Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8BD27C2A8EF11EF9D67CF5A762E951A.roa
File: D8BD27C2A8EF11EF9D67CF5A762E951A.roa (raw, json)
Hash identifier: SSF1fTyv9XuZH2rcQuap+uInePbU+31T7smmRMDm3kY=
Subject key identifier: 3B:8E:0E:07:64:07:44:49:AE:E5:F4:CE:D6:1B:85:8F:A3:58:58:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011145
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8BD27C2A8EF11EF9D67CF5A762E951A.roa
Signing time: Fri 22 Nov 2024 16:35:56 +0000
ROA not before: Fri 22 Nov 2024 16:35:52 +0000
ROA not after: Tue 03 Dec 2024 16:35:52 +0000
asID: 62240
IP address blocks: 154.195.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69957 (0x11145)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 16:35:52 2024 GMT
Not After : Dec 3 16:35:52 2024 GMT
Subject: CN=6740b2ec-6e12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:28:fb:ca:5a:75:fd:49:40:98:b0:47:07:28:
0c:22:e0:04:f3:59:a1:d0:b1:78:70:8e:98:aa:83:
ef:02:a6:f0:f2:95:39:1d:64:f4:c2:29:85:ad:b1:
54:4d:1d:cb:f3:17:16:ee:d8:f0:26:a8:99:ad:53:
28:bf:f7:0f:5b:03:65:3c:96:fd:64:f4:e7:dd:f5:
8d:3c:66:24:1c:9a:a6:ae:3b:f2:a2:27:6b:e6:d3:
26:df:86:3a:a4:01:79:10:53:82:83:1c:86:7e:19:
8b:d4:80:48:bd:45:b5:62:9b:72:8c:e6:2c:82:a6:
87:00:2b:a4:f0:f0:96:bc:29:db:7d:ea:57:1c:69:
65:a5:80:6c:60:c7:68:89:0a:51:a7:56:9d:a5:24:
c3:d5:1b:7d:14:aa:02:a5:31:d9:7a:b3:8c:95:04:
20:1b:44:57:ed:5a:91:d8:21:72:f7:57:d0:78:fb:
71:8e:a2:c6:3f:13:d8:1c:90:90:71:bd:4a:17:b3:
41:8a:0a:b5:0a:14:e4:bf:73:ca:85:db:b5:9f:a5:
55:4a:5d:c5:54:3a:bd:84:d7:4c:e2:3f:0a:60:c0:
16:03:d3:72:6f:8c:47:39:01:12:1d:e6:69:2e:88:
27:ae:bd:f1:57:76:d6:65:98:65:47:e9:9c:bb:3c:
a5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8E:0E:07:64:07:44:49:AE:E5:F4:CE:D6:1B:85:8F:A3:58:58:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D8BD27C2A8EF11EF9D67CF5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.157.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:49:6f:5e:e3:05:1a:be:f3:98:b5:e6:ef:41:c0:b5:79:c2:
b3:ba:1f:36:2c:59:c8:5a:5d:33:47:2d:d6:39:aa:ba:8e:07:
f6:18:6f:b7:33:b3:fe:39:af:4c:1c:a7:a7:fb:8f:55:8c:35:
7d:6a:8e:5d:7e:b0:dc:52:77:ec:d8:f3:b0:43:55:04:2c:4c:
b3:04:3a:01:6c:06:cd:f2:48:c1:40:db:4a:e9:2d:ca:c1:d7:
e5:d7:33:62:00:8e:63:5a:8c:d8:6f:ca:18:93:6c:84:f3:15:
e9:c9:8b:07:65:ea:dd:30:4a:61:83:81:91:14:4c:ff:7a:cf:
a1:a7:c4:fb:97:45:01:5d:2f:9c:90:56:c7:2c:89:0c:b2:a2:
dd:9d:1c:6f:bf:a8:91:93:05:96:57:2c:fb:18:8c:e2:84:3c:
22:94:e0:6b:5a:be:f7:b2:dd:47:db:83:55:36:c9:a7:30:6b:
d5:da:0f:f9:9f:28:e3:fe:95:d1:6d:79:7b:38:82:c6:a9:1f:
68:21:b9:d6:44:1b:76:4c:2d:d3:fc:6c:7f:1f:cc:0f:cb:2f:
d2:66:97:89:0e:e5:05:3f:31:09:75:e1:41:68:4d:0d:2e:0c:
ec:0b:e6:c2:a5:50:86:b2:75:74:2c:e3:be:29:ea:26:a0:fa:
70:46:51:67
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARFFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTYzNTUyWhcNMjQxMjAzMTYzNTUyWjAYMRYw
FAYDVQQDEw02NzQwYjJlYy02ZTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqij7ylp1/UlAmLBHBygMIuAE81mh0LF4cI6YqoPvAqbw8pU5HWT0wimF
rbFUTR3L8xcW7tjwJqiZrVMov/cPWwNlPJb9ZPTn3fWNPGYkHJqmrjvyoidr5tMm
34Y6pAF5EFOCgxyGfhmL1IBIvUW1YptyjOYsgqaHACuk8PCWvCnbfepXHGllpYBs
YMdoiQpRp1adpSTD1Rt9FKoCpTHZerOMlQQgG0RX7VqR2CFy91fQePtxjqLGPxPY
HJCQcb1KF7NBigq1ChTkv3PKhdu1n6VVSl3FVDq9hNdM4j8KYMAWA9Nyb4xHOQES
HeZpLognrr3xV3bWZZhlR+mcuzylQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDuO
DgdkB0RJruX0ztYbhY+jWFgvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOEJEMjdDMkE4RUYxMUVGOUQ2N0NGNUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOdMA0GCSqGSIb3DQEB
CwUAA4IBAQAaSW9e4wUavvOYtebvQcC1ecKzuh82LFnIWl0zRy3WOaq6jgf2GG+3
M7P+Oa9MHKen+49VjDV9ao5dfrDcUnfs2POwQ1UELEyzBDoBbAbN8kjBQNtK6S3K
wdfl1zNiAI5jWozYb8oYk2yE8xXpyYsHZerdMEphg4GRFEz/es+hp8T7l0UBXS+c
kFbHLIkMsqLdnRxvv6iRkwWWVyz7GIzihDwilOBrWr73st1H24NVNsmnMGvV2g/5
nyjj/pXRbXl7OILGqR9oIbnWRBt2TC3T/Gx/H8wPyy/SZpeJDuUFPzEJdeFBaE0N
LgzsC+bCpVCGsnV0LOO+KeomoPpwRlFn
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:40 2024 by rpki-client on console-ams.rpki-client.org