Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C1D07824CB4211EE8189E893775412E6.roa
File: C1D07824CB4211EE8189E893775412E6.roa (raw, json)
Hash identifier: SaTPHocS/h/Iu/5E5TFfbIQ12Z9Bd1yfuvt77rkmVqk=
Subject key identifier: 37:5A:56:9B:E9:D8:88:99:7A:11:AC:0C:C6:72:56:B3:B3:2B:D5:90
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 898B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C1D07824CB4211EE8189E893775412E6.roa
Signing time: Wed 14 Feb 2024 14:10:08 +0000
ROA not before: Wed 14 Feb 2024 14:10:04 +0000
ROA not after: Mon 17 Feb 2025 14:10:04 +0000
asID: 197730
IP address blocks: 154.201.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35211 (0x898b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 14 14:10:04 2024 GMT
Not After : Feb 17 14:10:04 2025 GMT
Subject: CN=65ccc9bf-9ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e9:9b:e2:e1:5f:41:22:97:3c:c9:ed:66:06:
b4:46:43:90:c6:d6:da:6f:19:f6:52:6c:83:14:8e:
c0:dd:98:15:6d:c8:dd:bb:be:da:7a:32:51:96:90:
82:05:c0:d6:fb:a7:8e:3c:eb:cb:1e:f3:28:91:29:
c5:e2:07:ef:a2:6c:a1:72:55:a6:d7:86:e3:73:42:
f9:16:14:86:83:d3:06:48:d4:cf:59:1b:ec:d1:31:
57:31:99:3a:68:fe:a9:e5:bd:f7:a8:8d:b0:29:ab:
95:c7:bf:74:2d:c3:6f:96:34:12:c5:b9:65:bf:a5:
16:ef:56:f7:75:95:72:6e:91:05:cc:cf:44:1e:90:
d0:02:61:b6:08:28:6f:32:f8:5c:02:f1:e5:5d:0d:
59:fb:01:df:24:f1:e4:b2:dd:1a:94:ff:86:a3:0c:
63:d4:5b:a6:f2:a2:1c:ab:ad:1f:08:03:22:3a:30:
f5:3e:78:d1:9f:5a:f8:32:02:7d:df:7f:97:81:27:
33:e7:cb:b9:d0:c3:61:a3:1d:e2:c9:1b:f9:3b:85:
13:89:75:40:a5:d0:20:70:91:e3:7b:d9:e7:76:f2:
2e:58:9f:f0:ae:e1:08:31:da:91:7d:55:1b:ff:3f:
20:23:1d:ad:06:cc:69:71:eb:4b:6d:bf:c0:f2:fa:
bf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:5A:56:9B:E9:D8:88:99:7A:11:AC:0C:C6:72:56:B3:B3:2B:D5:90
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C1D07824CB4211EE8189E893775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.124.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:f8:09:f6:bb:19:64:f2:a8:f3:59:da:6c:20:6e:b6:04:38:
4b:a0:60:be:b0:34:e6:8a:d6:45:9d:00:5c:1e:bf:de:08:f4:
58:0f:f8:c5:c7:6b:03:40:e6:b2:96:cd:87:0e:1a:19:f1:c9:
3c:1d:b8:90:4b:28:80:d7:8e:a0:7d:62:5f:bd:e8:71:f5:5c:
d5:73:f6:ec:d8:43:2d:69:2b:66:4d:c7:ba:96:16:51:04:60:
a5:33:99:b1:a3:af:df:4e:70:97:2b:82:4a:c6:61:e8:69:54:
37:d8:04:76:e9:40:62:62:22:50:40:67:59:73:1d:16:96:64:
b4:a2:06:91:f1:77:9d:af:79:76:19:c1:73:2f:9c:56:15:43:
86:f1:66:a4:59:81:9c:23:02:89:5d:07:72:a0:05:97:6e:c1:
58:30:46:8a:34:93:ca:21:0a:7a:72:45:16:f8:3d:57:ee:6c:
f9:f4:3c:3b:35:b8:b6:70:1f:1e:3d:f6:a0:67:33:86:0c:0f:
1d:00:a0:33:0d:15:13:79:8b:90:6e:62:3c:5c:98:dd:42:e5:
9b:3e:01:43:e9:1c:53:f5:08:26:ed:fc:6d:bd:5f:6f:e0:ec:
54:6d:16:53:d0:29:f2:db:ce:5f:cb:8f:c0:88:9f:88:b0:69:
35:30:db:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAImLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjE0MTQxMDA0WhcNMjUwMjE3MTQxMDA0WjAYMRYw
FAYDVQQDEw02NWNjYzliZi05Y2U5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlOmb4uFfQSKXPMntZga0RkOQxtbabxn2UmyDFI7A3ZgVbcjdu77aejJR
lpCCBcDW+6eOPOvLHvMokSnF4gfvomyhclWm14bjc0L5FhSGg9MGSNTPWRvs0TFX
MZk6aP6p5b33qI2wKauVx790LcNvljQSxbllv6UW71b3dZVybpEFzM9EHpDQAmG2
CChvMvhcAvHlXQ1Z+wHfJPHkst0alP+Gowxj1Fum8qIcq60fCAMiOjD1PnjRn1r4
MgJ933+XgScz58u50MNhox3iyRv5O4UTiXVApdAgcJHje9nndvIuWJ/wruEIMdqR
fVUb/z8gIx2tBsxpcetLbb/A8vq/lQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDda
Vpvp2IiZehGsDMZyVrOzK9WQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMUQwNzgyNENCNDIxMUVFODE4OUU4OTM3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsl8MA0GCSqGSIb3DQEB
CwUAA4IBAQC/+An2uxlk8qjzWdpsIG62BDhLoGC+sDTmitZFnQBcHr/eCPRYD/jF
x2sDQOayls2HDhoZ8ck8HbiQSyiA146gfWJfvehx9VzVc/bs2EMtaStmTce6lhZR
BGClM5mxo6/fTnCXK4JKxmHoaVQ32AR26UBiYiJQQGdZcx0WlmS0ogaR8Xedr3l2
GcFzL5xWFUOG8WakWYGcIwKJXQdyoAWXbsFYMEaKNJPKIQp6ckUW+D1X7mz59Dw7
Nbi2cB8ePfagZzOGDA8dAKAzDRUTeYuQbmI8XJjdQuWbPgFD6RxT9Qgm7fxtvV9v
4OxUbRZT0Cny285fy4/AiJ+IsGk1MNsc
-----END CERTIFICATE-----
Generated at Sun Nov 24 02:36:45 2024 by rpki-client on console-fra.rpki-client.org