Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD2FBB9C952E11EF81C37045762E951A.roa
File: CD2FBB9C952E11EF81C37045762E951A.roa (raw, json)
Hash identifier: vl45k9HrthpYTZg4L40Oa2PX2CY7NW01tYmJAD77YqI=
Subject key identifier: ED:CC:35:BF:EF:7F:F7:71:9B:0C:BF:35:D5:B0:B5:BC:61:06:97:12
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0102D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD2FBB9C952E11EF81C37045762E951A.roa
Signing time: Mon 28 Oct 2024 13:16:12 +0000
ROA not before: Mon 28 Oct 2024 13:16:08 +0000
ROA not after: Sun 24 Nov 2024 13:16:08 +0000
asID: 5065
IP address blocks: 154.86.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 08:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66261 (0x102d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 28 13:16:08 2024 GMT
Not After : Nov 24 13:16:08 2024 GMT
Subject: CN=671f8e9b-582d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:63:c4:06:fe:d4:26:96:f6:76:26:78:71:33:
85:9b:46:b5:c1:17:ed:03:57:52:8b:2c:10:8c:c5:
77:41:fc:4d:e9:2b:b7:7a:b1:d6:13:c5:89:0d:51:
0e:0f:39:2d:64:5f:d4:f8:7f:30:98:b8:15:90:60:
ea:78:8c:14:3b:d0:d5:57:63:e2:b2:eb:02:c0:2f:
a0:9a:9d:c7:b4:f3:18:5b:07:ea:e7:84:83:00:b7:
71:62:aa:23:75:5c:37:ce:06:d6:bb:28:3c:5d:a3:
a6:a6:a4:0b:a9:72:89:5e:6b:39:e8:a1:52:9d:54:
ed:35:4d:fa:6a:62:73:4f:13:88:42:f2:47:c3:4a:
85:bd:78:61:1b:5e:3c:2f:cc:e9:e8:25:bb:be:0e:
56:6f:db:fc:8a:0f:65:65:9a:61:e2:86:5e:ce:02:
b0:f1:4f:ed:e6:a0:65:05:93:f1:df:a9:50:7e:e6:
39:26:41:a0:3b:2c:89:84:d7:bf:e6:75:92:ad:72:
cb:01:2b:12:76:70:a9:f9:52:81:3b:13:35:eb:3e:
a4:f7:8e:b3:f9:6a:52:a4:1a:b8:50:7c:a3:64:1a:
85:db:02:b0:1e:51:77:68:c2:0f:b2:70:96:e3:3e:
95:f5:65:91:e4:ae:03:37:b0:35:a0:57:53:5a:28:
df:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:CC:35:BF:EF:7F:F7:71:9B:0C:BF:35:D5:B0:B5:BC:61:06:97:12
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD2FBB9C952E11EF81C37045762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.96.0/20
Signature Algorithm: sha256WithRSAEncryption
a9:65:dd:62:61:67:db:e5:f7:96:25:69:eb:5e:3e:6c:d6:43:
b2:6b:6b:1f:42:34:6d:5d:41:ef:71:3c:c2:66:d0:bf:22:72:
b0:8e:f2:27:ca:17:69:1f:7a:4e:4c:b6:1b:65:54:84:5a:61:
80:c3:a1:9f:1f:f2:c0:4b:34:36:95:8b:df:a4:a9:99:79:ed:
46:e4:e9:6f:d3:66:36:d5:f3:b6:18:38:8e:87:85:11:22:2d:
f6:0e:3c:c5:51:d3:d6:1a:7c:bd:cf:86:49:27:78:d7:cf:09:
08:56:93:b5:65:87:fb:f7:7a:7b:1c:90:8c:8b:ee:31:3b:b7:
5e:e5:f9:fa:d4:04:12:bd:0f:a7:75:df:d8:bf:1a:a4:9e:bd:
c1:d8:2a:ef:9b:58:91:9a:a4:35:a4:b0:a3:ad:fd:bd:54:1a:
e9:f1:66:6c:fd:93:0f:6b:ce:4b:3f:ce:62:84:00:42:59:af:
20:63:69:5e:60:9e:b1:94:eb:eb:3a:66:75:2c:ba:fd:24:ea:
7b:cb:c3:c9:6e:79:0b:7a:f1:ca:0c:62:47:ea:b5:09:95:62:
32:f7:72:26:e7:7b:96:c1:6f:f8:dc:67:be:cc:03:15:34:0e:
a6:99:77:f6:ce:dd:c0:ec:bd:99:13:bd:9d:a4:42:f1:e7:92:
32:a9:20:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQLVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDI4MTMxNjA4WhcNMjQxMTI0MTMxNjA4WjAYMRYw
FAYDVQQDEw02NzFmOGU5Yi01ODJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwWPEBv7UJpb2diZ4cTOFm0a1wRftA1dSiywQjMV3QfxN6Su3erHWE8WJ
DVEODzktZF/U+H8wmLgVkGDqeIwUO9DVV2PisusCwC+gmp3HtPMYWwfq54SDALdx
YqojdVw3zgbWuyg8XaOmpqQLqXKJXms56KFSnVTtNU36amJzTxOIQvJHw0qFvXhh
G148L8zp6CW7vg5Wb9v8ig9lZZph4oZezgKw8U/t5qBlBZPx36lQfuY5JkGgOyyJ
hNe/5nWSrXLLASsSdnCp+VKBOxM16z6k946z+WpSpBq4UHyjZBqF2wKwHlF3aMIP
snCW4z6V9WWR5K4DN7A1oFdTWijfxwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO3M
Nb/vf/dxmwy/NdWwtbxhBpcSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDJGQkI5Qzk1MkUxMUVGODFDMzcwNDU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlZgMA0GCSqGSIb3DQEB
CwUAA4IBAQCpZd1iYWfb5feWJWnrXj5s1kOya2sfQjRtXUHvcTzCZtC/InKwjvIn
yhdpH3pOTLYbZVSEWmGAw6GfH/LASzQ2lYvfpKmZee1G5Olv02Y21fO2GDiOh4UR
Ii32DjzFUdPWGny9z4ZJJ3jXzwkIVpO1ZYf793p7HJCMi+4xO7de5fn61AQSvQ+n
dd/Yvxqknr3B2Crvm1iRmqQ1pLCjrf29VBrp8WZs/ZMPa85LP85ihABCWa8gY2le
YJ6xlOvrOmZ1LLr9JOp7y8PJbnkLevHKDGJH6rUJlWIy93Im53uWwW/43Ge+zAMV
NA6mmXf2zt3A7L2ZE72dpELx55IyqSAU
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:07 2024 by rpki-client on console-ams.rpki-client.org