Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CCD3229032B611EF8638A191762E951A.roa
File: CCD3229032B611EF8638A191762E951A.roa (raw, json)
Hash identifier: J91kWdTSxEkhA3jigPw4kyMpMsXwTd6WKZbItrl4Z5E=
Subject key identifier: 99:66:5C:E5:97:D1:5E:5A:5F:8D:AC:F1:C7:3E:6E:2C:B5:C2:2E:4A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: C639
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CCD3229032B611EF8638A191762E951A.roa
Signing time: Tue 25 Jun 2024 05:50:17 +0000
ROA not before: Tue 25 Jun 2024 05:50:14 +0000
ROA not after: Fri 03 Jan 2025 05:50:14 +0000
asID: 40065
IP address blocks: 154.208.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50745 (0xc639)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 25 05:50:14 2024 GMT
Not After : Jan 3 05:50:14 2025 GMT
Subject: CN=667a5a99-9999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1a:01:cf:fa:53:e4:f1:13:a7:d5:10:c7:c0:
65:9b:29:c2:42:72:74:14:c3:32:92:86:6a:5c:1e:
e7:15:97:6c:1e:4b:5c:c1:be:f6:7f:35:14:98:5b:
64:33:c1:3d:2a:e0:5f:4f:2d:c5:81:24:d9:38:16:
a5:3e:f8:2a:da:a8:a3:81:d2:03:e9:f4:ee:74:d1:
12:aa:e7:19:da:86:2c:18:61:f4:45:34:40:d7:cd:
ac:b4:26:27:87:c8:5a:6b:23:ea:9f:cf:3d:b2:96:
4c:ae:76:92:a3:57:53:ee:cc:a9:8e:01:ec:6f:16:
57:aa:dc:89:1e:92:a8:e9:2d:72:3e:bc:9b:af:07:
87:38:e5:91:a5:69:b3:07:44:63:4e:29:25:24:2b:
76:fc:98:f6:5c:2f:b9:b7:a0:1c:dd:3d:db:f6:d1:
88:01:a8:06:52:29:89:4c:60:86:5d:da:4a:94:c8:
00:0b:df:e2:01:da:e7:f6:f0:d4:66:b3:41:95:a4:
52:5e:1e:6f:72:7e:93:bd:a8:c1:aa:14:fc:eb:8a:
36:ee:71:2c:25:10:87:ef:68:3e:9f:31:0f:89:81:
9a:a5:e7:19:09:cf:6f:54:8c:c3:0b:93:78:a6:97:
3f:30:bc:42:9a:b1:0f:0b:ef:96:16:38:8f:1d:25:
4b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:66:5C:E5:97:D1:5E:5A:5F:8D:AC:F1:C7:3E:6E:2C:B5:C2:2E:4A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CCD3229032B611EF8638A191762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.8.0/22
Signature Algorithm: sha256WithRSAEncryption
36:21:4c:bc:9c:81:ac:57:09:ad:3c:e4:df:dd:25:cf:33:71:
53:bd:60:9d:e3:48:f0:96:ce:43:7a:d0:c5:b5:0e:dd:0e:71:
d8:fe:7b:9d:d1:80:c7:80:9e:74:33:80:e0:29:19:1f:50:be:
be:b3:10:6b:b0:8b:48:14:e2:49:e5:bb:fb:97:59:b4:9b:ed:
ce:cd:f9:29:70:3d:d6:36:29:b4:bd:bb:17:cc:0b:0b:59:49:
18:b8:f4:8b:2d:9b:f7:b7:51:0a:b2:f4:90:93:4c:7b:e4:2e:
0b:a8:21:5c:a3:3a:c3:2f:b9:94:2f:88:38:f4:35:aa:92:0f:
37:a3:27:58:bc:4e:32:a8:d8:7c:a8:a8:b8:cd:17:80:65:7f:
d1:61:c0:9e:82:5c:dd:47:d7:43:99:dd:df:30:4d:d1:d4:45:
25:f9:6e:49:45:e8:d2:67:44:18:d7:ec:98:f2:57:f9:82:ee:
8c:8d:15:52:d3:0f:45:c5:19:97:2c:44:e9:99:ec:29:06:2c:
85:b0:31:d2:a0:42:b2:b0:b1:4d:2e:bb:c2:77:2b:5e:83:ac:
6b:5f:98:84:58:43:6c:d9:70:6c:c5:be:01:ac:b9:5e:67:37:
72:45:37:14:50:90:20:0d:56:ea:7b:b9:2c:ac:3f:bb:c1:25:
c0:51:49:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAMY5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNjI1MDU1MDE0WhcNMjUwMTAzMDU1MDE0WjAYMRYw
FAYDVQQDEw02NjdhNWE5OS05OTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqhoBz/pT5PETp9UQx8BlmynCQnJ0FMMykoZqXB7nFZdsHktcwb72fzUU
mFtkM8E9KuBfTy3FgSTZOBalPvgq2qijgdID6fTudNESqucZ2oYsGGH0RTRA182s
tCYnh8haayPqn889spZMrnaSo1dT7sypjgHsbxZXqtyJHpKo6S1yPrybrweHOOWR
pWmzB0RjTiklJCt2/Jj2XC+5t6Ac3T3b9tGIAagGUimJTGCGXdpKlMgAC9/iAdrn
9vDUZrNBlaRSXh5vcn6TvajBqhT864o27nEsJRCH72g+nzEPiYGapecZCc9vVIzD
C5N4ppc/MLxCmrEPC++WFjiPHSVLlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJlm
XOWX0V5aX42s8cc+biy1wi5KMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQ0QzMjI5MDMyQjYxMUVGODYzOEExOTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtAIMA0GCSqGSIb3DQEB
CwUAA4IBAQA2IUy8nIGsVwmtPOTf3SXPM3FTvWCd40jwls5DetDFtQ7dDnHY/nud
0YDHgJ50M4DgKRkfUL6+sxBrsItIFOJJ5bv7l1m0m+3OzfkpcD3WNim0vbsXzAsL
WUkYuPSLLZv3t1EKsvSQk0x75C4LqCFcozrDL7mUL4g49DWqkg83oydYvE4yqNh8
qKi4zReAZX/RYcCeglzdR9dDmd3fME3R1EUl+W5JRejSZ0QY1+yY8lf5gu6MjRVS
0w9FxRmXLETpmewpBiyFsDHSoEKysLFNLrvCdyteg6xrX5iEWENs2XBsxb4BrLle
ZzdyRTcUUJAgDVbqe7ksrD+7wSXAUUnd
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:36 2024 by rpki-client on console-ams.rpki-client.org