Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CAD91556C1E811EE9E1154B2775412E6.roa
File: CAD91556C1E811EE9E1154B2775412E6.roa (raw, json)
Hash identifier: P0GWXtO/qEVlfnPIsILmDLbk7btbi+w/BOxkYxd7dQo=
Subject key identifier: CB:D5:F0:CC:6D:1E:D6:36:19:2F:37:7C:25:B6:EA:89:71:3D:FC:28
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 85BF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CAD91556C1E811EE9E1154B2775412E6.roa
Signing time: Fri 02 Feb 2024 16:33:28 +0000
ROA not before: Fri 02 Feb 2024 16:33:24 +0000
ROA not after: Mon 27 Jan 2025 16:33:24 +0000
asID: 138456
IP address blocks: 154.194.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34239 (0x85bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Feb 2 16:33:24 2024 GMT
Not After : Jan 27 16:33:24 2025 GMT
Subject: CN=65bd1957-1e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f2:2a:62:e7:31:a7:6b:dc:8a:e0:2a:09:ce:
3c:ba:2f:87:56:6b:d8:7f:5d:c9:cd:a8:32:13:9b:
5a:31:c9:2c:3a:c5:34:9d:36:fa:60:67:91:f7:2f:
0f:fb:75:89:1e:e4:84:bc:a0:cb:c4:54:c2:94:36:
c6:74:fc:57:7d:f2:4a:8b:d8:59:5f:76:42:b1:92:
c5:95:cc:38:75:22:c2:09:df:eb:6a:cc:76:66:ba:
e8:97:06:9c:44:9b:6a:70:1c:41:8e:5a:2e:2f:2f:
40:f5:2b:7f:88:28:3b:f2:88:a7:25:ca:2c:94:72:
5e:5f:86:35:0d:cb:a0:79:2d:75:4f:2d:7d:fe:72:
5b:1e:d5:d1:e5:88:48:0e:6e:23:c8:84:09:d3:df:
6e:ac:4c:91:08:20:7f:05:3f:da:e9:7c:8c:f6:90:
0d:50:91:77:6f:2f:90:1a:75:e3:c0:4b:c3:8e:ff:
51:ac:75:e0:b6:e2:ec:78:81:c2:b2:3b:27:d7:a4:
46:f8:42:c5:ff:39:00:47:14:b5:3f:0a:c6:dd:16:
a7:00:dd:8a:28:3c:9c:30:7f:c0:50:b9:bd:11:93:
11:99:0a:1d:a5:6b:5d:e6:f6:f4:81:72:50:ae:5e:
cd:bc:70:24:0c:c9:57:fe:76:ce:e8:95:68:70:c7:
dd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D5:F0:CC:6D:1E:D6:36:19:2F:37:7C:25:B6:EA:89:71:3D:FC:28
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CAD91556C1E811EE9E1154B2775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.41.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:f3:86:f0:98:9c:d3:99:37:69:a3:63:8c:4d:3e:d5:42:53:
1e:4c:e4:b8:19:bb:8c:a3:56:56:7e:49:2f:e4:c2:d2:ba:a0:
c8:a6:75:97:e1:af:93:78:86:c6:53:3b:e1:c4:f0:b6:02:1a:
84:3c:c9:9d:8b:1c:60:ae:ea:ba:74:d8:a9:6c:ef:cb:9b:31:
8e:9a:f7:b6:a7:e4:7e:07:9a:97:66:b1:68:be:c8:22:ac:1e:
05:a5:25:5a:3f:e9:d9:75:01:fd:dd:67:fb:d4:86:af:5b:86:
b2:12:4e:e6:13:af:c0:4e:b8:31:eb:91:de:c4:b5:7c:ae:ac:
e5:cf:86:bd:10:73:79:69:6a:de:0f:1a:f7:f2:21:b6:b7:ae:
55:b5:84:ee:28:f7:92:d3:17:66:31:97:8c:18:e6:f0:2f:68:
b0:78:df:16:f6:61:5b:58:67:3b:7f:85:a9:cb:80:af:4e:fe:
53:51:88:57:ed:5a:e4:99:01:68:bc:f7:f0:fe:a9:80:0d:5b:
99:c1:48:aa:d3:91:3c:02:fc:f1:32:01:1b:8d:54:6b:66:6b:
14:96:e0:44:6e:7e:37:44:d6:39:3c:17:af:8f:4d:76:e9:e1:
58:1b:b8:63:e9:bc:85:57:51:4c:a9:64:2a:52:87:07:b5:e1:
23:52:84:1f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAIW/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwMjAyMTYzMzI0WhcNMjUwMTI3MTYzMzI0WjAYMRYw
FAYDVQQDEw02NWJkMTk1Ny0xZTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArfIqYucxp2vciuAqCc48ui+HVmvYf13JzagyE5taMcksOsU0nTb6YGeR
9y8P+3WJHuSEvKDLxFTClDbGdPxXffJKi9hZX3ZCsZLFlcw4dSLCCd/rasx2Zrro
lwacRJtqcBxBjlouLy9A9St/iCg78oinJcoslHJeX4Y1DcugeS11Ty19/nJbHtXR
5YhIDm4jyIQJ099urEyRCCB/BT/a6XyM9pANUJF3by+QGnXjwEvDjv9RrHXgtuLs
eIHCsjsn16RG+ELF/zkARxS1PwrG3RanAN2KKDycMH/AULm9EZMRmQodpWtd5vb0
gXJQrl7NvHAkDMlX/nbO6JVocMfdwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMvV
8MxtHtY2GS83fCW26olxPfwoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQUQ5MTU1NkMxRTgxMUVFOUUxMTU0QjI3NzU0MTJFNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIpMA0GCSqGSIb3DQEB
CwUAA4IBAQDB84bwmJzTmTdpo2OMTT7VQlMeTOS4GbuMo1ZWfkkv5MLSuqDIpnWX
4a+TeIbGUzvhxPC2AhqEPMmdixxgruq6dNipbO/LmzGOmve2p+R+B5qXZrFovsgi
rB4FpSVaP+nZdQH93Wf71IavW4ayEk7mE6/ATrgx65HexLV8rqzlz4a9EHN5aWre
Dxr38iG2t65VtYTuKPeS0xdmMZeMGObwL2iweN8W9mFbWGc7f4Wpy4CvTv5TUYhX
7VrkmQFovPfw/qmADVuZwUiq05E8AvzxMgEbjVRrZmsUluBEbn43RNY5PBevj012
6eFYG7hj6byFV1FMqWQqUocHteEjUoQf
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:52 2024 by rpki-client on console-ams.rpki-client.org