Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ACFC38D2985D11EF9BAE4F59762E951A.roa
File: ACFC38D2985D11EF9BAE4F59762E951A.roa (raw, json)
Hash identifier: 2YYiRw6ZyEkzhQSEUd0QCi+CUGHb8bdQKevmF+DdqPg=
Subject key identifier: 98:6B:0E:09:37:5A:4B:A9:43:DB:18:3D:F2:36:D5:47:29:9D:AE:3E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0104C7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ACFC38D2985D11EF9BAE4F59762E951A.roa
Signing time: Fri 01 Nov 2024 14:29:17 +0000
ROA not before: Fri 01 Nov 2024 14:29:14 +0000
ROA not after: Tue 03 Dec 2024 14:29:14 +0000
asID: 203020
IP address blocks: 154.208.128.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66759 (0x104c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 1 14:29:14 2024 GMT
Not After : Dec 3 14:29:14 2024 GMT
Subject: CN=6724e5bd-8580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:4f:f4:a6:b8:60:56:7a:ef:04:e6:8b:88:
82:cf:89:75:19:e0:01:20:72:ae:3b:e6:e4:4b:9b:
43:92:d9:e2:7b:93:1e:b5:f9:13:b2:e9:f9:fa:2b:
da:1d:ff:62:bc:6f:27:b7:68:6d:c7:81:8d:41:36:
29:a6:3a:a9:8f:2b:0d:32:b6:ff:66:54:24:c0:9d:
d9:b7:19:95:c5:a0:9f:af:2b:ec:40:4b:a1:a0:74:
ee:d9:f6:d9:58:16:16:89:d1:da:fe:81:41:6d:fb:
d2:09:eb:31:69:eb:3d:04:70:ab:29:c8:37:58:43:
54:27:f8:77:05:44:5d:38:a7:ed:4b:63:61:f1:1a:
5e:26:ec:3a:a9:b3:0c:d1:4a:b1:8a:2d:93:aa:cf:
96:03:b3:80:be:00:38:4a:ac:53:1e:c3:6f:50:d4:
0e:00:d5:c1:db:a1:bf:8d:6e:07:59:49:4b:0b:0b:
6c:f0:b5:28:6c:90:7c:62:f1:6f:28:13:d6:bc:c6:
99:41:3b:31:6f:e4:76:12:16:84:27:b3:be:7e:54:
5f:99:0c:67:82:e2:e7:23:2d:c4:b4:5d:6f:c0:dd:
12:0e:78:3d:1a:cc:0b:ab:f7:aa:39:af:b7:e4:b7:
ad:08:19:32:44:1c:21:14:1c:37:d5:5f:67:d4:2f:
6e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6B:0E:09:37:5A:4B:A9:43:DB:18:3D:F2:36:D5:47:29:9D:AE:3E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/ACFC38D2985D11EF9BAE4F59762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.128.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:87:ee:83:24:02:ed:78:72:d4:26:e8:2f:2c:6c:34:00:b6:
d4:f8:0b:85:7b:6a:4f:1c:4d:30:49:ea:e1:91:68:4f:a3:4f:
af:bf:56:e6:21:df:3d:df:bd:21:58:b9:90:8f:e4:2f:4c:d9:
04:1f:a3:c5:fd:31:14:0f:c6:a1:a7:6f:4b:00:f9:59:24:20:
11:56:a8:81:3d:d6:9e:4f:0b:cc:3e:cf:71:88:b0:08:32:0d:
f3:8d:b4:fd:26:a1:c0:90:66:07:d8:ae:38:06:97:48:08:7c:
13:1e:59:19:10:cf:a3:ce:28:37:bb:50:fb:7e:5e:33:83:c3:
4e:bc:ac:d8:23:f7:33:29:a7:11:7e:d1:f0:e9:c6:06:80:12:
7f:ca:61:0b:e4:20:06:c9:1d:5f:06:fe:84:66:eb:a5:57:7a:
9d:1a:de:2f:22:a4:36:9d:3a:44:f1:2c:8a:2d:aa:55:62:2c:
fe:b3:56:83:e2:a6:fb:97:6b:f5:7c:30:21:0f:fd:9d:88:6b:
86:5c:44:a5:88:cc:ea:96:b4:7a:28:cf:0d:1d:ac:33:31:96:
b6:8a:9c:38:36:a2:2b:79:b2:2c:63:a7:dc:f5:6a:75:0f:d9:
64:59:d3:bf:a6:5c:0b:8e:43:bc:02:59:89:b4:83:90:3d:ba:
39:13:ad:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQTHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTAxMTQyOTE0WhcNMjQxMjAzMTQyOTE0WjAYMRYw
FAYDVQQDEw02NzI0ZTViZC04NTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvQJP9Ka4YFZ67wTmi4iCz4l1GeABIHKuO+bkS5tDktnie5MetfkTsun5
+ivaHf9ivG8nt2htx4GNQTYppjqpjysNMrb/ZlQkwJ3ZtxmVxaCfryvsQEuhoHTu
2fbZWBYWidHa/oFBbfvSCesxaes9BHCrKcg3WENUJ/h3BURdOKftS2Nh8RpeJuw6
qbMM0Uqxii2Tqs+WA7OAvgA4SqxTHsNvUNQOANXB26G/jW4HWUlLCwts8LUobJB8
YvFvKBPWvMaZQTsxb+R2EhaEJ7O+flRfmQxnguLnIy3EtF1vwN0SDng9GswLq/eq
Oa+35LetCBkyRBwhFBw31V9n1C9u2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJhr
Dgk3WkupQ9sYPfI21Ucpna4+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BQ0ZDMzhEMjk4NUQxMUVGOUJBRTRGNTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtCAMA0GCSqGSIb3DQEB
CwUAA4IBAQCdh+6DJALteHLUJugvLGw0ALbU+AuFe2pPHE0wSerhkWhPo0+vv1bm
Id89370hWLmQj+QvTNkEH6PF/TEUD8ahp29LAPlZJCARVqiBPdaeTwvMPs9xiLAI
Mg3zjbT9JqHAkGYH2K44BpdICHwTHlkZEM+jzig3u1D7fl4zg8NOvKzYI/czKacR
ftHw6cYGgBJ/ymEL5CAGyR1fBv6EZuulV3qdGt4vIqQ2nTpE8SyKLapVYiz+s1aD
4qb7l2v1fDAhD/2diGuGXESliMzqlrR6KM8NHawzMZa2ipw4NqIrebIsY6fc9Wp1
D9lkWdO/plwLjkO8AlmJtIOQPbo5E610
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:20 2024 by rpki-client on console-fra.rpki-client.org