Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB8AB692A71C11EFA1A13261762E951A.roa
File: DB8AB692A71C11EFA1A13261762E951A.roa (raw, json)
Hash identifier: 7ZuhRoxAKeSzZd4NXI8/arOJgAyzsxqW5ZLSv5lRHrU=
Subject key identifier: 0F:A5:EF:BA:1B:FF:69:41:AE:DC:1F:87:81:B2:D2:B3:EC:F0:11:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010F3F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB8AB692A71C11EFA1A13261762E951A.roa
Signing time: Wed 20 Nov 2024 08:53:06 +0000
ROA not before: Wed 20 Nov 2024 08:53:02 +0000
ROA not after: Thu 05 Dec 2024 08:53:02 +0000
asID: 212238
IP address blocks: 154.94.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69439 (0x10f3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 20 08:53:02 2024 GMT
Not After : Dec 5 08:53:02 2024 GMT
Subject: CN=673da371-b3df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0c:22:2d:3a:f6:7e:43:65:1f:55:fb:36:15:
c9:e2:ba:8a:d9:3a:82:17:87:92:75:77:44:ab:7e:
8b:c7:01:aa:9f:df:b2:96:0d:d8:d8:4c:20:23:02:
32:fd:11:ba:9a:ef:ca:16:41:d0:91:ad:97:3f:dc:
d5:95:a7:42:da:2f:f1:55:7b:84:4e:b4:1e:dc:93:
b4:67:46:3b:d0:d8:5b:fa:a3:49:59:9c:f2:2e:cb:
f9:24:fb:d2:01:e8:41:a0:83:36:63:44:1b:22:2d:
40:15:1d:98:55:a2:f9:01:1c:c3:98:2e:d4:23:8b:
77:8a:03:00:63:8e:7a:9f:8d:54:55:bb:c5:dd:c2:
16:3f:5f:ce:3d:f7:24:8b:dd:32:97:6b:bb:ce:fd:
d2:b2:ca:a7:32:36:9d:58:0f:78:95:6c:bd:3c:d1:
22:54:96:9b:94:80:6d:b6:61:af:b0:3d:f5:69:b1:
b7:5d:c7:04:47:74:22:99:64:6e:e1:9b:ef:85:ab:
e5:09:da:b6:44:67:2a:17:6a:d7:2f:3a:51:b5:1d:
b7:01:f6:c6:c6:0d:da:25:00:0e:66:fa:99:ca:98:
39:28:74:61:a5:a5:28:c5:b8:d5:82:28:56:10:8f:
eb:9b:cb:92:cf:f6:6e:da:e0:26:b6:b4:d7:c3:a5:
a1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A5:EF:BA:1B:FF:69:41:AE:DC:1F:87:81:B2:D2:B3:EC:F0:11:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DB8AB692A71C11EFA1A13261762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.39.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:9c:5b:cb:65:f7:82:f2:ba:a0:e7:c2:6f:7e:dc:32:0c:e6:
6b:04:06:63:df:3a:7f:ec:b1:db:69:c2:b4:f8:73:91:8e:f7:
c0:8e:34:e1:97:be:6a:e5:26:f9:5e:ae:b6:56:56:00:f3:04:
13:c3:fe:8f:f7:19:2c:0e:15:69:57:19:f1:9e:d2:8f:f4:09:
b4:0f:f0:40:1e:18:aa:eb:c8:a6:db:d4:9f:4a:7d:bb:61:da:
2a:67:79:36:24:cf:70:48:94:c0:fd:30:f1:a0:dc:e9:c6:ec:
22:93:70:fe:97:06:f3:0b:48:3d:bf:5c:10:d4:6e:c7:85:e1:
bf:64:66:fa:d0:36:b4:c1:8a:74:70:48:7a:b3:79:90:73:e2:
90:38:61:70:56:08:64:c0:10:67:6a:e0:29:ac:8b:d7:a4:f4:
db:cc:b3:45:cc:45:10:dc:41:3e:55:b2:12:06:04:7e:1e:03:
0d:ee:db:0a:ca:1a:6a:db:28:3c:15:33:a5:df:d9:ec:a3:ca:
52:10:2a:f3:2f:27:7a:e4:c0:78:3e:6d:e3:ad:b2:77:ac:fc:
ab:72:80:b3:86:9f:c0:6c:55:b3:3d:dd:fb:a7:91:3c:21:aa:
dd:41:02:75:3f:88:0e:4f:7f:e1:90:eb:25:ec:79:4e:ca:cb:
ae:4e:ad:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ8/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMDg1MzAyWhcNMjQxMjA1MDg1MzAyWjAYMRYw
FAYDVQQDEw02NzNkYTM3MS1iM2RmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuAwiLTr2fkNlH1X7NhXJ4rqK2TqCF4eSdXdEq36LxwGqn9+ylg3Y2Ewg
IwIy/RG6mu/KFkHQka2XP9zVladC2i/xVXuETrQe3JO0Z0Y70Nhb+qNJWZzyLsv5
JPvSAehBoIM2Y0QbIi1AFR2YVaL5ARzDmC7UI4t3igMAY456n41UVbvF3cIWP1/O
Pfcki90yl2u7zv3SssqnMjadWA94lWy9PNEiVJablIBttmGvsD31abG3XccER3Qi
mWRu4ZvvhavlCdq2RGcqF2rXLzpRtR23AfbGxg3aJQAOZvqZypg5KHRhpaUoxbjV
gihWEI/rm8uSz/Zu2uAmtrTXw6WhlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA+l
77ob/2lBrtwfh4Gy0rPs8BGeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQjhBQjY5MkE3MUMxMUVGQTFBMTMyNjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4nMA0GCSqGSIb3DQEB
CwUAA4IBAQDInFvLZfeC8rqg58JvftwyDOZrBAZj3zp/7LHbacK0+HORjvfAjjTh
l75q5Sb5Xq62VlYA8wQTw/6P9xksDhVpVxnxntKP9Am0D/BAHhiq68im29SfSn27
YdoqZ3k2JM9wSJTA/TDxoNzpxuwik3D+lwbzC0g9v1wQ1G7HheG/ZGb60Da0wYp0
cEh6s3mQc+KQOGFwVghkwBBnauAprIvXpPTbzLNFzEUQ3EE+VbISBgR+HgMN7tsK
yhpq2yg8FTOl39nso8pSECrzLyd65MB4Pm3jrbJ3rPyrcoCzhp/AbFWzPd37p5E8
IardQQJ1P4gOT3/hkOsl7HlOysuuTq3x
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:27 2024 by rpki-client on console-fra.rpki-client.org