Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB206DD69B8311EF8F53A6B8762E951A.roa
File: DB206DD69B8311EF8F53A6B8762E951A.roa (raw, json)
Hash identifier: Tk8Bsp+2NpWFB5WKbjOuZPdnNGTcIwtaprjKujpM8cI=
Subject key identifier: 5B:A4:02:4D:7B:9F:10:90:01:3B:00:87:4B:EE:17:B1:AF:4A:A5:57
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010805
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB206DD69B8311EF8F53A6B8762E951A.roa
Signing time: Tue 05 Nov 2024 14:40:09 +0000
ROA not before: Tue 05 Nov 2024 14:40:05 +0000
ROA not after: Mon 20 Jan 2025 14:40:05 +0000
asID: 135097
IP address blocks: 154.212.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67589 (0x10805)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 5 14:40:05 2024 GMT
Not After : Jan 20 14:40:05 2025 GMT
Subject: CN=672a2e49-31d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:09:c9:1b:58:c4:30:43:73:ee:2e:05:54:f2:
05:c8:04:23:da:26:89:ba:02:40:2e:c1:86:73:60:
24:9f:3a:f4:74:15:c6:72:a8:c6:b3:5b:c3:ab:17:
56:cd:e7:ea:9b:e8:f4:2e:af:07:89:9f:2b:bc:4d:
d3:15:0e:cb:61:05:9c:b7:0a:7b:56:46:d9:c6:f2:
d5:4a:ad:b1:5c:42:ac:f7:d7:49:4f:0f:14:65:d9:
85:22:1b:21:c2:b0:7c:c1:c8:01:d6:63:39:79:eb:
18:f5:28:23:41:68:4e:4d:90:88:f1:05:8f:d1:9a:
04:69:c2:d1:f6:1b:0b:2c:0c:04:e2:89:45:d7:7d:
d9:a0:0a:a2:3c:09:04:58:c6:38:5a:97:fa:dc:e7:
62:66:be:76:19:d6:57:08:62:87:10:96:03:a8:f8:
3b:32:84:75:5d:41:4c:d5:87:2c:de:1a:45:7c:30:
ea:e8:95:1f:a2:4c:02:05:4e:f1:43:49:08:a0:1a:
6a:c0:ab:89:3b:67:29:2f:15:f5:ea:dc:87:6c:03:
50:ea:4b:b5:ac:f0:2a:8d:db:8a:30:3d:3d:4f:ee:
26:01:6b:86:49:29:0e:e7:13:88:ba:9a:b1:fe:f5:
fc:80:c0:95:3e:28:54:41:6a:98:c4:87:08:f9:20:
ec:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:A4:02:4D:7B:9F:10:90:01:3B:00:87:4B:EE:17:B1:AF:4A:A5:57
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB206DD69B8311EF8F53A6B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.168.0/21
Signature Algorithm: sha256WithRSAEncryption
75:70:6a:b9:84:99:0b:d8:5d:22:28:14:02:23:51:ab:b3:8f:
29:77:a8:1a:03:98:5b:bf:a2:eb:7f:25:87:78:8e:eb:e3:d3:
61:64:0c:97:8a:c9:d4:fe:61:63:2e:7b:64:83:16:86:52:72:
0b:d0:0c:7d:e3:8b:ff:a7:6b:71:c0:9b:13:1a:d3:8e:2d:c3:
04:f9:42:35:35:5c:69:a3:28:eb:62:08:ef:51:90:79:ac:5d:
01:c4:0a:dc:94:6a:37:5b:f5:e1:32:b6:aa:80:f8:c5:4d:8d:
79:8c:76:dd:7f:ea:66:32:45:8a:4d:8a:e6:04:0a:c1:05:de:
b8:31:c0:87:ca:ea:4e:3c:75:75:97:2a:53:de:41:27:4f:00:
66:59:68:ca:aa:60:22:2e:64:5a:09:ff:0c:c6:53:cc:96:29:
79:4b:d5:56:2c:39:51:af:37:ff:05:68:e7:d8:6a:c0:68:35:
08:b9:37:4b:97:8d:aa:5a:d2:db:33:d9:de:96:68:85:b8:65:
42:2d:0b:1a:3e:f5:2f:81:00:56:d6:f3:13:08:fe:7f:0c:a1:
22:32:94:4a:5f:4f:55:e9:76:4e:af:1a:1d:a7:09:22:15:e5:
25:06:d9:2d:e9:cd:dd:44:3f:b1:73:d3:7d:f9:2c:70:e5:3e:
3a:6e:29:53
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQgFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTQ0MDA1WhcNMjUwMTIwMTQ0MDA1WjAYMRYw
FAYDVQQDEw02NzJhMmU0OS0zMWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2wnJG1jEMENz7i4FVPIFyAQj2iaJugJALsGGc2Aknzr0dBXGcqjGs1vD
qxdWzefqm+j0Lq8HiZ8rvE3TFQ7LYQWctwp7VkbZxvLVSq2xXEKs99dJTw8UZdmF
IhshwrB8wcgB1mM5eesY9SgjQWhOTZCI8QWP0ZoEacLR9hsLLAwE4olF133ZoAqi
PAkEWMY4Wpf63OdiZr52GdZXCGKHEJYDqPg7MoR1XUFM1Ycs3hpFfDDq6JUfokwC
BU7xQ0kIoBpqwKuJO2cpLxX16tyHbANQ6ku1rPAqjduKMD09T+4mAWuGSSkO5xOI
upqx/vX8gMCVPihUQWqYxIcI+SDsswIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFuk
Ak17nxCQATsAh0vuF7GvSqVXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQjIwNkRENjlCODMxMUVGOEY1M0E2Qjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtSoMA0GCSqGSIb3DQEB
CwUAA4IBAQB1cGq5hJkL2F0iKBQCI1Grs48pd6gaA5hbv6LrfyWHeI7r49NhZAyX
isnU/mFjLntkgxaGUnIL0Ax944v/p2txwJsTGtOOLcME+UI1NVxpoyjrYgjvUZB5
rF0BxArclGo3W/XhMraqgPjFTY15jHbdf+pmMkWKTYrmBArBBd64McCHyupOPHV1
lypT3kEnTwBmWWjKqmAiLmRaCf8MxlPMlil5S9VWLDlRrzf/BWjn2GrAaDUIuTdL
l42qWtLbM9nelmiFuGVCLQsaPvUvgQBW1vMTCP5/DKEiMpRKX09V6XZOrxodpwki
FeUlBtkt6c3dRD+xc9N9+Sxw5T46bilT
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:27 2024 by rpki-client on console-fra.rpki-client.org