Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BEA8FEFA71A011EF84D6A166762E951A.roa
File: BEA8FEFA71A011EF84D6A166762E951A.roa (raw, json)
Hash identifier: EfoUvM4SrkORqFWbn64FCGSJKRCXdPqMX2G+rrA6mAk=
Subject key identifier: 34:BB:B4:34:D6:FE:47:37:D3:57:21:1C:33:E3:8B:66:D1:51:5B:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: ED78
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BEA8FEFA71A011EF84D6A166762E951A.roa
Signing time: Fri 13 Sep 2024 07:21:08 +0000
ROA not before: Fri 13 Sep 2024 07:21:05 +0000
ROA not after: Sat 30 Nov 2024 07:21:05 +0000
asID: 138152
IP address blocks: 154.211.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60792 (0xed78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 13 07:21:05 2024 GMT
Not After : Nov 30 07:21:05 2024 GMT
Subject: CN=66e3e7e4-e920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7b:d4:b1:77:2e:31:c5:ed:cd:5d:0b:bb:03:
76:c5:c5:45:9c:63:3c:e8:b5:91:f9:45:92:c9:f9:
9f:3f:07:f7:eb:b5:a9:dc:c4:05:07:61:36:23:b3:
6d:aa:45:d3:b2:e0:a9:f6:01:12:98:8a:28:fa:35:
bf:e3:5d:a7:b8:80:1c:f3:38:91:03:76:bd:eb:89:
7f:c8:46:bd:f3:5a:f8:e0:f0:df:05:d9:06:fe:5a:
52:3d:06:0e:4e:15:72:91:a5:71:30:4e:d7:6c:8d:
08:0f:c1:c3:5f:b3:20:e2:85:05:5f:eb:93:27:ac:
a9:a7:18:92:94:de:90:11:ce:d5:0c:c0:c9:04:16:
50:4c:4e:2b:c6:b0:0c:67:74:82:03:01:c2:eb:58:
19:be:9e:51:88:13:3f:75:e6:d9:0e:13:b1:d9:04:
5a:d1:0a:47:ab:3a:87:4c:4a:03:62:c2:6d:a0:b1:
f6:82:8f:e0:9d:3b:96:85:c5:2a:18:ba:d8:a1:50:
ad:0e:c7:1a:2f:0f:52:67:f0:1f:a2:db:e9:e8:c1:
04:3e:f3:0d:4d:fa:50:af:6e:ad:ef:9c:08:96:1b:
50:e5:10:61:e6:53:26:ba:1e:48:c1:f9:ea:d3:fd:
5d:82:3d:76:9c:16:9e:c1:88:3b:59:c0:28:f0:06:
d0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BB:B4:34:D6:FE:47:37:D3:57:21:1C:33:E3:8B:66:D1:51:5B:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BEA8FEFA71A011EF84D6A166762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.15.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:af:b7:02:ca:32:39:28:cd:32:02:1d:c9:43:72:90:1d:8b:
6f:32:3a:c0:2e:76:1c:a2:6f:0c:6f:6d:ec:3b:16:9a:d5:d6:
68:06:c4:75:c3:35:ff:1c:34:9a:b8:c3:df:09:89:80:d4:b3:
82:8e:70:17:2e:7d:67:d8:03:e9:96:9a:af:6f:67:aa:8b:51:
51:8e:d6:c4:31:78:71:5d:45:59:96:6b:52:53:bb:5e:ab:5f:
45:21:66:f3:81:05:ee:75:09:d2:5b:dd:ba:6f:8f:1d:04:17:
41:7f:08:05:ad:df:6c:74:03:33:60:3b:03:40:82:25:75:77:
7b:a3:56:7a:07:26:e5:47:24:d1:2b:9a:bc:22:76:cd:bd:20:
f8:ee:61:d1:50:68:8a:10:1f:74:86:b4:80:cf:d7:81:15:00:
48:ba:66:b5:17:b0:05:a2:24:4d:2f:cb:04:f8:29:e3:a7:25:
01:c5:f5:48:7d:5c:6c:cf:a5:c3:47:ca:aa:53:ef:5d:93:bf:
4c:fa:e4:8e:d7:56:5b:43:13:5d:9f:ff:30:9d:b7:64:4b:be:
e6:b4:50:5e:dd:34:a9:cc:05:26:c2:43:da:2f:87:14:20:d3:
dc:ba:3d:94:64:57:1c:b2:f8:4a:53:66:26:4b:6f:84:77:22:
49:2b:8a:e0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAO14MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTEzMDcyMTA1WhcNMjQxMTMwMDcyMTA1WjAYMRYw
FAYDVQQDEw02NmUzZTdlNC1lOTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3HvUsXcuMcXtzV0LuwN2xcVFnGM86LWR+UWSyfmfPwf367Wp3MQFB2E2
I7NtqkXTsuCp9gESmIoo+jW/412nuIAc8ziRA3a964l/yEa981r44PDfBdkG/lpS
PQYOThVykaVxME7XbI0ID8HDX7Mg4oUFX+uTJ6yppxiSlN6QEc7VDMDJBBZQTE4r
xrAMZ3SCAwHC61gZvp5RiBM/debZDhOx2QRa0QpHqzqHTEoDYsJtoLH2go/gnTuW
hcUqGLrYoVCtDscaLw9SZ/Afotvp6MEEPvMNTfpQr26t75wIlhtQ5RBh5lMmuh5I
wfnq0/1dgj12nBaewYg7WcAo8AbQDQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDS7
tDTW/kc301chHDPji2bRUVuOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRUE4RkVGQTcxQTAxMUVGODRENkExNjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtMPMA0GCSqGSIb3DQEB
CwUAA4IBAQCqr7cCyjI5KM0yAh3JQ3KQHYtvMjrALnYcom8Mb23sOxaa1dZoBsR1
wzX/HDSauMPfCYmA1LOCjnAXLn1n2APplpqvb2eqi1FRjtbEMXhxXUVZlmtSU7te
q19FIWbzgQXudQnSW926b48dBBdBfwgFrd9sdAMzYDsDQIIldXd7o1Z6ByblRyTR
K5q8InbNvSD47mHRUGiKEB90hrSAz9eBFQBIuma1F7AFoiRNL8sE+CnjpyUBxfVI
fVxsz6XDR8qqU+9dk79M+uSO11ZbQxNdn/8wnbdkS77mtFBe3TSpzAUmwkPaL4cU
INPcuj2UZFccsvhKU2YmS2+EdyJJK4rg
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:23 2024 by rpki-client on console-fra.rpki-client.org