Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D325487AA73811EFA6739B8E762E951A.roa
File: D325487AA73811EFA6739B8E762E951A.roa (raw, json)
Hash identifier: pO9cLffZjfekyvOBfJjgktAs7IRXSNMUhdb0816Y5JM=
Subject key identifier: 57:AA:BF:76:21:2A:CE:28:05:96:8E:C1:32:D5:DF:FF:13:AD:7E:D3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010F8B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D325487AA73811EFA6739B8E762E951A.roa
Signing time: Wed 20 Nov 2024 12:13:18 +0000
ROA not before: Wed 20 Nov 2024 12:13:14 +0000
ROA not after: Tue 13 May 2025 12:13:14 +0000
asID: 137951
IP address blocks: 154.221.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69515 (0x10f8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 20 12:13:14 2024 GMT
Not After : May 13 12:13:14 2025 GMT
Subject: CN=673dd25d-f16c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:09:d1:50:d6:d4:15:49:f7:13:66:ab:1d:50:
63:90:f3:4a:dd:58:7a:9e:50:07:76:a4:4c:65:cf:
35:ed:ed:88:03:3c:5a:5c:3a:27:aa:33:8c:ca:3e:
d8:c7:d4:23:7c:a5:8f:99:80:9f:1a:b9:27:4e:e5:
13:59:70:12:c8:b8:41:a7:3a:ad:6f:9b:f5:71:04:
14:7f:6e:aa:72:7f:d2:67:b4:6d:7b:c4:07:ae:8d:
b9:6b:63:ef:87:e1:1f:81:83:ae:c5:f0:d7:c9:43:
39:a3:b5:fd:f0:4c:22:f8:b4:be:76:fb:97:2d:f4:
2a:00:e4:28:d1:27:ff:d0:2e:56:c6:20:9a:42:a1:
ff:59:1f:db:0a:4f:82:1e:3a:52:b4:9e:b4:5e:c5:
e5:a9:67:99:e4:fa:a6:97:78:da:eb:63:c2:84:58:
26:c0:36:3d:0a:c4:52:95:dd:db:87:a5:e2:79:33:
74:66:d4:6d:8d:d0:23:ac:e4:35:57:43:de:e4:1e:
f0:1f:57:dc:18:cf:09:56:74:fc:44:8c:66:d7:b9:
cd:f4:dc:77:73:f4:99:6a:09:25:93:84:17:e2:0b:
2b:ce:ed:04:1a:61:76:58:61:d2:d6:38:f0:f2:bc:
94:4e:89:71:25:d3:47:28:09:eb:ea:97:8d:4b:da:
88:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:AA:BF:76:21:2A:CE:28:05:96:8E:C1:32:D5:DF:FF:13:AD:7E:D3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D325487AA73811EFA6739B8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.4.0/22
Signature Algorithm: sha256WithRSAEncryption
05:b8:06:fc:16:15:1a:45:0a:2f:5e:1f:ba:2e:4f:3c:44:70:
1b:44:22:c9:6d:f8:82:f8:17:58:fb:ff:1a:ba:ef:1c:b6:bf:
d1:8e:88:e0:05:d8:87:07:63:70:a7:50:aa:1e:3d:a0:7f:28:
c1:cc:ac:0a:b3:c9:6e:a8:af:76:ad:c5:45:1a:a2:d7:bb:66:
e4:40:77:df:f1:db:df:90:59:0d:12:fb:89:58:d0:f1:9e:c7:
ae:5a:06:8e:73:7b:45:82:6f:16:4d:dc:07:b6:fe:f6:fe:1c:
be:35:b8:65:b3:6c:c4:a2:be:65:fc:00:3e:88:1b:19:66:46:
5c:bf:c6:62:4c:69:68:38:8f:4e:82:39:8d:11:f5:8a:15:f1:
b7:0e:cf:39:0a:59:f4:7d:cd:f6:85:73:a9:85:aa:f0:15:d3:
b1:9b:98:25:3f:9d:5b:b9:6e:f9:da:f1:30:58:77:33:e7:5c:
b8:44:8e:d6:0b:b2:f7:bb:6f:b1:15:f4:ef:34:85:5d:6e:a1:
5a:61:1f:dd:2f:ae:98:44:52:35:e7:47:20:07:92:46:42:d0:
f0:ed:70:f2:0a:a8:01:c2:45:4a:a7:90:28:3f:a9:f1:68:2d:
ed:c1:47:98:97:49:8f:fa:bd:38:77:8d:b7:3c:71:d9:ea:11:
ba:d3:08:d0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ+LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMTIxMzE0WhcNMjUwNTEzMTIxMzE0WjAYMRYw
FAYDVQQDEw02NzNkZDI1ZC1mMTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2QnRUNbUFUn3E2arHVBjkPNK3Vh6nlAHdqRMZc817e2IAzxaXDonqjOM
yj7Yx9QjfKWPmYCfGrknTuUTWXASyLhBpzqtb5v1cQQUf26qcn/SZ7Rte8QHro25
a2Pvh+EfgYOuxfDXyUM5o7X98Ewi+LS+dvuXLfQqAOQo0Sf/0C5WxiCaQqH/WR/b
Ck+CHjpStJ60XsXlqWeZ5Pqml3ja62PChFgmwDY9CsRSld3bh6XieTN0ZtRtjdAj
rOQ1V0Pe5B7wH1fcGM8JVnT8RIxm17nN9Nx3c/SZagklk4QX4gsrzu0EGmF2WGHS
1jjw8ryUTolxJdNHKAnr6peNS9qITQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFeq
v3YhKs4oBZaOwTLV3/8TrX7TMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMzI1NDg3QUE3MzgxMUVGQTY3MzlCOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt0EMA0GCSqGSIb3DQEB
CwUAA4IBAQAFuAb8FhUaRQovXh+6Lk88RHAbRCLJbfiC+BdY+/8auu8ctr/Rjojg
BdiHB2Nwp1CqHj2gfyjBzKwKs8luqK92rcVFGqLXu2bkQHff8dvfkFkNEvuJWNDx
nseuWgaOc3tFgm8WTdwHtv72/hy+Nbhls2zEor5l/AA+iBsZZkZcv8ZiTGloOI9O
gjmNEfWKFfG3Ds85Cln0fc32hXOpharwFdOxm5glP51buW752vEwWHcz51y4RI7W
C7L3u2+xFfTvNIVdbqFaYR/dL66YRFI150cgB5JGQtDw7XDyCqgBwkVKp5AoP6nx
aC3twUeYl0mP+r04d423PHHZ6hG60wjQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:28 2024 by rpki-client on console-ams.rpki-client.org