Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D95253286AA211EFBB6CD878762E951A.roa
File: D95253286AA211EFBB6CD878762E951A.roa (raw, json)
Hash identifier: WpgRivLDDOdrGZFyz2UUKrqYnY8L9zKUYwNfaPe55dw=
Subject key identifier: BF:F5:49:A6:57:BF:E4:52:C9:AE:8D:CF:96:B1:03:5C:B0:4A:3E:BB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: EA3F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D95253286AA211EFBB6CD878762E951A.roa
Signing time: Wed 04 Sep 2024 09:48:34 +0000
ROA not before: Wed 04 Sep 2024 09:48:30 +0000
ROA not after: Thu 24 Apr 2025 09:48:30 +0000
asID: 63888
IP address blocks: 154.207.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59967 (0xea3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 4 09:48:30 2024 GMT
Not After : Apr 24 09:48:30 2025 GMT
Subject: CN=66d82cf2-88a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fa:59:13:5f:f0:a1:0a:cd:ba:b0:89:65:39:
68:fb:87:51:ce:ae:da:d6:f4:ea:d7:62:73:2d:7a:
b4:c0:44:92:f9:b1:65:b5:47:4f:4a:c5:49:30:81:
10:b4:6b:c5:c2:7e:28:8e:bd:f3:df:6b:0e:c6:e6:
8f:13:f9:d8:fa:67:08:be:17:5f:af:ec:4a:b8:02:
de:e1:6f:d1:98:a6:57:8a:b9:46:ea:ea:b7:77:33:
7d:df:63:9e:5e:4a:2f:19:ff:27:26:9d:7a:cc:cd:
03:d5:86:87:45:4e:e2:53:69:1d:1f:23:c0:e0:98:
bb:3d:29:65:61:0e:36:84:5c:d0:9a:f3:12:9d:ce:
f3:3b:d7:7e:53:8f:4e:a2:3b:08:32:af:5e:5f:70:
02:5d:c3:43:18:c6:bc:f7:d0:20:08:79:85:95:7f:
1a:c5:02:b2:12:5e:e3:df:8a:89:aa:82:0c:a5:70:
52:b1:9a:a7:36:af:79:12:c9:59:1f:e1:d6:6c:d2:
b2:15:03:5a:b5:d1:47:4b:f1:dc:d5:42:9f:74:a9:
2c:a0:2f:b6:2b:6b:ab:7d:04:29:6d:6f:86:ba:67:
8b:cd:b0:35:10:1a:cd:f0:8f:7a:4e:c6:69:59:95:
d8:f7:93:6f:8e:48:3a:d5:ec:22:23:6f:19:e9:2c:
2d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F5:49:A6:57:BF:E4:52:C9:AE:8D:CF:96:B1:03:5C:B0:4A:3E:BB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D95253286AA211EFBB6CD878762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.252.0/23
Signature Algorithm: sha256WithRSAEncryption
01:39:34:61:8c:79:2e:60:e6:ca:7e:bc:02:d6:75:e7:59:5f:
80:9d:c9:69:23:a1:7a:b2:39:d2:33:28:e0:a8:bd:84:95:5f:
08:93:bb:5c:f8:b7:37:62:cc:71:b2:4f:4b:3c:ad:c1:1c:a6:
cc:66:a4:d8:03:78:46:7a:e3:f6:6d:63:e1:5a:f9:f6:0a:bb:
fd:ee:e3:04:a7:30:3f:57:3e:42:e0:a9:b6:9b:08:07:48:3a:
a4:ce:09:58:4a:31:b1:da:f1:14:aa:31:b9:38:9a:ff:83:8e:
ff:fc:5d:23:e4:8e:9e:e6:8b:38:a1:e9:b8:85:9b:76:b7:c9:
3e:8e:06:ed:6f:e7:ad:0a:61:d7:f5:98:2b:f5:a2:b4:39:c1:
e2:9d:ba:a7:0f:6a:34:35:c5:65:e8:6f:0c:8f:f1:7b:b5:90:
95:32:e4:b1:ca:a5:a1:ed:7a:68:02:14:f0:fb:be:03:a3:64:
68:58:af:5d:f6:58:e9:36:18:80:4b:17:76:c7:0b:6b:7c:8d:
96:d3:8d:20:62:9d:39:4e:c9:41:3d:d6:31:20:c6:f9:4b:dd:
32:2d:a2:74:92:9a:e1:bc:58:ff:50:b3:ae:b4:7c:1e:6f:3e:
f6:8c:97:fd:a9:40:a2:cc:38:ab:85:51:7a:81:40:47:4b:9d:
53:ba:9a:fb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAOo/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTA0MDk0ODMwWhcNMjUwNDI0MDk0ODMwWjAYMRYw
FAYDVQQDEw02NmQ4MmNmMi04OGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs/pZE1/woQrNurCJZTlo+4dRzq7a1vTq12JzLXq0wESS+bFltUdPSsVJ
MIEQtGvFwn4ojr3z32sOxuaPE/nY+mcIvhdfr+xKuALe4W/RmKZXirlG6uq3dzN9
32OeXkovGf8nJp16zM0D1YaHRU7iU2kdHyPA4Ji7PSllYQ42hFzQmvMSnc7zO9d+
U49OojsIMq9eX3ACXcNDGMa899AgCHmFlX8axQKyEl7j34qJqoIMpXBSsZqnNq95
EslZH+HWbNKyFQNatdFHS/Hc1UKfdKksoC+2K2urfQQpbW+GumeLzbA1EBrN8I96
TsZpWZXY95Nvjkg61ewiI28Z6SwtawIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL/1
SaZXv+RSya6Nz5axA1ywSj67MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTUyNTMyODZBQTIxMUVGQkI2Q0Q4Nzg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms/8MA0GCSqGSIb3DQEB
CwUAA4IBAQABOTRhjHkuYObKfrwC1nXnWV+AnclpI6F6sjnSMyjgqL2ElV8Ik7tc
+Lc3Ysxxsk9LPK3BHKbMZqTYA3hGeuP2bWPhWvn2Crv97uMEpzA/Vz5C4Km2mwgH
SDqkzglYSjGx2vEUqjG5OJr/g47//F0j5I6e5os4oem4hZt2t8k+jgbtb+etCmHX
9Zgr9aK0OcHinbqnD2o0NcVl6G8Mj/F7tZCVMuSxyqWh7XpoAhTw+74Do2RoWK9d
9ljpNhiASxd2xwtrfI2W040gYp05TslBPdYxIMb5S90yLaJ0kprhvFj/ULOutHwe
bz72jJf9qUCizDirhVF6gUBHS51Tupr7
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:30 2024 by rpki-client on console-ams.rpki-client.org