Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3B3B5C89C0311EFBE3C1B68762E951A.roa
File: D3B3B5C89C0311EFBE3C1B68762E951A.roa (raw, json)
Hash identifier: 9OO90H+UgrPrwIMYnSIl9EsNxTUtj57E8DPrsFhB0XQ=
Subject key identifier: 15:2F:B3:A4:83:28:0F:1B:39:F3:06:2E:67:FE:03:01:71:32:DF:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010848
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3B3B5C89C0311EFBE3C1B68762E951A.roa
Signing time: Wed 06 Nov 2024 05:56:12 +0000
ROA not before: Wed 06 Nov 2024 05:56:09 +0000
ROA not after: Sat 08 Nov 2025 05:56:09 +0000
asID: 137263
IP address blocks: 154.203.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67656 (0x10848)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 6 05:56:09 2024 GMT
Not After : Nov 8 05:56:09 2025 GMT
Subject: CN=672b04fc-8759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:75:c6:a8:68:92:d3:84:3c:f1:c3:8c:88:df:
a8:52:2b:c5:4b:30:62:a0:ef:fa:f5:2c:b9:da:fe:
da:e3:4f:82:c8:08:79:40:eb:ff:4e:4e:c3:98:86:
c7:0a:30:90:f4:96:ee:b9:40:c8:e4:df:5c:37:cb:
0d:cb:62:94:b9:55:6f:0b:2a:94:aa:7c:44:64:c1:
8c:40:ae:f7:62:4e:17:b5:7c:65:9c:3b:2f:0d:c3:
7b:54:fb:20:1c:5c:79:7d:13:40:e8:c2:a9:ec:dd:
19:88:1c:64:9e:a7:fe:00:be:4e:fa:cd:b9:5d:25:
57:a4:c2:9d:28:27:0c:11:86:73:6a:75:24:49:67:
07:e1:bf:ed:4f:6b:ac:61:10:59:95:eb:a3:44:02:
cd:8a:b9:d7:97:05:d7:21:f3:ba:1c:d7:63:d4:32:
cd:fb:c6:9b:d1:6a:4e:b1:b7:1e:20:bd:5f:a8:8a:
2e:32:fb:1c:7d:c9:61:bb:09:74:90:48:e5:13:f0:
15:db:0e:06:59:25:bf:d9:ab:5d:d2:fd:8a:4c:3f:
47:a5:f4:9d:45:46:13:5d:e2:c7:d6:b5:ec:f3:c8:
f3:fb:b8:77:c0:2f:3a:db:21:b2:7f:07:78:d6:3e:
d2:62:de:21:e5:fb:68:15:b7:c5:14:af:d2:69:b2:
4c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2F:B3:A4:83:28:0F:1B:39:F3:06:2E:67:FE:03:01:71:32:DF:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3B3B5C89C0311EFBE3C1B68762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.247.0/24
Signature Algorithm: sha256WithRSAEncryption
95:64:5b:bc:89:51:d8:49:8b:4d:23:8b:c4:ed:4b:f2:14:ca:
42:71:0a:e4:1a:8f:6e:f2:dd:7d:ba:03:c6:cc:a3:25:d1:c7:
99:81:79:8d:c8:8c:58:5b:74:49:77:c5:81:13:f6:53:ed:22:
ec:47:02:e5:b0:51:25:cb:50:4e:da:4c:f2:de:16:d7:60:43:
3b:b2:12:43:53:c1:38:c2:39:a5:2c:a4:97:d2:af:8f:3d:5f:
87:de:ea:1b:e4:7b:a3:19:9b:f7:4e:13:5a:1f:27:b6:7b:f8:
03:cb:5e:b8:7a:a3:37:88:42:8b:ad:50:76:9a:f1:ee:a5:54:
b5:1d:96:e6:39:47:96:d0:3e:a7:8d:45:6a:54:5a:da:e3:dd:
c9:6d:5e:d2:d6:bc:d5:cb:ec:bb:6b:f7:29:30:53:66:22:5e:
6c:23:d2:55:30:d1:b9:8e:bc:2c:52:1b:7a:22:26:9c:73:2a:
3f:7d:bb:00:4d:57:00:ff:13:89:b5:99:f3:47:76:d5:7d:af:
fc:44:a7:e2:0a:20:8c:1a:24:7d:d6:f2:0c:2a:2d:15:86:47:
7a:1f:05:10:4a:61:1a:8f:f2:86:75:c7:53:d5:72:80:2f:0e:
fb:36:19:fd:81:35:83:ab:a5:ae:87:bf:cc:71:15:8d:46:2e:
5d:e7:56:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQhIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA2MDU1NjA5WhcNMjUxMTA4MDU1NjA5WjAYMRYw
FAYDVQQDEw02NzJiMDRmYy04NzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0XXGqGiS04Q88cOMiN+oUivFSzBioO/69Sy52v7a40+CyAh5QOv/Tk7D
mIbHCjCQ9JbuuUDI5N9cN8sNy2KUuVVvCyqUqnxEZMGMQK73Yk4XtXxlnDsvDcN7
VPsgHFx5fRNA6MKp7N0ZiBxknqf+AL5O+s25XSVXpMKdKCcMEYZzanUkSWcH4b/t
T2usYRBZleujRALNirnXlwXXIfO6HNdj1DLN+8ab0WpOsbceIL1fqIouMvscfclh
uwl0kEjlE/AV2w4GWSW/2atd0v2KTD9HpfSdRUYTXeLH1rXs88jz+7h3wC862yGy
fwd41j7SYt4h5ftoFbfFFK/SabJMZwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBUv
s6SDKA8bOfMGLmf+AwFxMt+MMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EM0IzQjVDODlDMDMxMUVGQkUzQzFCNjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsv3MA0GCSqGSIb3DQEB
CwUAA4IBAQCVZFu8iVHYSYtNI4vE7UvyFMpCcQrkGo9u8t19ugPGzKMl0ceZgXmN
yIxYW3RJd8WBE/ZT7SLsRwLlsFEly1BO2kzy3hbXYEM7shJDU8E4wjmlLKSX0q+P
PV+H3uob5HujGZv3ThNaHye2e/gDy164eqM3iEKLrVB2mvHupVS1HZbmOUeW0D6n
jUVqVFra493JbV7S1rzVy+y7a/cpMFNmIl5sI9JVMNG5jrwsUht6Iiaccyo/fbsA
TVcA/xOJtZnzR3bVfa/8RKfiCiCMGiR91vIMKi0Vhkd6HwUQSmEaj/KGdcdT1XKA
Lw77Nhn9gTWDq6Wuh7/McRWNRi5d51bP
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:26 2024 by rpki-client on console-fra.rpki-client.org