Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B45E59206A5E11EF9FE51E44762E951A.roa
File: B45E59206A5E11EF9FE51E44762E951A.roa (raw, json)
Hash identifier: jsQeGGPTprXckbZM25BRvugrHSYfYZwV5gPDV9ULg4Y=
Subject key identifier: DA:86:53:3E:A9:58:62:EA:F9:35:4A:6B:0C:88:8B:D5:0B:3C:EE:7C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: E9FB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B45E59206A5E11EF9FE51E44762E951A.roa
Signing time: Wed 04 Sep 2024 01:40:46 +0000
ROA not before: Wed 04 Sep 2024 01:40:17 +0000
ROA not after: Mon 30 Dec 2024 01:40:17 +0000
asID: 17561
IP address blocks: 154.207.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59899 (0xe9fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 4 01:40:17 2024 GMT
Not After : Dec 30 01:40:17 2024 GMT
Subject: CN=66d7ba9e-83c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c9:c9:6a:f9:57:b4:1c:65:95:b3:ca:21:9f:
0a:07:a6:5a:af:09:67:7a:4f:b2:fe:87:dd:40:44:
7c:23:43:68:d5:3c:76:4f:fb:84:37:09:0e:b5:93:
59:6e:af:ba:0d:29:d2:c5:e5:77:b6:8b:01:5c:d2:
d0:88:ae:cd:68:3c:c0:bc:59:b4:57:39:6c:88:62:
7d:62:13:62:26:46:91:2a:0e:d6:f1:f0:ce:ef:01:
b5:9d:f4:72:1c:f8:23:0a:a9:b0:d8:ff:bf:7f:b5:
d3:a7:8b:2f:1c:5e:6b:6e:25:90:54:a2:c1:1b:26:
a7:90:aa:8c:e7:f2:23:b7:d2:31:7b:60:1c:6f:c9:
2e:06:1d:04:18:b6:c1:e8:c8:d1:f0:25:59:2f:b2:
a0:55:90:1d:0f:0b:29:e3:6c:0b:3d:1f:49:9a:a4:
3b:52:d1:e0:31:57:b8:55:85:d2:e2:95:34:73:f9:
e0:2b:37:ac:a1:6c:69:77:2d:6f:8c:85:52:71:e5:
c8:6a:2f:f9:58:7b:18:b6:48:ad:d8:05:73:e6:3c:
bf:97:57:91:83:bc:27:ab:bf:bc:ad:5a:19:d5:1c:
c6:ee:9f:30:05:ac:1a:58:bb:5d:3e:53:e9:d6:2e:
f3:87:8f:33:de:88:58:e2:ca:2d:56:0d:11:01:9f:
06:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:86:53:3E:A9:58:62:EA:F9:35:4A:6B:0C:88:8B:D5:0B:3C:EE:7C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B45E59206A5E11EF9FE51E44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.220.0/22
Signature Algorithm: sha256WithRSAEncryption
33:d5:b1:93:61:71:06:8b:f4:76:10:7b:84:fc:ec:8b:e9:36:
d8:1a:37:1a:7f:0b:fa:37:09:1d:8f:75:a1:34:c4:87:54:db:
03:72:d6:2c:79:cf:43:87:30:0b:4a:82:6b:8f:80:fb:95:00:
94:81:f9:5c:95:fe:f0:cf:9d:86:6b:6c:74:e1:55:a4:21:30:
75:e8:62:bc:e2:49:26:dd:c6:68:af:0b:03:80:ce:75:87:6d:
dc:51:72:7a:83:cf:de:4c:fd:cf:d2:9d:6f:57:3e:39:e8:47:
c6:05:4f:d4:95:ec:cc:39:e8:37:ec:ce:e0:8c:9c:69:f8:d2:
ab:58:ad:27:5e:ed:5e:b1:94:79:1f:6c:94:5f:15:9b:06:72:
fb:97:1b:cb:e7:b1:c2:b8:f0:11:8e:cd:3b:51:ca:45:05:ec:
f3:69:4f:c0:30:6a:31:39:95:e1:c2:7e:5f:9b:19:8b:8e:2c:
c0:29:f9:3e:0d:32:f7:da:14:bd:f4:30:46:54:28:59:4b:15:
49:8b:8b:31:00:d9:5e:bc:7a:7d:dd:ed:8b:b3:63:50:2b:66:
19:65:21:12:79:d5:c0:4d:66:55:c3:63:30:e9:00:89:de:20:
46:b3:9d:36:eb:19:2d:7e:4c:33:f4:b9:f1:0b:67:d9:c4:a7:
1d:fe:b4:7e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAOn7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTA0MDE0MDE3WhcNMjQxMjMwMDE0MDE3WjAYMRYw
FAYDVQQDEw02NmQ3YmE5ZS04M2MyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA28nJavlXtBxllbPKIZ8KB6Zarwlnek+y/ofdQER8I0No1Tx2T/uENwkO
tZNZbq+6DSnSxeV3tosBXNLQiK7NaDzAvFm0VzlsiGJ9YhNiJkaRKg7W8fDO7wG1
nfRyHPgjCqmw2P+/f7XTp4svHF5rbiWQVKLBGyankKqM5/Ijt9Ixe2Acb8kuBh0E
GLbB6MjR8CVZL7KgVZAdDwsp42wLPR9JmqQ7UtHgMVe4VYXS4pU0c/ngKzesoWxp
dy1vjIVSceXIai/5WHsYtkit2AVz5jy/l1eRg7wnq7+8rVoZ1RzG7p8wBawaWLtd
PlPp1i7zh48z3ohY4sotVg0RAZ8GGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNqG
Uz6pWGLq+TVKawyIi9ULPO58MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNDVFNTkyMDZBNUUxMUVGOUZFNTFFNDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms/cMA0GCSqGSIb3DQEB
CwUAA4IBAQAz1bGTYXEGi/R2EHuE/OyL6TbYGjcafwv6Nwkdj3WhNMSHVNsDctYs
ec9DhzALSoJrj4D7lQCUgflclf7wz52Ga2x04VWkITB16GK84kkm3cZorwsDgM51
h23cUXJ6g8/eTP3P0p1vVz456EfGBU/UlezMOeg37M7gjJxp+NKrWK0nXu1esZR5
H2yUXxWbBnL7lxvL57HCuPARjs07UcpFBezzaU/AMGoxOZXhwn5fmxmLjizAKfk+
DTL32hS99DBGVChZSxVJi4sxANlevHp93e2Ls2NQK2YZZSESedXATWZVw2Mw6QCJ
3iBGs5026xktfkwz9LnxC2fZxKcd/rR+
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:21 2024 by rpki-client on console-fra.rpki-client.org