Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6702E5A9CE011EFBAAEEF58762E951A.roa
File: B6702E5A9CE011EFBAAEEF58762E951A.roa (raw, json)
Hash identifier: RuhHuzokH9lyWYc3H+gW1c2bzg3uY6IUhwU7egYnuD4=
Subject key identifier: D0:3E:A7:1A:4A:F5:01:25:A3:0D:33:DB:9D:9C:F4:4B:5F:41:3F:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01092B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6702E5A9CE011EFBAAEEF58762E951A.roa
Signing time: Thu 07 Nov 2024 08:17:22 +0000
ROA not before: Thu 07 Nov 2024 08:17:18 +0000
ROA not after: Mon 07 Apr 2025 08:17:18 +0000
asID: 267834
IP address blocks: 154.198.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67883 (0x1092b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 08:17:18 2024 GMT
Not After : Apr 7 08:17:18 2025 GMT
Subject: CN=672c7792-85b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:91:72:28:21:19:82:0a:68:f5:b2:4e:46:41:
8e:84:36:1f:3e:83:ba:da:ec:ab:15:f3:15:65:f2:
a5:3b:9f:c4:8f:02:cf:e6:f9:c4:c8:bd:41:03:80:
df:91:3e:05:09:fc:37:8b:bf:29:b2:e8:1e:9f:c1:
19:28:79:a0:31:3d:31:44:88:88:31:1a:ea:4c:fb:
c5:19:aa:d0:2a:55:f0:10:bf:86:bf:f1:38:4b:44:
ef:e6:96:12:29:9f:31:61:37:2c:b7:df:38:ab:08:
d8:71:e3:60:f9:87:18:60:32:41:5b:b3:ed:48:a2:
91:63:19:eb:49:da:8f:a1:bd:ce:c1:de:9e:c5:da:
ea:1c:61:26:48:b2:99:fb:25:cd:4c:11:1d:58:ad:
4b:35:58:0a:f7:7f:83:6d:12:7c:91:64:46:48:63:
2d:49:f4:52:65:7e:28:92:48:cf:e2:3c:78:20:74:
28:15:9a:ce:ec:8b:bf:d8:a2:a5:4f:ff:3a:74:86:
57:63:37:a0:6b:a3:18:52:19:c9:d6:13:f7:4d:f2:
7f:86:b8:6c:57:e3:28:a8:20:35:b6:26:e1:7e:01:
5f:53:2a:2a:0b:50:a3:72:7e:ea:d0:21:84:04:5e:
0a:cc:88:c4:19:28:84:11:f6:b4:47:26:37:26:0f:
11:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3E:A7:1A:4A:F5:01:25:A3:0D:33:DB:9D:9C:F4:4B:5F:41:3F:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B6702E5A9CE011EFBAAEEF58762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.56.0/22
Signature Algorithm: sha256WithRSAEncryption
25:21:e1:70:34:56:91:ca:b9:19:64:0f:e2:b6:c0:17:ae:ce:
98:23:7f:55:41:7d:08:63:77:6d:5a:ad:b1:58:fd:c3:39:a5:
d3:81:d5:d4:66:ad:0d:66:b1:4d:ab:ef:78:4e:57:3b:2c:ac:
f3:82:99:a7:83:9a:b3:2d:a7:84:09:76:b6:92:30:02:ca:ab:
bf:20:8f:45:91:e7:db:55:14:ed:13:70:9d:3e:3d:84:87:9c:
66:92:ab:5f:69:df:eb:c3:77:0d:f7:71:e1:bd:02:60:da:0c:
12:1d:39:29:4e:ee:f9:4d:4f:0c:e1:b3:f3:3d:4a:4f:cd:9a:
72:eb:71:c9:5e:fc:45:e2:55:f5:b8:5e:62:45:50:ed:f7:4e:
fe:60:87:0a:26:08:b9:8b:20:bf:b0:fd:66:b6:1a:9c:45:6e:
f3:b3:01:35:16:b6:3c:7d:eb:f4:08:74:88:61:a7:46:b3:28:
41:a3:ee:96:c6:e7:f7:ee:e8:fc:ba:18:03:1b:ec:d1:8e:51:
e1:07:d0:1c:fa:9e:77:92:3f:4f:31:5f:d9:15:cb:1e:0e:0a:
b0:a6:0c:57:8c:d9:0c:26:7f:1e:b2:4a:8b:cc:05:bd:03:03:
e7:34:2d:17:a1:37:9d:6d:d4:9b:3e:76:ff:97:ec:1e:0c:bb:
13:73:db:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQkrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MDgxNzE4WhcNMjUwNDA3MDgxNzE4WjAYMRYw
FAYDVQQDEw02NzJjNzc5Mi04NWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAspFyKCEZggpo9bJORkGOhDYfPoO62uyrFfMVZfKlO5/EjwLP5vnEyL1B
A4DfkT4FCfw3i78psugen8EZKHmgMT0xRIiIMRrqTPvFGarQKlXwEL+Gv/E4S0Tv
5pYSKZ8xYTcst984qwjYceNg+YcYYDJBW7PtSKKRYxnrSdqPob3Owd6exdrqHGEm
SLKZ+yXNTBEdWK1LNVgK93+DbRJ8kWRGSGMtSfRSZX4okkjP4jx4IHQoFZrO7Iu/
2KKlT/86dIZXYzega6MYUhnJ1hP3TfJ/hrhsV+MoqCA1tibhfgFfUyoqC1Cjcn7q
0CGEBF4KzIjEGSiEEfa0RyY3Jg8REQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNA+
pxpK9QElow0z252c9EtfQT+uMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNjcwMkU1QTlDRTAxMUVGQkFBRUVGNTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsY4MA0GCSqGSIb3DQEB
CwUAA4IBAQAlIeFwNFaRyrkZZA/itsAXrs6YI39VQX0IY3dtWq2xWP3DOaXTgdXU
Zq0NZrFNq+94Tlc7LKzzgpmng5qzLaeECXa2kjACyqu/II9FkefbVRTtE3CdPj2E
h5xmkqtfad/rw3cN93HhvQJg2gwSHTkpTu75TU8M4bPzPUpPzZpy63HJXvxF4lX1
uF5iRVDt907+YIcKJgi5iyC/sP1mthqcRW7zswE1FrY8fev0CHSIYadGsyhBo+6W
xuf37uj8uhgDG+zRjlHhB9Ac+p53kj9PMV/ZFcseDgqwpgxXjNkMJn8eskqLzAW9
AwPnNC0XoTedbdSbPnb/l+weDLsTc9tV
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:22 2024 by rpki-client on console-fra.rpki-client.org