Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D29D67C6A9D011EFBC58B860762E951A.roa
File: D29D67C6A9D011EFBC58B860762E951A.roa (raw, json)
Hash identifier: EIQH03BS62+betxHYH8X2E9tBJgTPu4incU1r62SILI=
Subject key identifier: 38:82:5E:6D:FC:10:C4:08:E9:BD:48:99:F0:EB:91:D6:88:D0:22:C3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01121A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D29D67C6A9D011EFBC58B860762E951A.roa
Signing time: Sat 23 Nov 2024 19:26:22 +0000
ROA not before: Sat 23 Nov 2024 19:26:19 +0000
ROA not after: Tue 03 Dec 2024 19:26:19 +0000
asID: 62240
IP address blocks: 154.194.70.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70170 (0x1121a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 23 19:26:19 2024 GMT
Not After : Dec 3 19:26:19 2024 GMT
Subject: CN=67422c5e-30ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f3:0f:e4:5b:d1:9a:f6:64:de:60:48:8c:72:
bc:6e:29:f9:61:be:e8:d4:73:94:cf:31:b0:5a:ef:
c9:9b:e2:1a:eb:62:88:52:02:40:ed:e2:56:36:a5:
b4:cf:aa:15:1b:6e:2c:28:6e:0d:e3:33:77:09:15:
9c:03:33:42:0a:a3:2e:58:26:16:4f:f3:5c:5f:bf:
1a:3e:d2:92:1e:7d:36:d5:19:7d:81:6c:4b:b0:9e:
e5:74:eb:a4:7b:d2:69:3f:00:a0:e2:04:77:17:bc:
3f:67:b2:5f:d5:58:30:d6:b8:02:a4:2d:c6:d1:64:
6b:9c:f3:7a:f1:3a:2f:04:0a:b8:4a:77:f6:04:99:
42:10:ff:b0:48:9c:74:a6:19:df:3e:e6:42:73:3b:
17:76:43:24:36:d7:80:7d:e8:c5:82:4f:74:83:78:
2f:bc:b6:c4:f4:65:91:82:54:95:e4:0d:65:ad:6f:
bd:f5:43:7c:19:09:82:20:38:5c:5b:94:d7:d7:b2:
e2:9e:57:e5:43:ef:09:ca:4f:ab:50:bd:c3:ab:f9:
9d:20:6f:3b:c7:27:ce:43:3e:7f:47:c8:9b:21:7c:
24:de:bb:eb:68:34:8d:cf:65:8d:31:3e:e3:6b:de:
8b:72:6f:e8:32:84:70:e6:b7:2a:65:b1:59:84:24:
bf:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:82:5E:6D:FC:10:C4:08:E9:BD:48:99:F0:EB:91:D6:88:D0:22:C3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D29D67C6A9D011EFBC58B860762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.70.0/23
Signature Algorithm: sha256WithRSAEncryption
35:4c:7c:9f:19:91:3c:25:21:09:3e:7f:d7:d9:6a:ba:d4:26:
26:e9:e7:d7:b6:e8:75:6e:26:dc:41:fa:b4:fe:d9:79:e9:81:
6c:de:61:e3:88:2c:8f:d9:00:ed:76:be:68:73:32:cb:51:0e:
c1:47:25:1c:41:8b:fe:a0:74:68:7d:a5:b3:25:fe:ee:86:3f:
a1:2e:d7:65:ee:e9:29:dd:61:90:92:7c:a8:1f:4b:79:6d:98:
47:27:ab:54:29:1a:96:89:32:15:2a:7b:51:68:73:b9:a6:21:
75:e7:1d:41:2e:5d:c7:ae:45:cb:2c:f6:ad:59:54:36:98:3d:
e1:45:b8:d9:c0:59:1f:21:22:87:dc:e4:1b:21:cc:18:42:d4:
e9:bb:39:69:4d:10:06:71:9d:5f:60:91:eb:a2:37:39:30:ae:
f7:1d:55:30:56:2f:8f:7e:e3:04:b9:36:93:b2:c6:88:0c:38:
c0:a1:c9:3f:34:9d:b5:53:da:90:32:c9:1d:aa:89:ec:d1:23:
76:28:82:4e:04:85:73:d1:53:53:dc:45:d5:2b:98:7a:08:eb:
6a:e1:c9:78:14:9f:08:ab:73:e6:cb:a7:0e:04:e1:56:98:2c:
4b:f1:77:c5:6d:3b:5a:18:ac:7f:5d:9d:c3:3d:40:aa:70:ec:
6f:6f:e0:03
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARIaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIzMTkyNjE5WhcNMjQxMjAzMTkyNjE5WjAYMRYw
FAYDVQQDEw02NzQyMmM1ZS0zMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoPMP5FvRmvZk3mBIjHK8bin5Yb7o1HOUzzGwWu/Jm+Ia62KIUgJA7eJW
NqW0z6oVG24sKG4N4zN3CRWcAzNCCqMuWCYWT/NcX78aPtKSHn021Rl9gWxLsJ7l
dOuke9JpPwCg4gR3F7w/Z7Jf1Vgw1rgCpC3G0WRrnPN68TovBAq4Snf2BJlCEP+w
SJx0phnfPuZCczsXdkMkNteAfejFgk90g3gvvLbE9GWRglSV5A1lrW+99UN8GQmC
IDhcW5TX17LinlflQ+8Jyk+rUL3Dq/mdIG87xyfOQz5/R8ibIXwk3rvraDSNz2WN
MT7ja96Lcm/oMoRw5rcqZbFZhCS/XQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDiC
Xm38EMQI6b1ImfDrkdaI0CLDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMjlENjdDNkE5RDAxMUVGQkM1OEI4NjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsJGMA0GCSqGSIb3DQEB
CwUAA4IBAQA1THyfGZE8JSEJPn/X2Wq61CYm6efXtuh1bibcQfq0/tl56YFs3mHj
iCyP2QDtdr5oczLLUQ7BRyUcQYv+oHRofaWzJf7uhj+hLtdl7ukp3WGQknyoH0t5
bZhHJ6tUKRqWiTIVKntRaHO5piF15x1BLl3HrkXLLPatWVQ2mD3hRbjZwFkfISKH
3OQbIcwYQtTpuzlpTRAGcZ1fYJHrojc5MK73HVUwVi+PfuMEuTaTssaIDDjAock/
NJ21U9qQMskdqons0SN2KIJOBIVz0VNT3EXVK5h6COtq4cl4FJ8Iq3Pmy6cOBOFW
mCxL8XfFbTtaGKx/XZ3DPUCqcOxvb+AD
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:38 2024 by rpki-client on console-ams.rpki-client.org