Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB0214E6A45211EF81DBB954762E951A.roa
File: BB0214E6A45211EF81DBB954762E951A.roa (raw, json)
Hash identifier: ZX9/HRsbLcjErN7SaMZLbIVVA+0wzXRyeA79UJCg4Tg=
Subject key identifier: AD:08:F3:C2:18:0B:7E:42:62:D8:AE:3B:6A:09:A3:78:B2:87:F6:FD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010E29
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB0214E6A45211EF81DBB954762E951A.roa
Signing time: Sat 16 Nov 2024 19:41:10 +0000
ROA not before: Sat 16 Nov 2024 19:41:06 +0000
ROA not after: Tue 26 Nov 2024 19:41:06 +0000
asID: 136744
IP address blocks: 154.211.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69161 (0x10e29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 16 19:41:06 2024 GMT
Not After : Nov 26 19:41:06 2024 GMT
Subject: CN=6738f556-c498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3f:f4:c9:96:ca:40:d1:72:af:df:23:93:1d:
21:a6:fa:35:7e:e1:e4:42:2d:58:6c:a9:02:c3:64:
2e:7d:76:86:30:aa:b4:7c:f3:fb:ea:44:46:28:99:
6f:19:6f:52:3d:9a:df:5a:08:5b:48:ac:ae:90:61:
a7:ae:d3:6f:8f:ce:32:b9:19:0d:4f:78:9d:0f:49:
5a:66:a9:f6:50:e2:f2:6f:ce:48:92:a8:d5:af:4e:
76:f7:49:12:d5:e5:cb:4c:02:ac:61:b6:23:30:5d:
22:68:f6:6e:2d:19:61:53:98:a6:3c:a6:a0:05:5a:
1f:0c:fa:f3:06:f7:77:eb:40:5c:69:95:f0:56:71:
5e:7c:07:7a:f4:74:a4:e1:60:88:86:ba:63:5a:68:
03:1c:88:3d:11:24:c4:c0:24:10:1b:1d:b4:33:d3:
fb:a4:9f:4a:e6:16:b9:f5:a1:ff:61:62:a4:7f:d9:
b6:03:3e:61:f1:07:b6:5c:3e:27:35:dc:52:0f:97:
24:c9:2e:19:7d:cd:0e:5c:59:19:a2:46:53:35:d5:
cb:ab:6a:fe:15:1e:52:85:3c:35:61:6b:28:22:00:
d4:5c:65:e6:db:79:fe:19:45:61:88:5c:46:07:15:
c2:89:6f:15:ea:81:43:21:ee:0e:6e:29:3d:ac:da:
9b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:08:F3:C2:18:0B:7E:42:62:D8:AE:3B:6A:09:A3:78:B2:87:F6:FD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB0214E6A45211EF81DBB954762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.181.0/24
Signature Algorithm: sha256WithRSAEncryption
53:42:90:1b:9c:a3:14:7a:b8:91:77:09:78:4d:f9:f3:ab:95:
4e:8e:d6:0c:d1:43:41:20:67:d5:b0:5c:05:87:54:29:07:c7:
12:28:39:6f:c0:89:24:4d:b7:83:eb:ca:fb:ff:3b:d3:f6:b9:
ff:a1:1f:59:00:d5:4a:73:98:aa:37:19:92:47:a8:2c:e1:bc:
f8:21:31:9f:3e:7f:2b:9d:4c:00:04:d0:e3:5a:b1:e0:e5:85:
6f:80:a7:84:a1:cf:7f:97:29:73:1e:1c:8b:13:aa:a6:52:28:
95:6c:9f:73:74:56:31:21:45:09:8e:b7:44:f4:2a:40:37:05:
b6:3e:53:b5:66:26:21:53:ca:c3:56:0b:ed:b7:7c:32:58:ec:
21:b2:b2:5f:67:36:2c:65:35:ec:8e:e6:7b:b8:d3:cf:68:a5:
06:00:79:32:65:a3:a0:18:4c:25:42:6b:e3:15:99:1c:40:06:
b3:57:1e:d9:e4:be:a8:a6:de:4a:43:42:bc:a8:4e:09:17:54:
f5:55:e0:b2:75:fd:24:7e:45:3f:81:e3:7a:bc:84:b1:56:b3:
3e:5f:51:66:9a:62:eb:03:73:da:40:60:61:7c:ac:f9:a0:b7:
61:b6:19:36:55:09:14:1f:01:f4:88:4a:74:f6:52:58:5b:92:
cb:83:ea:3c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ4pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE2MTk0MTA2WhcNMjQxMTI2MTk0MTA2WjAYMRYw
FAYDVQQDEw02NzM4ZjU1Ni1jNDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwD/0yZbKQNFyr98jkx0hpvo1fuHkQi1YbKkCw2QufXaGMKq0fPP76kRG
KJlvGW9SPZrfWghbSKyukGGnrtNvj84yuRkNT3idD0laZqn2UOLyb85IkqjVr052
90kS1eXLTAKsYbYjMF0iaPZuLRlhU5imPKagBVofDPrzBvd360BcaZXwVnFefAd6
9HSk4WCIhrpjWmgDHIg9ESTEwCQQGx20M9P7pJ9K5ha59aH/YWKkf9m2Az5h8Qe2
XD4nNdxSD5ckyS4Zfc0OXFkZokZTNdXLq2r+FR5ShTw1YWsoIgDUXGXm23n+GUVh
iFxGBxXCiW8V6oFDIe4Obik9rNqbPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK0I
88IYC35CYtiuO2oJo3iyh/b9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQjAyMTRFNkE0NTIxMUVGODFEQkI5NTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtO1MA0GCSqGSIb3DQEB
CwUAA4IBAQBTQpAbnKMUeriRdwl4Tfnzq5VOjtYM0UNBIGfVsFwFh1QpB8cSKDlv
wIkkTbeD68r7/zvT9rn/oR9ZANVKc5iqNxmSR6gs4bz4ITGfPn8rnUwABNDjWrHg
5YVvgKeEoc9/lylzHhyLE6qmUiiVbJ9zdFYxIUUJjrdE9CpANwW2PlO1ZiYhU8rD
Vgvtt3wyWOwhsrJfZzYsZTXsjuZ7uNPPaKUGAHkyZaOgGEwlQmvjFZkcQAazVx7Z
5L6opt5KQ0K8qE4JF1T1VeCydf0kfkU/geN6vISxVrM+X1FmmmLrA3PaQGBhfKz5
oLdhthk2VQkUHwH0iEp09lJYW5LLg+o8
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:24 2024 by rpki-client on console-ams.rpki-client.org