Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA68D76EA75411EFAD1700BB762E951A.roa
File: AA68D76EA75411EFAD1700BB762E951A.roa (raw, json)
Hash identifier: Dqu3vNrMsE4WFatjSjNKRYWPES2vzzlxhoYbw6zK/Z4=
Subject key identifier: DD:F7:65:45:52:D5:B9:3C:6C:99:8C:65:9E:EA:BE:4A:FB:57:B3:98
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010FD7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA68D76EA75411EFAD1700BB762E951A.roa
Signing time: Wed 20 Nov 2024 15:32:35 +0000
ROA not before: Wed 20 Nov 2024 15:32:31 +0000
ROA not after: Sun 01 Dec 2024 15:32:31 +0000
asID: 133180
IP address blocks: 154.209.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69591 (0x10fd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 20 15:32:31 2024 GMT
Not After : Dec 1 15:32:31 2024 GMT
Subject: CN=673e0113-6e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:64:1b:f0:fd:27:78:81:27:c0:f8:eb:21:1a:
7e:9f:95:82:43:33:5a:b8:39:0c:c3:1b:fd:ce:88:
c0:6f:b8:00:f0:d8:7d:00:8d:18:e3:54:34:4b:a0:
14:5b:85:ab:c9:4c:9b:29:c4:eb:b0:ed:01:77:bb:
41:05:4b:1c:72:0a:42:ac:91:96:34:87:80:fb:b6:
41:b6:6f:12:1d:44:a6:37:da:96:bb:63:75:0d:b6:
14:84:ba:83:63:07:45:26:c5:63:22:ab:ab:ab:80:
41:89:5f:93:d2:b0:ca:c1:da:81:3f:7b:06:8e:73:
ee:ea:f0:7a:ca:33:72:14:50:c4:90:6f:b4:6b:16:
45:82:e4:78:8e:1d:a9:74:9e:58:1d:35:fa:88:37:
33:9e:24:c2:6a:47:a6:cd:fa:7b:98:d5:52:1e:a1:
fa:e6:20:c8:4d:72:68:c3:87:8b:34:a4:d6:ad:70:
93:cc:57:e1:77:52:7e:f0:40:f2:1f:bd:5f:b9:f0:
f2:a1:e0:b5:91:c4:ff:b6:87:65:78:4e:1f:a7:5b:
ac:fe:ef:68:69:ec:39:5c:ce:7a:8f:04:a5:4a:91:
20:98:ac:af:01:35:78:4c:58:2d:44:4c:42:e5:90:
15:0d:22:96:9b:7a:55:75:60:bc:7f:1e:0b:b7:4e:
6c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F7:65:45:52:D5:B9:3C:6C:99:8C:65:9E:EA:BE:4A:FB:57:B3:98
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AA68D76EA75411EFAD1700BB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.160.0/19
Signature Algorithm: sha256WithRSAEncryption
a7:5d:56:8c:f8:ee:f0:a9:e3:59:47:ea:38:91:1d:33:93:53:
20:b1:60:dc:46:e6:f6:4f:01:ec:fa:2c:4c:93:b3:4e:e4:b5:
5b:10:0c:08:ed:5d:2f:a8:fc:60:d4:44:af:1a:ed:d2:aa:22:
13:1b:1c:55:17:43:fd:7b:c6:3f:5c:ec:85:ab:0a:a9:8e:15:
07:fa:2a:52:c1:d2:6c:4c:7d:8b:29:6f:4e:c3:f5:fc:c3:15:
66:80:a3:ba:7f:75:42:7d:63:a9:5b:06:b1:03:a9:e6:99:b6:
cf:22:61:db:0f:c4:f7:63:48:c5:81:f4:c7:0f:5b:56:98:22:
db:3e:7d:40:7d:8a:3f:0a:2f:75:b1:af:d6:f7:92:bd:48:57:
d5:23:65:89:72:80:a1:dd:fd:c9:13:73:a3:1b:68:ad:33:17:
7c:80:57:ed:ee:e9:01:fb:be:9b:2f:e0:ad:45:00:49:2c:0b:
3f:c2:9b:85:be:f1:ec:f0:5b:22:84:c2:b5:f5:7e:20:19:be:
e9:5a:e9:a0:d7:10:5b:e6:eb:47:6d:82:be:06:ee:41:51:f2:
d1:f5:26:68:49:b1:10:83:6d:ba:b1:ff:a5:73:04:ea:fd:90:
ac:3d:b8:bb:3e:56:58:f9:95:40:f7:21:c2:51:34:53:8b:a6:
80:11:ad:2c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ/XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMTUzMjMxWhcNMjQxMjAxMTUzMjMxWjAYMRYw
FAYDVQQDEw02NzNlMDExMy02ZTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs2Qb8P0neIEnwPjrIRp+n5WCQzNauDkMwxv9zojAb7gA8Nh9AI0Y41Q0
S6AUW4WryUybKcTrsO0Bd7tBBUsccgpCrJGWNIeA+7ZBtm8SHUSmN9qWu2N1DbYU
hLqDYwdFJsVjIqurq4BBiV+T0rDKwdqBP3sGjnPu6vB6yjNyFFDEkG+0axZFguR4
jh2pdJ5YHTX6iDczniTCakemzfp7mNVSHqH65iDITXJow4eLNKTWrXCTzFfhd1J+
8EDyH71fufDyoeC1kcT/todleE4fp1us/u9oaew5XM56jwSlSpEgmKyvATV4TFgt
RExC5ZAVDSKWm3pVdWC8fx4Lt05s7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN33
ZUVS1bk8bJmMZZ7qvkr7V7OYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQTY4RDc2RUE3NTQxMUVGQUQxNzAwQkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtGgMA0GCSqGSIb3DQEB
CwUAA4IBAQCnXVaM+O7wqeNZR+o4kR0zk1MgsWDcRub2TwHs+ixMk7NO5LVbEAwI
7V0vqPxg1ESvGu3SqiITGxxVF0P9e8Y/XOyFqwqpjhUH+ipSwdJsTH2LKW9Ow/X8
wxVmgKO6f3VCfWOpWwaxA6nmmbbPImHbD8T3Y0jFgfTHD1tWmCLbPn1AfYo/Ci91
sa/W95K9SFfVI2WJcoCh3f3JE3OjG2itMxd8gFft7ukB+76bL+CtRQBJLAs/wpuF
vvHs8FsihMK19X4gGb7pWumg1xBb5utHbYK+Bu5BUfLR9SZoSbEQg226sf+lcwTq
/ZCsPbi7PlZY+ZVA9yHCUTRTi6aAEa0s
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:28 2024 by rpki-client on console-ams.rpki-client.org