Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B27A971E96B311EF89C7685B762E951A.roa
File: B27A971E96B311EF89C7685B762E951A.roa (raw, json)
Hash identifier: IUrYOvFGSCnmdg4QOGV26S8WqLWFEq/2wOlfqySDfx8=
Subject key identifier: B3:43:EE:DA:52:DF:BC:A9:B5:04:96:D5:54:07:5A:86:55:65:6F:97
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01040F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B27A971E96B311EF89C7685B762E951A.roa
Signing time: Wed 30 Oct 2024 11:40:01 +0000
ROA not before: Wed 30 Oct 2024 11:39:57 +0000
ROA not after: Wed 11 Dec 2024 11:39:57 +0000
asID: 138915
IP address blocks: 154.203.138.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66575 (0x1040f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 30 11:39:57 2024 GMT
Not After : Dec 11 11:39:57 2024 GMT
Subject: CN=67221b11-5689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1e:fa:47:4b:18:0f:2b:78:61:bb:22:0f:be:
4b:f5:93:19:28:df:6c:e8:07:f0:df:88:11:99:d1:
7f:77:9b:3b:7a:1b:d4:41:e9:89:d6:04:c0:fe:dc:
37:3d:41:59:cc:77:33:99:6b:77:9a:c1:41:97:67:
da:8d:02:72:54:e6:6c:67:5f:80:df:9f:4c:66:67:
45:48:90:3b:6e:e9:62:69:d7:df:23:9d:c1:65:50:
2b:0f:90:7d:dc:a7:43:7e:85:a0:89:3f:bb:f1:0c:
6d:51:81:1f:6d:36:25:e9:71:5d:d7:39:24:fd:4e:
43:be:2a:39:c3:80:a3:ae:e4:7e:47:37:49:a2:c5:
13:32:5e:d6:8e:8a:dd:c2:83:1c:ff:d0:a8:11:8f:
2b:46:a7:18:6c:07:8c:81:b9:17:dd:5c:66:78:a0:
a4:3b:32:ab:6d:3a:6b:1d:c0:51:fa:30:21:b0:de:
22:64:9e:00:81:de:b9:b5:32:49:9b:00:ab:36:de:
f6:ca:87:af:07:9d:28:fb:05:df:30:be:2b:85:37:
de:03:e8:62:0c:86:2e:03:08:fd:6f:70:67:38:b5:
d0:ba:e8:86:d2:22:ed:59:02:4b:26:d6:04:4f:82:
7e:40:4b:0f:47:71:f5:86:a5:95:55:d9:79:21:0d:
0b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:43:EE:DA:52:DF:BC:A9:B5:04:96:D5:54:07:5A:86:55:65:6F:97
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B27A971E96B311EF89C7685B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.138.0/23
Signature Algorithm: sha256WithRSAEncryption
26:dd:5c:41:87:db:9c:66:ce:68:5e:a0:a8:b5:bf:e4:ee:51:
27:b3:fa:2d:bd:25:3d:f3:b8:84:b7:bb:4c:9a:d2:ff:a2:66:
45:27:0e:34:61:b6:bd:9d:f5:e4:92:b2:3f:21:d6:75:4f:30:
f8:51:c2:56:ba:28:d2:52:a2:db:4f:ce:ab:d2:0d:14:02:d2:
91:d7:1f:f5:c6:0c:f5:16:50:f4:7a:99:5c:a2:dd:04:53:ca:
08:60:82:ac:dd:4c:d8:5a:a1:67:ff:10:1c:45:12:02:ff:b5:
5e:cf:8f:2c:4a:59:b1:13:33:06:98:1f:c8:e2:15:a1:ee:47:
9f:70:fe:70:97:8c:f1:93:81:bd:d5:34:3e:2e:74:c3:bb:e4:
5a:80:d8:e4:12:22:b8:35:39:c6:5d:8f:14:d4:2e:72:61:dd:
df:17:34:50:e4:14:65:b9:26:e8:10:06:d6:4a:ff:9a:a3:10:
13:f3:49:e0:0a:d1:fb:4b:ac:f2:84:4f:8b:6c:b1:3b:fd:f1:
06:8b:8d:19:cd:a8:43:9b:47:59:d6:29:3d:13:39:2d:4c:8e:
67:c0:ef:04:d8:22:0e:8f:80:62:b6:12:d6:ee:29:a3:0f:28:
2a:ea:c0:e6:89:d1:aa:9f:37:c8:b5:4c:97:c5:5e:f8:9a:1e:
b2:b4:42:1f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQQPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDMwMTEzOTU3WhcNMjQxMjExMTEzOTU3WjAYMRYw
FAYDVQQDEw02NzIyMWIxMS01Njg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5R76R0sYDyt4YbsiD75L9ZMZKN9s6Afw34gRmdF/d5s7ehvUQemJ1gTA
/tw3PUFZzHczmWt3msFBl2fajQJyVOZsZ1+A359MZmdFSJA7buliadffI53BZVAr
D5B93KdDfoWgiT+78QxtUYEfbTYl6XFd1zkk/U5Dvio5w4CjruR+RzdJosUTMl7W
jordwoMc/9CoEY8rRqcYbAeMgbkX3VxmeKCkOzKrbTprHcBR+jAhsN4iZJ4Agd65
tTJJmwCrNt72yoevB50o+wXfML4rhTfeA+hiDIYuAwj9b3BnOLXQuuiG0iLtWQJL
JtYET4J+QEsPR3H1hqWVVdl5IQ0LEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLND
7tpS37yptQSW1VQHWoZVZW+XMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMjdBOTcxRTk2QjMxMUVGODlDNzY4NUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsuKMA0GCSqGSIb3DQEB
CwUAA4IBAQAm3VxBh9ucZs5oXqCotb/k7lEns/otvSU987iEt7tMmtL/omZFJw40
Yba9nfXkkrI/IdZ1TzD4UcJWuijSUqLbT86r0g0UAtKR1x/1xgz1FlD0eplcot0E
U8oIYIKs3UzYWqFn/xAcRRIC/7Vez48sSlmxEzMGmB/I4hWh7kefcP5wl4zxk4G9
1TQ+LnTDu+RagNjkEiK4NTnGXY8U1C5yYd3fFzRQ5BRluSboEAbWSv+aoxAT80ng
CtH7S6zyhE+LbLE7/fEGi40ZzahDm0dZ1ik9EzktTI5nwO8E2CIOj4BithLW7imj
Dygq6sDmidGqnzfItUyXxV74mh6ytEIf
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:30 2024 by rpki-client on console-ams.rpki-client.org