Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEA23F180E9C11EF830314FF007001B1.roa
File: CEA23F180E9C11EF830314FF007001B1.roa (raw, json)
Hash identifier: I823+XBgFw/Qk7ZNJe3d7H1onDL93x2F+LF+9BbE2oA=
Subject key identifier: 3B:2D:5E:B3:74:BF:BD:63:BC:EA:FD:40:59:83:FF:35:8E:1D:8D:EC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: B64C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEA23F180E9C11EF830314FF007001B1.roa
Signing time: Fri 10 May 2024 07:13:32 +0000
ROA not before: Fri 10 May 2024 07:13:28 +0000
ROA not after: Mon 28 Apr 2025 07:13:28 +0000
asID: 216038
IP address blocks: 154.86.26.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46668 (0xb64c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 10 07:13:28 2024 GMT
Not After : Apr 28 07:13:28 2025 GMT
Subject: CN=663dc91c-969c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e0:5b:01:bf:e5:68:2d:07:bf:55:68:e6:27:
d2:b3:be:27:a2:e9:be:0a:d4:31:3c:2b:7e:04:12:
af:50:34:f4:dd:87:2a:6a:84:68:a4:a7:23:11:18:
67:31:3e:0b:69:a4:80:6b:89:26:ad:b2:2f:b2:64:
57:48:6f:48:4c:89:f3:57:aa:9c:42:d4:6d:af:0a:
1d:68:26:0d:cf:b5:a9:6a:9c:31:0c:30:01:ea:ce:
c7:66:51:2c:69:98:15:3e:95:37:1d:6c:81:8a:67:
e2:e2:b2:7f:76:76:06:72:22:23:72:50:57:1d:50:
44:f1:df:8c:94:f3:bd:2d:37:c9:d1:92:90:be:4c:
a2:56:4e:64:d2:89:45:8f:4d:5f:87:49:b4:10:7f:
1c:97:02:cd:99:b4:11:c0:48:87:b5:77:e0:cf:d7:
9c:7a:09:7d:bc:c2:e8:04:d3:71:ae:e0:7b:a9:e4:
1f:69:42:40:7a:70:9b:6d:f9:87:91:33:e6:67:55:
7b:ab:6f:5e:d5:d3:b6:58:d7:0b:fe:79:4d:c2:f1:
01:4b:5f:26:82:04:2c:40:fe:24:b0:42:45:ca:27:
46:14:28:b3:2e:56:ab:36:cc:c5:51:f3:14:22:86:
d5:f2:46:d5:7c:2a:2f:8f:47:52:4e:b7:9b:ae:38:
3b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2D:5E:B3:74:BF:BD:63:BC:EA:FD:40:59:83:FF:35:8E:1D:8D:EC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEA23F180E9C11EF830314FF007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.86.26.0/23
Signature Algorithm: sha256WithRSAEncryption
65:b9:3f:d7:05:4e:b9:0d:0e:65:4b:49:38:8d:6c:a5:18:dd:
89:d1:ea:f0:48:df:00:e7:9b:6c:f2:04:b2:2d:77:b3:22:a6:
b4:b7:d6:d1:43:ee:21:35:bb:f5:c3:3d:d0:29:46:bb:49:99:
62:e5:8c:69:0b:27:48:02:1f:65:b8:8c:27:f5:30:ca:db:84:
d0:a6:2b:16:da:e7:3c:ea:b1:67:94:62:a0:52:f0:df:f7:60:
28:3d:9d:57:a6:42:e0:fa:3b:cc:d3:91:d7:48:9c:80:ec:46:
e3:2a:a2:6d:c1:f2:58:1e:05:23:e9:7d:28:8e:8f:aa:47:a1:
71:60:e5:ae:3b:bd:e0:8f:dc:b9:d7:02:4a:e6:52:b7:19:3a:
fa:b1:9f:8b:35:72:8c:54:36:bf:46:44:81:2d:77:66:0d:91:
38:57:7e:a7:cc:26:23:9b:f0:59:e1:7a:80:31:1f:6a:02:29:
b4:06:34:63:0a:67:77:a8:dc:84:eb:1a:2b:c6:0e:0a:91:05:
d5:b6:7a:13:9a:c1:1b:15:66:0b:2a:cc:93:ff:04:5b:d1:14:
f2:90:65:50:ad:69:fc:0f:57:c9:01:73:7d:be:51:bc:48:08:
4c:a7:2d:91:cf:90:e5:ca:95:78:91:3b:52:2a:a6:38:8c:3a:
61:e6:1c:9b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALZMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTEwMDcxMzI4WhcNMjUwNDI4MDcxMzI4WjAYMRYw
FAYDVQQDEw02NjNkYzkxYy05NjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuuBbAb/laC0Hv1Vo5ifSs74noum+CtQxPCt+BBKvUDT03YcqaoRopKcj
ERhnMT4LaaSAa4kmrbIvsmRXSG9ITInzV6qcQtRtrwodaCYNz7WpapwxDDAB6s7H
ZlEsaZgVPpU3HWyBimfi4rJ/dnYGciIjclBXHVBE8d+MlPO9LTfJ0ZKQvkyiVk5k
0olFj01fh0m0EH8clwLNmbQRwEiHtXfgz9ecegl9vMLoBNNxruB7qeQfaUJAenCb
bfmHkTPmZ1V7q29e1dO2WNcL/nlNwvEBS18mggQsQP4ksEJFyidGFCizLlarNszF
UfMUIobV8kbVfCovj0dSTrebrjg7KwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDst
XrN0v71jvOr9QFmD/zWOHY3sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRUEyM0YxODBFOUMxMUVGODMwMzE0RkYwMDcwMDFCMS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlYaMA0GCSqGSIb3DQEB
CwUAA4IBAQBluT/XBU65DQ5lS0k4jWylGN2J0erwSN8A55ts8gSyLXezIqa0t9bR
Q+4hNbv1wz3QKUa7SZli5YxpCydIAh9luIwn9TDK24TQpisW2uc86rFnlGKgUvDf
92AoPZ1XpkLg+jvM05HXSJyA7EbjKqJtwfJYHgUj6X0ojo+qR6FxYOWuO73gj9y5
1wJK5lK3GTr6sZ+LNXKMVDa/RkSBLXdmDZE4V36nzCYjm/BZ4XqAMR9qAim0BjRj
Cmd3qNyE6xorxg4KkQXVtnoTmsEbFWYLKsyT/wRb0RTykGVQrWn8D1fJAXN9vlG8
SAhMpy2Rz5DlypV4kTtSKqY4jDph5hyb
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:36 2024 by rpki-client on console-ams.rpki-client.org