjGONR0fYj
UaNGybqWJ399b2kYM0gI8xlNHBJxFDQc
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:19 2024 by rpki-client on console-fra.rpki-client.org