Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CCC4BC8CA26E11EFB8B1496C762E951A.roa
File: CCC4BC8CA26E11EFB8B1496C762E951A.roa (raw, json)
Hash identifier: GpyMVLqCDGmn1sT54QgDY41LYfxEah+CB8T5Tz1Ol1o=
Subject key identifier: CB:25:DC:45:92:0B:4A:05:BB:C7:7B:C5:12:59:48:E0:64:E1:32:79
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010D06
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CCC4BC8CA26E11EFB8B1496C762E951A.roa
Signing time: Thu 14 Nov 2024 09:57:04 +0000
ROA not before: Thu 14 Nov 2024 09:57:00 +0000
ROA not after: Sat 23 Nov 2024 09:57:00 +0000
asID: 137443
IP address blocks: 154.223.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 09:57:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68870 (0x10d06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 14 09:57:00 2024 GMT
Not After : Nov 23 09:57:00 2024 GMT
Subject: CN=6735c970-1c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fa:7d:5e:5b:49:fd:69:4b:02:d3:6b:86:c9:
e2:bc:8e:19:05:11:c7:9f:e5:a0:c7:2c:89:8f:e8:
4d:48:6a:b9:eb:97:94:40:ed:9c:26:e8:d3:3a:b7:
d9:7c:b5:2a:20:03:28:98:52:1a:7c:16:3a:58:1d:
a2:5b:96:ed:aa:b0:e7:71:20:55:cf:99:5f:dc:a3:
a9:93:0f:6a:c8:bb:c5:61:e5:25:db:0d:5b:cc:83:
36:69:3f:d6:c0:51:07:cf:a8:60:ec:0c:ca:fa:ac:
4a:1d:6c:70:cf:15:19:ad:15:c3:6e:bd:5a:36:c3:
1b:f4:e5:09:a3:e7:0a:ec:f8:e9:1c:cf:9e:28:42:
d8:23:29:1f:18:c1:c3:a1:cf:d4:e0:7d:91:bf:11:
c0:36:4a:a9:cf:ad:12:9c:a0:e3:d0:95:68:93:b6:
12:69:cf:75:a3:76:24:6d:cc:73:01:99:50:f9:75:
23:b5:2c:4b:88:16:61:84:2a:69:64:21:54:7c:35:
45:5f:39:8a:37:e5:e6:c2:e6:4a:0a:6e:a2:80:19:
d8:9f:c0:73:e0:f3:8a:be:c3:c4:70:0b:24:09:3a:
71:a0:7c:2d:94:09:b1:5c:a2:ca:06:8e:54:6f:24:
ee:0e:2d:ca:0c:f8:c1:23:25:7d:fa:34:a2:73:c3:
0f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:25:DC:45:92:0B:4A:05:BB:C7:7B:C5:12:59:48:E0:64:E1:32:79
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CCC4BC8CA26E11EFB8B1496C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.180.0/22
Signature Algorithm: sha256WithRSAEncryption
67:92:78:de:31:48:d3:ee:20:51:10:01:72:47:87:81:08:3a:
56:eb:87:eb:f8:ec:c5:46:b6:eb:9b:cf:44:2f:07:89:3a:5f:
77:f9:48:bc:62:b1:9f:01:f2:5a:f8:8f:42:1c:c7:23:28:1f:
cb:61:7f:5b:15:98:54:24:24:14:2d:8a:9a:b0:c2:47:14:ae:
99:a5:7d:83:36:b7:21:27:75:cb:b9:f9:66:f2:80:e2:f7:6f:
f7:fd:03:ee:9a:99:48:81:47:b5:1b:17:9f:e3:45:13:e1:5a:
61:d8:4d:e1:cc:d6:1d:0e:7d:b1:9c:94:8a:08:5a:81:04:77:
d3:34:0d:10:e0:0a:41:10:04:5a:d6:c2:d6:64:52:1c:8a:18:
88:3e:2f:99:d1:42:f9:6e:c8:c3:45:0e:9b:d1:9e:33:16:04:
ad:cf:69:5a:a7:c8:2f:dc:f9:bc:e4:30:0e:68:3a:c3:bf:10:
57:ac:b3:42:b3:8c:a7:10:a2:6d:65:68:9a:9f:c1:05:2e:9d:
8e:19:f2:45:f5:da:a7:51:1d:cd:41:02:b9:b0:07:2c:e8:83:
d4:26:4f:62:1d:ba:6e:41:55:fb:00:ec:65:7e:bd:5b:33:79:
9f:d5:45:7e:da:79:6b:a0:2a:f7:f0:f3:36:fd:91:45:88:fe:
06:15:34:46
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ0GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE0MDk1NzAwWhcNMjQxMTIzMDk1NzAwWjAYMRYw
FAYDVQQDEw02NzM1Yzk3MC0xYzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqvp9XltJ/WlLAtNrhsnivI4ZBRHHn+WgxyyJj+hNSGq565eUQO2cJujT
OrfZfLUqIAMomFIafBY6WB2iW5btqrDncSBVz5lf3KOpkw9qyLvFYeUl2w1bzIM2
aT/WwFEHz6hg7AzK+qxKHWxwzxUZrRXDbr1aNsMb9OUJo+cK7PjpHM+eKELYIykf
GMHDoc/U4H2RvxHANkqpz60SnKDj0JVok7YSac91o3YkbcxzAZlQ+XUjtSxLiBZh
hCppZCFUfDVFXzmKN+XmwuZKCm6igBnYn8Bz4POKvsPEcAskCTpxoHwtlAmxXKLK
Bo5UbyTuDi3KDPjBIyV9+jSic8MPIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMsl
3EWSC0oFu8d7xRJZSOBk4TJ5MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQ0M0QkM4Q0EyNkUxMUVGQjhCMTQ5NkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt+0MA0GCSqGSIb3DQEB
CwUAA4IBAQBnknjeMUjT7iBREAFyR4eBCDpW64fr+OzFRrbrm89ELweJOl93+Ui8
YrGfAfJa+I9CHMcjKB/LYX9bFZhUJCQULYqasMJHFK6ZpX2DNrchJ3XLuflm8oDi
92/3/QPumplIgUe1Gxef40UT4Vph2E3hzNYdDn2xnJSKCFqBBHfTNA0Q4ApBEARa
1sLWZFIcihiIPi+Z0UL5bsjDRQ6b0Z4zFgStz2lap8gv3Pm85DAOaDrDvxBXrLNC
s4ynEKJtZWian8EFLp2OGfJF9dqnUR3NQQK5sAcs6IPUJk9iHbpuQVX7AOxlfr1b
M3mf1UV+2nlroCr38PM2/ZFFiP4GFTRG
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:28 2024 by rpki-client on console-ams.rpki-client.org