Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C5A280DC96B211EF983AC156762E951A.roa
File: C5A280DC96B211EF983AC156762E951A.roa (raw, json)
Hash identifier: AEizwFoUS3ncppJj1TtgKPWoUnrGmJlbWHTJFPe3Ozo=
Subject key identifier: C5:14:94:4D:1A:93:C2:6F:BC:E3:93:52:EC:96:E8:59:A3:F1:6F:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010405
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C5A280DC96B211EF983AC156762E951A.roa
Signing time: Wed 30 Oct 2024 11:33:24 +0000
ROA not before: Wed 30 Oct 2024 11:33:20 +0000
ROA not after: Wed 11 Dec 2024 11:33:20 +0000
asID: 138915
IP address blocks: 154.205.128.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66565 (0x10405)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 30 11:33:20 2024 GMT
Not After : Dec 11 11:33:20 2024 GMT
Subject: CN=67221983-f713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e8:a1:d4:ce:c5:a6:fe:97:5c:8f:66:8a:72:
66:60:11:b2:71:60:d8:0d:b1:69:a2:91:13:f4:ea:
25:02:ad:7d:c8:bd:92:a9:d5:02:c6:27:83:5b:3a:
0e:46:2b:ba:de:8c:98:b3:9d:be:b3:1e:8a:a9:b7:
55:f4:85:86:68:fd:34:10:fb:47:5f:9c:1c:38:f2:
17:86:7d:49:6a:de:05:f3:a1:b1:67:fa:08:6f:c5:
8d:74:0b:aa:97:73:db:ac:b3:c9:69:c2:2b:79:0b:
a8:a3:08:1d:32:3e:ff:fd:c7:85:29:22:30:31:9a:
37:ef:09:3b:ff:e5:a4:ae:09:7e:62:9b:04:71:65:
4b:0c:95:31:69:10:f1:36:5a:4c:c6:15:71:57:56:
c6:b2:43:fc:2a:d9:a7:d4:91:46:8a:54:b3:81:81:
59:cc:ce:5a:c0:c5:5c:11:25:29:5c:66:c0:5f:12:
2b:ce:b1:1b:40:87:16:65:26:15:c4:a5:8a:ed:84:
69:99:32:ce:eb:ba:14:f8:1c:4e:f3:93:30:30:6e:
90:51:5b:64:22:7b:4f:82:c3:e5:49:81:98:29:b4:
10:f3:61:a1:31:18:d9:c4:47:e7:01:76:e6:dd:d1:
f4:05:f6:06:c8:64:c0:95:86:41:a8:9a:35:5a:3f:
fd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:14:94:4D:1A:93:C2:6F:BC:E3:93:52:EC:96:E8:59:A3:F1:6F:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C5A280DC96B211EF983AC156762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.128.0/19
Signature Algorithm: sha256WithRSAEncryption
23:31:22:73:92:16:4d:a1:be:51:1c:8e:14:40:e3:12:61:3f:
fa:11:fa:b0:2f:6a:e2:93:4d:2f:04:03:b2:a5:d2:1e:28:73:
41:27:5a:ab:7b:0d:ee:60:00:b7:cb:a1:71:ac:fe:0d:71:d8:
96:ae:93:ca:23:63:07:51:7f:42:5a:a2:7a:7d:a5:71:a0:6f:
0c:a7:1d:2a:3d:23:60:92:15:1b:0a:9e:84:27:72:03:7b:22:
fa:f4:c5:5b:94:d4:98:1d:81:40:22:89:f9:5e:b8:7c:38:4a:
23:99:a4:1a:b7:fa:97:68:b6:c9:49:e4:e8:42:b3:08:78:9d:
74:04:c0:5f:4d:2c:4d:32:49:50:3e:7c:13:d2:c0:97:c7:89:
2f:9b:ba:7e:be:e3:1d:b3:45:db:fd:6c:fa:a3:13:91:5a:ba:
b7:0b:db:87:d2:d5:fe:df:e6:94:f3:08:66:66:a6:85:31:56:
ec:ad:28:93:5e:48:9a:94:50:37:90:85:4a:80:27:fa:3b:98:
8c:eb:ea:fc:ab:c6:5b:60:f7:87:a4:35:8b:62:cb:57:a7:4e:
91:ff:6c:f0:1f:e8:8e:d9:44:9d:31:8d:d1:e0:8a:f1:5f:88:
06:66:7e:d5:e7:68:81:25:a5:46:1b:71:c4:35:82:c9:d4:be:
e8:68:fe:c3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQQFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDMwMTEzMzIwWhcNMjQxMjExMTEzMzIwWjAYMRYw
FAYDVQQDEw02NzIyMTk4My1mNzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz+ih1M7Fpv6XXI9minJmYBGycWDYDbFpopET9OolAq19yL2SqdUCxieD
WzoORiu63oyYs52+sx6KqbdV9IWGaP00EPtHX5wcOPIXhn1Jat4F86GxZ/oIb8WN
dAuql3PbrLPJacIreQuoowgdMj7//ceFKSIwMZo37wk7/+Wkrgl+YpsEcWVLDJUx
aRDxNlpMxhVxV1bGskP8Ktmn1JFGilSzgYFZzM5awMVcESUpXGbAXxIrzrEbQIcW
ZSYVxKWK7YRpmTLO67oU+BxO85MwMG6QUVtkIntPgsPlSYGYKbQQ82GhMRjZxEfn
AXbm3dH0BfYGyGTAlYZBqJo1Wj/9/wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMUU
lE0ak8JvvOOTUuyW6Fmj8W9NMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNUEyODBEQzk2QjIxMUVGOTgzQUMxNTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFms2AMA0GCSqGSIb3DQEB
CwUAA4IBAQAjMSJzkhZNob5RHI4UQOMSYT/6EfqwL2rik00vBAOypdIeKHNBJ1qr
ew3uYAC3y6FxrP4NcdiWrpPKI2MHUX9CWqJ6faVxoG8Mpx0qPSNgkhUbCp6EJ3ID
eyL69MVblNSYHYFAIon5Xrh8OEojmaQat/qXaLbJSeToQrMIeJ10BMBfTSxNMklQ
PnwT0sCXx4kvm7p+vuMds0Xb/Wz6oxORWrq3C9uH0tX+3+aU8whmZqaFMVbsrSiT
XkialFA3kIVKgCf6O5iM6+r8q8ZbYPeHpDWLYstXp06R/2zwH+iO2USdMY3R4Irx
X4gGZn7V52iBJaVGG3HENYLJ1L7oaP7D
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:35 2024 by rpki-client on console-ams.rpki-client.org