Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA1C39569D1611EF92DA03A6762E951A.roa
File: AA1C39569D1611EF92DA03A6762E951A.roa (raw, json)
Hash identifier: cNIg6bN9ngwAVJz4AeRIiMqKLDcZAGXlhLtLRlSdflM=
Subject key identifier: 3B:20:FB:AA:54:7F:D8:7C:20:75:7E:B2:F8:01:41:20:C9:37:BD:2C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01094F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA1C39569D1611EF92DA03A6762E951A.roa
Signing time: Thu 07 Nov 2024 14:43:34 +0000
ROA not before: Thu 07 Nov 2024 14:43:30 +0000
ROA not after: Wed 05 Nov 2025 14:43:30 +0000
asID: 133448
IP address blocks: 154.223.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67919 (0x1094f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 14:43:30 2024 GMT
Not After : Nov 5 14:43:30 2025 GMT
Subject: CN=672cd216-16a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:22:53:9f:45:b5:60:5b:fd:33:ae:f5:11:71:
dc:67:b5:c9:43:77:b7:23:70:37:5f:2a:3e:62:3a:
9f:c4:32:52:8c:da:76:47:1c:92:9f:09:52:79:10:
1b:62:84:5e:d5:0e:f2:25:82:96:8b:c2:d7:95:f1:
29:14:c3:64:da:a2:13:1d:08:07:f4:43:a1:d4:81:
e9:43:5a:38:e9:d2:4e:6f:ce:d2:e3:49:b0:0d:20:
45:9a:3d:e8:e6:38:41:a4:40:26:06:2b:fa:b5:5f:
2a:9d:26:dc:72:11:6d:c3:a5:be:3b:f0:15:9e:9b:
f1:50:91:5d:6f:6f:ad:07:93:95:df:e4:33:0e:6c:
50:e3:2c:ec:56:46:21:72:ea:4b:d2:ba:39:3a:f9:
a4:25:a3:7b:3a:e2:b9:2e:f6:9b:d4:e1:76:d4:b7:
e9:cb:54:81:d5:e3:13:55:73:fd:fe:c7:ff:08:4f:
32:48:4a:ba:4e:2d:0c:43:c2:63:58:30:87:6b:4b:
b3:bf:f6:d1:f0:43:9c:4c:50:c8:c8:92:cf:ea:16:
7b:03:66:7d:cd:26:c6:4d:78:7d:fb:7a:3a:f0:de:
0f:b9:a9:bc:6b:c6:35:e5:5e:62:e0:6a:0a:45:70:
ac:19:2d:24:2e:f9:6c:ac:96:1b:d1:ab:d3:84:d8:
49:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:20:FB:AA:54:7F:D8:7C:20:75:7E:B2:F8:01:41:20:C9:37:BD:2C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA1C39569D1611EF92DA03A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.2.0/24
Signature Algorithm: sha256WithRSAEncryption
03:66:96:33:d6:04:93:48:40:b5:1a:30:8a:89:d5:7d:b6:d2:
d9:f5:6a:f9:d7:55:65:fc:8d:f0:b4:1b:da:24:d6:58:30:ec:
e7:1a:dc:8f:23:f3:57:22:43:d8:71:52:78:9c:e8:1e:ef:38:
c3:5b:62:8a:cb:c4:1f:33:f6:37:3a:6d:df:7f:92:1f:52:e0:
9f:d8:2b:87:95:b2:c6:33:66:62:db:56:69:dc:dc:41:fd:24:
cd:d7:c2:96:16:7b:45:40:63:18:40:9c:ce:4c:4d:53:2d:70:
13:0a:ed:c5:38:9d:e1:3b:3a:7f:9a:bf:0c:fe:82:f2:64:f4:
34:23:21:7e:9c:2a:69:a0:b2:23:d9:7f:06:ae:23:f2:5d:84:
3c:65:13:cf:cf:0b:db:b6:31:cb:75:74:71:b7:2c:16:72:66:
25:14:fd:a8:32:c4:4d:e0:31:3c:ee:ec:96:74:04:92:7a:8d:
78:96:e9:74:bd:63:cf:b0:ba:ec:3c:ae:e2:d8:92:d6:28:f5:
3f:72:92:68:e1:eb:38:ba:45:a2:e5:95:5d:87:41:4e:92:7d:
cd:c7:fe:20:e3:22:f7:6f:5c:5f:2d:09:93:98:8a:93:a6:c7:
31:aa:e5:8f:26:23:9c:52:42:36:b6:07:14:e7:50:a7:88:f0:
28:3c:23:da
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQlPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MTQ0MzMwWhcNMjUxMTA1MTQ0MzMwWjAYMRYw
FAYDVQQDEw02NzJjZDIxNi0xNmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvSJTn0W1YFv9M671EXHcZ7XJQ3e3I3A3Xyo+YjqfxDJSjNp2RxySnwlS
eRAbYoRe1Q7yJYKWi8LXlfEpFMNk2qITHQgH9EOh1IHpQ1o46dJOb87S40mwDSBF
mj3o5jhBpEAmBiv6tV8qnSbcchFtw6W+O/AVnpvxUJFdb2+tB5OV3+QzDmxQ4yzs
VkYhcupL0ro5OvmkJaN7OuK5Lvab1OF21Lfpy1SB1eMTVXP9/sf/CE8ySEq6Ti0M
Q8JjWDCHa0uzv/bR8EOcTFDIyJLP6hZ7A2Z9zSbGTXh9+3o68N4Puam8a8Y15V5i
4GoKRXCsGS0kLvlsrJYb0avThNhJ6wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDsg
+6pUf9h8IHV+svgBQSDJN70sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQTFDMzk1NjlEMTYxMUVGOTJEQTAzQTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt8CMA0GCSqGSIb3DQEB
CwUAA4IBAQADZpYz1gSTSEC1GjCKidV9ttLZ9Wr511Vl/I3wtBvaJNZYMOznGtyP
I/NXIkPYcVJ4nOge7zjDW2KKy8QfM/Y3Om3ff5IfUuCf2CuHlbLGM2Zi21Zp3NxB
/STN18KWFntFQGMYQJzOTE1TLXATCu3FOJ3hOzp/mr8M/oLyZPQ0IyF+nCppoLIj
2X8GriPyXYQ8ZRPPzwvbtjHLdXRxtywWcmYlFP2oMsRN4DE87uyWdASSeo14lul0
vWPPsLrsPK7i2JLWKPU/cpJo4es4ukWi5ZVdh0FOkn3Nx/4g4yL3b1xfLQmTmIqT
pscxquWPJiOcUkI2tgcU51CniPAoPCPa
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:28 2024 by rpki-client on console-ams.rpki-client.org