Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3C14830A0D811EF9DD3C74C762E951A.roa
File: D3C14830A0D811EF9DD3C74C762E951A.roa (raw, json)
Hash identifier: w1EuXs8I17AnKinXggaNX75W8jBVyr3DatJOpkWWyuA=
Subject key identifier: D6:3D:38:54:5D:B4:E9:0D:D3:27:71:09:2F:5C:C6:62:36:B9:7F:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010C16
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3C14830A0D811EF9DD3C74C762E951A.roa
Signing time: Tue 12 Nov 2024 09:31:00 +0000
ROA not before: Tue 12 Nov 2024 09:30:56 +0000
ROA not after: Sat 07 Dec 2024 09:30:56 +0000
asID: 138915
IP address blocks: 154.223.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68630 (0x10c16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 12 09:30:56 2024 GMT
Not After : Dec 7 09:30:56 2024 GMT
Subject: CN=67332054-5bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:fc:5c:41:61:52:6e:69:ab:68:c0:63:38:
fe:a0:52:e6:64:e3:22:0f:39:04:fc:cd:2f:0d:a2:
02:d7:b9:cc:39:9a:01:b9:06:b9:de:f6:f6:a6:a7:
d5:80:63:fa:80:9c:74:b2:01:96:11:43:fd:07:77:
4f:fe:b0:06:2e:01:60:d0:a0:55:c4:6d:ee:d7:28:
97:f5:fc:f4:28:87:cb:e8:b8:e5:3b:e5:4d:f5:0e:
d2:ef:ca:62:d7:2a:1d:48:77:18:ce:35:29:ba:5b:
11:f3:d5:51:f4:fe:bf:0c:b6:02:a5:ea:e6:05:fc:
b4:99:a7:ab:52:68:2e:bf:31:83:94:25:cf:6e:18:
a5:da:1a:7d:8c:21:a0:ba:ae:bf:f0:78:ef:aa:09:
bf:ba:d4:c3:33:6f:f0:12:84:3e:87:24:63:2d:db:
00:ba:95:a2:85:66:ce:3d:4c:94:ef:14:84:e3:d7:
6f:b8:6b:9c:40:f3:ed:8f:e8:f8:b4:b5:9c:58:3f:
36:c9:58:45:59:01:a1:d2:d9:58:16:df:27:aa:03:
44:fd:d5:96:78:83:10:c4:18:a1:38:68:08:c4:cf:
12:8c:d3:08:6d:82:55:45:28:48:e9:9e:5a:f4:0d:
1f:7d:33:54:54:50:25:57:1b:26:49:e1:63:a1:ed:
75:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:3D:38:54:5D:B4:E9:0D:D3:27:71:09:2F:5C:C6:62:36:B9:7F:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D3C14830A0D811EF9DD3C74C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.44.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:a1:94:f0:eb:09:33:de:65:19:e3:05:63:d8:33:71:48:6f:
b8:37:d3:c1:cf:69:48:2b:8d:a2:c4:31:44:a4:4a:90:47:38:
5d:ba:eb:04:c8:71:2a:1b:09:b6:e0:fb:7b:18:70:4c:dd:db:
16:d0:2a:de:fc:27:07:4e:5e:f6:ed:75:0b:59:3a:af:a6:82:
77:83:45:6f:82:16:fc:81:7a:9a:96:64:73:44:ca:f9:07:54:
f7:2a:0b:7f:16:11:f0:65:b7:9e:dd:2a:e5:67:ba:9c:f8:2b:
e3:94:fc:96:4f:6c:ec:28:5c:13:ed:5d:0e:e5:4a:a5:f4:69:
7d:e9:1e:5a:9b:34:bc:bb:4c:87:28:1e:ba:2f:9f:38:29:21:
74:4e:c3:b7:08:21:9a:56:3f:c4:51:f4:31:c1:f4:c8:07:5e:
98:72:4a:b2:cf:7c:9c:04:d1:6a:62:3a:af:f7:76:ae:95:9b:
e0:ee:7c:cf:12:06:cb:d9:84:9f:79:5e:7b:60:81:8b:e7:67:
5c:63:5c:f7:81:db:2a:11:80:58:4e:d0:1c:dc:d6:2a:39:e9:
e7:23:8a:8b:f6:0a:48:b9:c4:6a:71:8f:57:41:d0:03:2d:c6:
f9:20:cd:2b:6e:cf:f7:48:ed:c4:cc:34:c3:b2:fd:bf:20:3d:
48:8c:12:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQwWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTEyMDkzMDU2WhcNMjQxMjA3MDkzMDU2WjAYMRYw
FAYDVQQDEw02NzMzMjA1NC01YmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsqT8XEFhUm5pq2jAYzj+oFLmZOMiDzkE/M0vDaIC17nMOZoBuQa53vb2
pqfVgGP6gJx0sgGWEUP9B3dP/rAGLgFg0KBVxG3u1yiX9fz0KIfL6LjlO+VN9Q7S
78pi1yodSHcYzjUpulsR89VR9P6/DLYCpermBfy0maerUmguvzGDlCXPbhil2hp9
jCGguq6/8Hjvqgm/utTDM2/wEoQ+hyRjLdsAupWihWbOPUyU7xSE49dvuGucQPPt
j+j4tLWcWD82yVhFWQGh0tlYFt8nqgNE/dWWeIMQxBihOGgIxM8SjNMIbYJVRShI
6Z5a9A0ffTNUVFAlVxsmSeFjoe11NwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNY9
OFRdtOkN0ydxCS9cxmI2uX8eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EM0MxNDgzMEEwRDgxMUVGOUREM0M3NEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt8sMA0GCSqGSIb3DQEB
CwUAA4IBAQCsoZTw6wkz3mUZ4wVj2DNxSG+4N9PBz2lIK42ixDFEpEqQRzhduusE
yHEqGwm24Pt7GHBM3dsW0Cre/CcHTl727XULWTqvpoJ3g0Vvghb8gXqalmRzRMr5
B1T3Kgt/FhHwZbee3SrlZ7qc+CvjlPyWT2zsKFwT7V0O5Uql9Gl96R5amzS8u0yH
KB66L584KSF0TsO3CCGaVj/EUfQxwfTIB16Yckqyz3ycBNFqYjqv93aulZvg7nzP
EgbL2YSfeV57YIGL52dcY1z3gdsqEYBYTtAc3NYqOennI4qL9gpIucRqcY9XQdAD
Lcb5IM0rbs/3SO3EzDTDsv2/ID1IjBJu
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:39 2024 by rpki-client on console-ams.rpki-client.org