Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3F85DA49A9311EFB277B550762E951A.roa
File: B3F85DA49A9311EFB277B550762E951A.roa (raw, json)
Hash identifier: gSSL21CFlm4RpvYdfYRwmapAT5rc/2icaZ8nyDl5A/I=
Subject key identifier: 20:D6:90:F6:81:47:15:69:6A:0D:40:0B:62:EA:52:88:D7:0F:DF:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01068A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3F85DA49A9311EFB277B550762E951A.roa
Signing time: Mon 04 Nov 2024 10:01:04 +0000
ROA not before: Mon 04 Nov 2024 10:01:01 +0000
ROA not after: Mon 25 Nov 2024 10:01:01 +0000
asID: 44559
IP address blocks: 154.210.86.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67210 (0x1068a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 4 10:01:01 2024 GMT
Not After : Nov 25 10:01:01 2024 GMT
Subject: CN=67289b60-c6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ec:79:9a:5f:a7:48:b4:71:f0:63:06:c2:92:
7e:2b:3b:f0:28:c9:73:21:33:5e:0a:19:bc:d2:c8:
4a:47:14:6e:e8:af:17:61:84:cc:24:56:b0:b0:e6:
26:a0:d3:34:f9:6f:21:88:67:36:17:3a:fb:82:67:
41:87:25:ae:4e:e6:44:ba:3c:c3:97:e7:e1:39:6e:
3e:aa:6c:6b:b1:77:29:43:5a:eb:0b:fb:00:08:77:
39:91:cf:b3:0c:aa:c3:ee:f1:28:bc:01:eb:f1:3c:
6c:b3:5f:01:86:5a:0a:c1:00:a6:45:b2:fe:ed:c6:
98:d6:20:d6:30:b5:4d:13:2b:e1:20:38:49:f2:81:
91:6b:31:07:e4:05:09:5a:c1:36:6a:b6:2a:05:b4:
60:a0:3d:c4:fa:89:08:9b:2a:e1:b9:9e:8f:f0:4a:
69:24:65:7a:cf:28:fe:a3:4d:4b:e8:90:78:d0:ef:
b4:16:55:39:86:b5:93:76:e9:24:eb:b1:68:ac:e6:
79:ae:44:3a:ba:5e:33:4f:04:17:55:f6:9c:25:ff:
53:7c:f6:7e:1b:e2:7b:65:44:28:7f:a3:00:8c:3e:
21:15:34:f9:e3:81:6f:50:f6:82:96:69:8b:0d:e9:
87:31:3d:0c:d5:aa:19:56:cf:86:94:a7:3f:3c:bb:
3d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D6:90:F6:81:47:15:69:6A:0D:40:0B:62:EA:52:88:D7:0F:DF:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B3F85DA49A9311EFB277B550762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.86.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:ff:8b:e8:4f:74:d6:e4:a8:9b:e7:42:fb:98:3e:98:9e:5a:
75:f1:b8:0f:d3:fd:95:2b:26:23:e8:3b:89:b0:38:34:f1:b1:
58:91:d4:43:97:eb:e3:92:a6:6d:ee:b6:47:3d:de:17:0d:e3:
3e:b8:e1:b9:85:25:ef:52:cf:25:b2:e2:24:01:41:eb:41:f6:
5a:96:57:2e:55:33:6b:4c:ad:5b:f0:c1:f7:1e:0f:e6:b8:53:
24:1d:5a:e8:d8:d1:b4:1a:7d:f7:ea:02:2c:e5:d9:37:29:a3:
a9:6a:f9:a5:3e:55:fa:4b:33:c1:09:14:44:4f:02:73:75:92:
1c:0e:aa:8b:ad:4f:d5:3c:b8:4e:49:a4:79:56:ee:6d:15:94:
59:a2:03:ba:81:c3:b5:9f:57:0e:85:73:ad:3f:c0:04:be:1f:
c9:ba:fc:1a:0a:16:0d:0e:94:d0:a6:e9:08:64:60:b5:24:cb:
1e:a9:59:2a:47:11:7a:ac:70:33:3c:6c:ff:49:28:00:dd:ab:
68:8d:87:40:3d:6e:25:4d:83:6c:44:ea:2a:c0:18:eb:2b:a6:
6a:69:b9:ae:7a:23:78:55:44:55:c7:a9:89:98:be:f7:e5:ce:
26:40:55:97:29:ce:9f:70:11:6d:9c:c8:a1:84:69:c9:e2:e3:
2a:08:6e:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQaKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA0MTAwMTAxWhcNMjQxMTI1MTAwMTAxWjAYMRYw
FAYDVQQDEw02NzI4OWI2MC1jNmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArux5ml+nSLRx8GMGwpJ+KzvwKMlzITNeChm80shKRxRu6K8XYYTMJFaw
sOYmoNM0+W8hiGc2Fzr7gmdBhyWuTuZEujzDl+fhOW4+qmxrsXcpQ1rrC/sACHc5
kc+zDKrD7vEovAHr8Txss18BhloKwQCmRbL+7caY1iDWMLVNEyvhIDhJ8oGRazEH
5AUJWsE2arYqBbRgoD3E+okImyrhuZ6P8EppJGV6zyj+o01L6JB40O+0FlU5hrWT
dukk67ForOZ5rkQ6ul4zTwQXVfacJf9TfPZ+G+J7ZUQof6MAjD4hFTT544FvUPaC
lmmLDemHMT0M1aoZVs+GlKc/PLs9OQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCDW
kPaBRxVpag1AC2LqUojXD9+mMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CM0Y4NURBNDlBOTMxMUVGQjI3N0I1NTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtJWMA0GCSqGSIb3DQEB
CwUAA4IBAQCM/4voT3TW5Kib50L7mD6Ynlp18bgP0/2VKyYj6DuJsDg08bFYkdRD
l+vjkqZt7rZHPd4XDeM+uOG5hSXvUs8lsuIkAUHrQfZallcuVTNrTK1b8MH3Hg/m
uFMkHVro2NG0Gn336gIs5dk3KaOpavmlPlX6SzPBCRRETwJzdZIcDqqLrU/VPLhO
SaR5Vu5tFZRZogO6gcO1n1cOhXOtP8AEvh/JuvwaChYNDpTQpukIZGC1JMseqVkq
RxF6rHAzPGz/SSgA3atojYdAPW4lTYNsROoqwBjrK6ZqabmueiN4VURVx6mJmL73
5c4mQFWXKc6fcBFtnMihhGnJ4uMqCG5/
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:21 2024 by rpki-client on console-fra.rpki-client.org