Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF2DD012912011EFAB6AF0BE762E951A.roa
File: CF2DD012912011EFAB6AF0BE762E951A.roa (raw, json)
Hash identifier: QhZjIGvvVTkJsOCRRJ+w+oQaCycJKkps5TS050yoav0=
Subject key identifier: 0E:68:33:50:C4:1E:16:DF:1F:2F:C9:BC:48:6B:E3:76:86:AE:76:C9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0100FE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF2DD012912011EFAB6AF0BE762E951A.roa
Signing time: Wed 23 Oct 2024 09:25:57 +0000
ROA not before: Wed 23 Oct 2024 09:25:54 +0000
ROA not after: Fri 29 Nov 2024 09:25:54 +0000
asID: 203020
IP address blocks: 154.205.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65790 (0x100fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 23 09:25:54 2024 GMT
Not After : Nov 29 09:25:54 2024 GMT
Subject: CN=6718c125-9448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d7:a2:1b:c0:17:3f:44:9e:89:17:47:21:38:
f7:40:20:80:a7:93:52:ed:b8:31:74:e0:e6:37:50:
e6:0a:b2:2e:ef:3c:4c:e8:fe:33:95:f9:f4:2f:fa:
83:3d:90:55:7a:e3:0b:13:f0:70:a1:92:ae:fd:81:
7a:b4:34:0e:46:0e:5c:82:d5:51:a3:c5:bb:57:0b:
4e:8a:30:4b:d9:e3:e9:c2:65:7f:99:8a:c8:89:d5:
f6:f7:3d:4d:28:1e:97:77:03:bb:ac:b4:48:bf:d2:
f7:a2:f8:4e:36:3b:4d:d8:0c:0b:8a:34:c4:8e:4d:
b6:22:de:81:b5:28:0b:df:4f:62:83:96:f3:79:3e:
44:96:b0:b2:1b:9a:bc:d0:c0:5e:04:19:87:96:71:
b9:12:81:51:61:66:16:25:9d:ba:10:eb:aa:fb:11:
43:df:11:62:4a:45:b1:66:06:15:d4:1c:28:61:4a:
6d:da:bb:84:be:b5:d3:0f:7a:ba:92:44:1b:9c:62:
cd:36:3c:3f:ab:23:1b:d6:2c:15:42:5f:f5:1b:47:
7e:aa:04:87:95:31:bc:ec:d6:88:37:02:2e:db:6a:
42:52:1f:f5:a0:5f:ef:fa:81:cd:3c:2f:e2:d0:62:
8c:bb:7f:04:1a:a1:94:1a:30:66:fa:d3:a2:ec:1c:
f3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:68:33:50:C4:1E:16:DF:1F:2F:C9:BC:48:6B:E3:76:86:AE:76:C9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CF2DD012912011EFAB6AF0BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.186.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:15:84:d6:4a:9b:a9:94:ea:ac:75:e1:d4:0a:c6:a1:cd:70:
78:68:8a:8e:a0:a3:48:3c:ca:91:fc:a4:a4:f1:e5:2f:21:d0:
4a:ed:0e:ca:b1:4b:f0:f8:9a:9a:76:e7:f5:8f:01:72:f0:ae:
05:a0:16:86:73:65:f5:e1:49:2e:18:e6:92:a8:d1:8f:96:c8:
ec:d6:b1:c1:de:53:93:30:92:8e:41:48:9f:fd:62:88:21:6c:
bc:b2:04:da:3b:74:dd:d4:ab:f5:fc:b2:7b:a0:7b:fd:bc:7e:
6c:4e:f3:2a:78:53:53:7f:5e:a9:35:73:ab:11:2c:77:fa:fb:
98:49:b6:10:56:56:85:1a:8f:62:f4:cb:ef:4c:30:85:de:a2:
98:93:3d:52:83:fa:f9:4e:de:8f:35:eb:9c:58:37:77:c7:61:
a2:4d:8f:43:6e:c8:af:33:96:9d:a6:2b:bc:26:e6:a2:ba:20:
7c:e0:59:22:f7:83:dd:bf:97:98:aa:14:27:83:74:bd:12:45:
b2:b9:df:cc:2b:03:17:69:30:c8:50:93:4f:a0:31:2d:8a:36:
e1:91:22:34:45:b2:53:4f:d8:e7:5a:62:26:92:8e:77:c9:4a:
3e:b8:54:12:2a:d5:0e:50:ca:c9:a0:6e:05:fb:09:84:9e:0a:
f9:f6:11:fe
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQD+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDIzMDkyNTU0WhcNMjQxMTI5MDkyNTU0WjAYMRYw
FAYDVQQDEw02NzE4YzEyNS05NDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzteiG8AXP0SeiRdHITj3QCCAp5NS7bgxdODmN1DmCrIu7zxM6P4zlfn0
L/qDPZBVeuMLE/BwoZKu/YF6tDQORg5cgtVRo8W7VwtOijBL2ePpwmV/mYrIidX2
9z1NKB6XdwO7rLRIv9L3ovhONjtN2AwLijTEjk22It6BtSgL309ig5bzeT5ElrCy
G5q80MBeBBmHlnG5EoFRYWYWJZ26EOuq+xFD3xFiSkWxZgYV1BwoYUpt2ruEvrXT
D3q6kkQbnGLNNjw/qyMb1iwVQl/1G0d+qgSHlTG87NaINwIu22pCUh/1oF/v+oHN
PC/i0GKMu38EGqGUGjBm+tOi7BzzQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA5o
M1DEHhbfHy/JvEhr43aGrnbJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRjJERDAxMjkxMjAxMUVGQUI2QUYwQkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms26MA0GCSqGSIb3DQEB
CwUAA4IBAQCaFYTWSpuplOqsdeHUCsahzXB4aIqOoKNIPMqR/KSk8eUvIdBK7Q7K
sUvw+Jqaduf1jwFy8K4FoBaGc2X14UkuGOaSqNGPlsjs1rHB3lOTMJKOQUif/WKI
IWy8sgTaO3Td1Kv1/LJ7oHv9vH5sTvMqeFNTf16pNXOrESx3+vuYSbYQVlaFGo9i
9MvvTDCF3qKYkz1Sg/r5Tt6PNeucWDd3x2GiTY9DbsivM5adpiu8JuaiuiB84Fki
94Pdv5eYqhQng3S9EkWyud/MKwMXaTDIUJNPoDEtijbhkSI0RbJTT9jnWmImko53
yUo+uFQSKtUOUMrJoG4F+wmEngr59hH+
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:26 2024 by rpki-client on console-fra.rpki-client.org