Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D909D2CC92E011EFA6437FBF762E951A.roa
File: D909D2CC92E011EFA6437FBF762E951A.roa (raw, json)
Hash identifier: 0FKENN0qxXmCq4LYCgOzvvquec+WVPBhy+vuRw57S14=
Subject key identifier: 97:C0:F7:20:98:97:B8:82:87:6E:14:50:42:62:49:74:9A:30:74:4B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01024E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D909D2CC92E011EFA6437FBF762E951A.roa
Signing time: Fri 25 Oct 2024 14:53:08 +0000
ROA not before: Fri 25 Oct 2024 14:53:00 +0000
ROA not after: Sun 01 Dec 2024 14:53:00 +0000
asID: 49505
IP address blocks: 154.209.208.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66126 (0x1024e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 25 14:53:00 2024 GMT
Not After : Dec 1 14:53:00 2024 GMT
Subject: CN=671bb0d4-507c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:21:e9:e6:dd:d5:c2:8f:23:b1:3d:6e:2f:6d:
fd:64:43:98:c7:5e:58:53:ba:d8:f8:9f:0e:e6:b0:
68:5a:bf:ae:45:29:27:0f:0c:d5:15:d2:bd:a2:06:
4e:96:bc:7e:0a:42:81:54:4e:94:3a:69:e5:da:9e:
0b:1b:22:04:9e:af:26:f8:5e:38:00:aa:46:e6:40:
33:e5:aa:35:d2:e8:70:2a:c5:a3:a7:14:d5:e8:66:
88:53:81:b4:ff:62:7f:e2:be:3e:88:9e:27:39:04:
e3:6c:11:66:63:49:c7:c2:3d:bc:1a:40:d3:b6:f2:
36:1d:14:a0:d2:af:2d:f7:ff:74:25:02:74:bc:e6:
f2:03:73:1c:78:4c:49:49:a8:28:84:21:5a:79:68:
77:ff:e9:a3:5d:4a:f7:da:3d:58:8d:54:40:21:a4:
33:91:af:6b:cc:27:7d:8a:4d:3d:63:13:28:bb:16:
d7:24:9e:c6:4f:7e:6b:24:13:75:a0:72:00:54:6e:
93:bd:be:a6:5a:52:33:61:69:60:0e:52:04:5d:e6:
0e:10:13:ae:d0:15:e9:bb:03:3d:11:a2:f0:e3:34:
84:21:80:e4:2a:f6:26:05:e7:b9:a3:3c:4e:47:b6:
65:98:c2:75:37:d5:f3:94:66:9d:97:dc:b3:70:a6:
3f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C0:F7:20:98:97:B8:82:87:6E:14:50:42:62:49:74:9A:30:74:4B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D909D2CC92E011EFA6437FBF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.208.0/23
Signature Algorithm: sha256WithRSAEncryption
88:a8:9b:dc:ba:ad:b2:a8:4c:1e:4c:91:e9:7a:af:65:e6:4b:
ce:f1:22:6c:c8:01:5c:cf:51:2e:2e:b0:ed:6b:e7:43:28:af:
11:63:57:5c:3a:d1:bf:e9:b0:8c:88:56:12:c2:8e:a5:95:ba:
d0:93:26:0a:f4:fe:b0:41:fb:95:3e:f8:53:d3:a6:8b:5a:0a:
b0:a6:02:ea:d5:1a:87:56:ca:8f:2b:9f:f5:8b:8a:8d:38:13:
2b:53:bf:65:12:72:dd:9f:20:92:46:bc:29:c7:84:71:b0:ea:
dd:fb:9d:13:3a:06:26:5f:20:53:04:de:22:dd:b0:e8:af:28:
1d:5b:12:f1:2d:72:75:6b:99:66:3e:03:93:b9:f7:5b:59:97:
9d:aa:7d:1d:08:43:c8:04:80:e6:45:0f:3f:68:75:bd:42:75:
52:91:93:68:37:f7:6b:66:f0:bc:3b:13:80:f9:b0:cb:61:bd:
9a:51:e6:df:59:c9:ac:8a:5b:ea:b3:45:00:cc:e1:87:1e:a5:
46:4e:bb:ff:2e:6a:dc:dc:7a:60:a6:50:88:15:0c:c0:59:d7:
3e:89:6f:b0:95:66:27:92:36:90:e0:aa:b7:8d:b0:95:73:9c:
c1:cc:54:51:ae:53:02:71:43:ed:f5:25:7d:13:c3:ff:bd:fd:
5c:a3:17:81
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQJOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDI1MTQ1MzAwWhcNMjQxMjAxMTQ1MzAwWjAYMRYw
FAYDVQQDEw02NzFiYjBkNC01MDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxSHp5t3Vwo8jsT1uL239ZEOYx15YU7rY+J8O5rBoWr+uRSknDwzVFdK9
ogZOlrx+CkKBVE6UOmnl2p4LGyIEnq8m+F44AKpG5kAz5ao10uhwKsWjpxTV6GaI
U4G0/2J/4r4+iJ4nOQTjbBFmY0nHwj28GkDTtvI2HRSg0q8t9/90JQJ0vObyA3Mc
eExJSagohCFaeWh3/+mjXUr32j1YjVRAIaQzka9rzCd9ik09YxMouxbXJJ7GT35r
JBN1oHIAVG6Tvb6mWlIzYWlgDlIEXeYOEBOu0BXpuwM9EaLw4zSEIYDkKvYmBee5
ozxOR7ZlmMJ1N9XzlGadl9yzcKY/ZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJfA
9yCYl7iCh24UUEJiSXSaMHRLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTA5RDJDQzkyRTAxMUVGQTY0MzdGQkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtHQMA0GCSqGSIb3DQEB
CwUAA4IBAQCIqJvcuq2yqEweTJHpeq9l5kvO8SJsyAFcz1EuLrDta+dDKK8RY1dc
OtG/6bCMiFYSwo6llbrQkyYK9P6wQfuVPvhT06aLWgqwpgLq1RqHVsqPK5/1i4qN
OBMrU79lEnLdnyCSRrwpx4RxsOrd+50TOgYmXyBTBN4i3bDorygdWxLxLXJ1a5lm
PgOTufdbWZedqn0dCEPIBIDmRQ8/aHW9QnVSkZNoN/drZvC8OxOA+bDLYb2aUebf
Wcmsilvqs0UAzOGHHqVGTrv/Lmrc3HpgplCIFQzAWdc+iW+wlWYnkjaQ4Kq3jbCV
c5zBzFRRrlMCcUPt9SV9E8P/vf1coxeB
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:33:49 2024 by rpki-client on console-fra.rpki-client.org