Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA87115C9D9711EFAF53CF5B762E951A.roa
File: DA87115C9D9711EFAF53CF5B762E951A.roa (raw, json)
Hash identifier: RpCGMSF+5vqDQ+xbsxCVh8bsm7hI3jUTVnzi4OXwpvQ=
Subject key identifier: 48:C7:59:E0:31:53:2F:1E:04:72:A4:7D:C9:B5:21:64:89:6D:09:B8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01099C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA87115C9D9711EFAF53CF5B762E951A.roa
Signing time: Fri 08 Nov 2024 06:08:21 +0000
ROA not before: Fri 08 Nov 2024 06:08:16 +0000
ROA not after: Mon 13 Jan 2025 06:08:16 +0000
asID: 5065
IP address blocks: 154.198.20.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 08:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67996 (0x1099c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 8 06:08:16 2024 GMT
Not After : Jan 13 06:08:16 2025 GMT
Subject: CN=672daad4-d7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2e:15:aa:bc:94:ec:de:0d:62:66:5c:8c:e5:
06:7c:a5:f0:b4:7a:9f:f8:ff:ea:b2:66:b4:2a:ed:
bf:e0:b3:d0:af:5b:39:5c:58:0c:7a:0d:4e:37:1b:
5d:c4:a2:9e:65:0d:ae:e1:0c:d0:d8:d8:41:0a:60:
3c:e7:e1:ac:4a:4d:28:61:33:46:49:51:18:81:1d:
2c:44:ed:1b:ef:51:5e:ae:be:0e:6c:71:6c:87:5e:
18:cf:d3:6d:8c:db:dc:ca:8e:28:58:a2:ed:e2:2b:
cc:52:fc:51:e7:ad:26:37:d6:b3:99:49:2d:fb:ca:
2b:1a:4c:33:26:82:b9:17:ba:63:9e:78:55:10:a0:
df:d8:b6:b4:fd:3f:80:63:cd:41:44:7e:1c:22:2d:
39:88:83:c8:0b:a3:7b:87:09:ed:09:62:26:bf:65:
99:f9:73:0e:53:a3:75:7b:3d:d0:07:fb:34:13:a0:
17:63:e3:ea:a9:9d:95:25:1b:8e:40:0a:09:46:51:
bf:93:e4:b7:a2:28:cf:82:eb:4f:05:88:76:23:cc:
27:bf:f9:d9:5b:21:32:c3:66:c0:e2:f6:da:a5:bc:
80:5f:24:bb:91:04:cc:5e:e5:64:fd:f5:be:87:6a:
b2:c0:a3:e5:9f:d6:11:2f:96:d2:1c:83:f2:16:a9:
cf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C7:59:E0:31:53:2F:1E:04:72:A4:7D:C9:B5:21:64:89:6D:09:B8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DA87115C9D9711EFAF53CF5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.20.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:c4:bf:18:bd:6f:c4:c3:04:cf:33:cc:a1:41:14:4e:e3:be:
aa:f8:e4:29:85:b6:27:e4:c4:91:3d:57:f7:ab:b6:64:9d:9e:
aa:ee:af:f4:82:bc:ba:82:e4:b2:7d:6f:4f:b8:c8:fa:be:53:
cc:73:56:4c:7f:11:cd:51:66:c1:54:25:e1:f2:cd:24:2e:a0:
d4:9e:e7:d9:5e:2e:ea:2b:33:33:85:82:f5:85:ea:59:92:09:
bf:77:2c:ba:a2:cf:d0:62:f7:a8:e0:5c:4a:27:a8:61:ec:90:
f3:a0:3f:09:11:de:93:0f:39:ef:56:17:3f:06:7c:31:84:65:
c3:13:91:cd:44:df:08:64:08:99:7a:f5:3e:11:4b:aa:9d:e9:
74:5d:64:c1:ec:a4:ca:59:51:7d:d1:52:46:87:2d:b9:cf:77:
92:49:05:2a:8d:5b:2d:8a:9f:63:1d:f4:db:06:cf:90:56:27:
74:e6:68:73:3f:59:bd:21:6e:07:0e:e7:87:92:ec:18:9f:b0:
a5:ce:d6:9a:fd:bd:9b:52:17:2f:ad:95:39:82:05:07:b4:1a:
15:ba:73:75:92:25:bb:2f:2e:70:47:b6:cd:c6:8e:0e:51:a9:
2d:e4:2f:c5:1b:9d:26:38:9b:35:d7:bc:b5:67:19:2b:5a:c7:
24:a6:2b:ee
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQmcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA4MDYwODE2WhcNMjUwMTEzMDYwODE2WjAYMRYw
FAYDVQQDEw02NzJkYWFkNC1kN2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6C4VqryU7N4NYmZcjOUGfKXwtHqf+P/qsma0Ku2/4LPQr1s5XFgMeg1O
NxtdxKKeZQ2u4QzQ2NhBCmA85+GsSk0oYTNGSVEYgR0sRO0b71Ferr4ObHFsh14Y
z9NtjNvcyo4oWKLt4ivMUvxR560mN9azmUkt+8orGkwzJoK5F7pjnnhVEKDf2La0
/T+AY81BRH4cIi05iIPIC6N7hwntCWImv2WZ+XMOU6N1ez3QB/s0E6AXY+PqqZ2V
JRuOQAoJRlG/k+S3oijPgutPBYh2I8wnv/nZWyEyw2bA4vbapbyAXyS7kQTMXuVk
/fW+h2qywKPln9YRL5bSHIPyFqnPTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEjH
WeAxUy8eBHKkfcm1IWSJbQm4MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQTg3MTE1QzlEOTcxMUVGQUY1M0NGNUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsYUMA0GCSqGSIb3DQEB
CwUAA4IBAQDKxL8YvW/EwwTPM8yhQRRO476q+OQphbYn5MSRPVf3q7ZknZ6q7q/0
gry6guSyfW9PuMj6vlPMc1ZMfxHNUWbBVCXh8s0kLqDUnufZXi7qKzMzhYL1hepZ
kgm/dyy6os/QYveo4FxKJ6hh7JDzoD8JEd6TDznvVhc/BnwxhGXDE5HNRN8IZAiZ
evU+EUuqnel0XWTB7KTKWVF90VJGhy25z3eSSQUqjVstip9jHfTbBs+QVid05mhz
P1m9IW4HDueHkuwYn7Clztaa/b2bUhcvrZU5ggUHtBoVunN1kiW7Ly5wR7bNxo4O
Uakt5C/FG50mOJs117y1ZxkrWsckpivu
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:10 2024 by rpki-client on console-ams.rpki-client.org