Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D14B436087C611EF8BC73EB7762E951A.roa
File: D14B436087C611EF8BC73EB7762E951A.roa (raw, json)
Hash identifier: hc8L85yCI4VflUcOBQZKgYAxJ5PjNjPCZjQuxVjvYpQ=
Subject key identifier: 8C:C2:0E:9C:D8:70:80:93:D1:F4:EA:3D:47:F1:40:75:1B:F0:C1:3F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: FD70
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D14B436087C611EF8BC73EB7762E951A.roa
Signing time: Fri 11 Oct 2024 11:49:06 +0000
ROA not before: Fri 11 Oct 2024 11:49:02 +0000
ROA not after: Sun 12 Oct 2025 11:49:02 +0000
asID: 136907
IP address blocks: 154.81.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64880 (0xfd70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 11 11:49:02 2024 GMT
Not After : Oct 12 11:49:02 2025 GMT
Subject: CN=670910b2-85ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:13:92:0e:d7:b8:12:f8:26:f4:35:7b:1a:db:
49:7c:94:36:c2:af:ee:f9:ac:53:a6:1d:88:d8:cd:
9b:56:e7:43:3e:75:a0:95:da:45:43:7d:4a:62:f6:
5b:96:e8:f1:b4:66:55:0e:f8:8b:e5:fa:97:00:4d:
c1:13:32:47:dd:b0:aa:4b:c9:d9:9c:20:b1:19:80:
4a:92:25:ce:cc:c6:e0:45:b3:1c:8b:5b:f4:4f:a6:
b8:47:09:d7:6e:89:8e:27:f1:9c:7f:b0:2a:27:03:
6c:41:9d:8e:54:61:81:10:4a:5f:a0:00:6a:a7:ec:
20:71:17:9c:cd:25:97:5c:c7:e7:e0:50:ce:4a:ae:
34:c3:51:eb:aa:73:d3:e0:03:d4:68:d7:b1:3c:80:
5e:29:d5:5b:8a:2a:8c:79:bc:aa:0f:f7:d4:90:67:
a7:ab:19:e0:28:34:d9:10:26:ba:b7:3c:2d:91:ec:
1b:15:77:66:b9:b3:bd:be:44:6b:64:d9:bc:86:53:
b9:f8:58:87:71:82:a6:da:65:5c:81:68:ba:21:da:
ed:35:05:d4:ab:8e:72:c5:03:33:98:b3:66:37:c7:
72:0c:06:61:03:1b:9f:a7:b5:14:28:af:76:4d:57:
45:06:05:97:72:bd:da:96:22:c6:15:d4:aa:10:b3:
bb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C2:0E:9C:D8:70:80:93:D1:F4:EA:3D:47:F1:40:75:1B:F0:C1:3F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D14B436087C611EF8BC73EB7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.16.0/20
Signature Algorithm: sha256WithRSAEncryption
bb:49:8e:23:f7:a9:46:77:ce:fb:49:7d:02:ae:d9:ff:8b:60:
2e:b7:e3:fb:9c:8d:94:dc:8e:b7:bb:fa:ec:a8:a4:3b:72:2d:
2c:18:25:cb:ea:98:32:fe:68:9d:78:23:e1:52:22:e5:e6:22:
fc:79:51:a9:2a:a4:40:dd:77:20:1a:ab:5f:43:01:db:6b:0a:
7e:e2:ee:c6:7c:fa:8c:6f:28:e4:bb:41:a7:a3:d6:0f:f3:c3:
a7:83:69:9d:dd:7a:82:fb:35:b7:2d:8c:3c:c7:ad:4d:b3:6a:
34:a6:06:1e:1d:79:47:2d:81:b9:24:13:b4:f7:2b:6b:a5:2b:
5b:1c:fc:0b:7a:ac:4d:ab:b8:a0:e2:49:5f:c5:78:e2:bc:81:
7a:62:75:67:12:7c:ee:69:97:bd:d4:62:7d:c5:e0:b9:0c:00:
18:92:50:46:e8:f0:f8:e4:05:db:8a:02:9c:14:b1:ae:97:7f:
d8:22:aa:e9:ba:36:a9:a1:76:30:0a:a0:21:ae:60:31:24:8c:
b7:fe:d7:e4:4b:16:2b:2c:a2:13:6c:70:bb:3b:f4:b3:fa:20:
4f:21:42:fb:fb:02:a0:ee:49:81:13:8f:25:e9:96:ff:45:76:
c8:81:23:4f:0d:cb:05:db:74:e0:b2:9f:ef:24:3e:6e:27:10:
26:01:17:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAP1wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDExMTE0OTAyWhcNMjUxMDEyMTE0OTAyWjAYMRYw
FAYDVQQDEw02NzA5MTBiMi04NWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsROSDte4Evgm9DV7GttJfJQ2wq/u+axTph2I2M2bVudDPnWgldpFQ31K
YvZblujxtGZVDviL5fqXAE3BEzJH3bCqS8nZnCCxGYBKkiXOzMbgRbMci1v0T6a4
RwnXbomOJ/Gcf7AqJwNsQZ2OVGGBEEpfoABqp+wgcReczSWXXMfn4FDOSq40w1Hr
qnPT4APUaNexPIBeKdVbiiqMebyqD/fUkGenqxngKDTZECa6tzwtkewbFXdmubO9
vkRrZNm8hlO5+FiHcYKm2mVcgWi6IdrtNQXUq45yxQMzmLNmN8dyDAZhAxufp7UU
KK92TVdFBgWXcr3aliLGFdSqELO7iwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIzC
DpzYcICT0fTqPUfxQHUb8ME/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMTRCNDM2MDg3QzYxMUVGOEJDNzNFQjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmlEQMA0GCSqGSIb3DQEB
CwUAA4IBAQC7SY4j96lGd877SX0Crtn/i2Aut+P7nI2U3I63u/rsqKQ7ci0sGCXL
6pgy/mideCPhUiLl5iL8eVGpKqRA3XcgGqtfQwHbawp+4u7GfPqMbyjku0Gno9YP
88Ong2md3XqC+zW3LYw8x61Ns2o0pgYeHXlHLYG5JBO09ytrpStbHPwLeqxNq7ig
4klfxXjivIF6YnVnEnzuaZe91GJ9xeC5DAAYklBG6PD45AXbigKcFLGul3/YIqrp
ujapoXYwCqAhrmAxJIy3/tfkSxYrLKITbHC7O/Sz+iBPIUL7+wKg7kmBE48l6Zb/
RXbIgSNPDcsF23Tgsp/vJD5uJxAmAReF
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:26 2024 by rpki-client on console-fra.rpki-client.org