Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E1623EDC9DA311EF83A71FA5762E951A.roa
File: E1623EDC9DA311EF83A71FA5762E951A.roa (raw, json)
Hash identifier: XDmhHOY24q1cmu1lDN6KIx2q8v5H1Bwt/QldJ6ycvS0=
Subject key identifier: BD:61:4F:8B:92:86:55:0D:26:AD:96:E0:D8:68:89:00:34:C7:6C:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0109C8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E1623EDC9DA311EF83A71FA5762E951A.roa
Signing time: Fri 08 Nov 2024 07:34:26 +0000
ROA not before: Fri 08 Nov 2024 07:34:22 +0000
ROA not after: Sat 30 Nov 2024 07:34:22 +0000
asID: 18229
IP address blocks: 154.210.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68040 (0x109c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 8 07:34:22 2024 GMT
Not After : Nov 30 07:34:22 2024 GMT
Subject: CN=672dbf02-a014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c6:ba:33:28:ef:a5:c9:b6:a2:3c:c6:32:d5:
bd:30:52:d4:9e:5a:51:ea:8a:91:27:7c:43:a5:09:
37:17:32:c3:54:32:58:59:a7:6b:18:ef:6b:88:d6:
0b:c7:1d:b5:db:f1:6c:3d:10:c1:d3:eb:45:53:08:
4c:f8:b9:97:8f:8d:90:23:af:72:a3:44:4e:c7:8c:
24:c6:08:a4:8d:16:bb:57:42:34:88:35:fd:9f:8d:
70:0a:7b:42:67:e5:50:2f:f4:18:2c:d8:c7:0c:e1:
d2:38:c5:8d:3c:f3:e7:73:71:bd:3e:1d:be:29:c3:
16:7c:f9:18:cb:00:ab:3c:50:ff:67:a1:82:8b:06:
f5:9a:0e:a8:77:09:5c:39:68:10:89:25:b7:82:53:
7a:44:be:24:0a:9a:82:d5:a9:6a:97:cc:3e:a7:ed:
cf:c5:ad:dc:16:e8:95:72:98:e9:30:0b:ea:4f:4e:
c8:ca:2e:4f:b5:4c:b2:e2:12:05:c2:64:9b:5a:89:
e9:95:1d:f3:0c:a1:5d:f7:33:5a:61:b9:90:af:c3:
8e:09:a0:d7:cb:44:15:7d:83:ea:db:26:e6:3d:f1:
2e:79:5c:f9:57:c4:f2:86:8f:e1:04:c5:e9:1a:da:
5b:bf:54:ff:74:18:2c:34:72:5a:08:5c:89:56:29:
91:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:61:4F:8B:92:86:55:0D:26:AD:96:E0:D8:68:89:00:34:C7:6C:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E1623EDC9DA311EF83A71FA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.212.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:c3:c3:51:b0:22:95:d2:2d:8d:36:93:b0:d5:69:5d:0d:cb:
31:67:0d:11:ab:9a:59:5a:06:42:1c:a9:f1:be:d1:98:7d:71:
46:20:80:29:ea:0c:28:e2:bf:e3:ab:b5:f9:6a:a8:ae:37:25:
2f:e4:5f:de:01:d1:35:98:0c:a8:93:a9:e1:3a:e5:38:3a:b4:
76:c2:6c:51:14:60:de:65:cb:da:4a:a4:33:5f:8b:e8:86:35:
5b:0e:db:bc:66:0b:fd:ea:b2:31:65:d2:01:8d:c5:eb:cf:f7:
69:d9:dd:ae:03:ce:95:10:1e:7c:ef:00:61:27:53:39:be:58:
9c:f1:86:25:4f:2b:0d:eb:d1:fe:df:7e:47:65:71:2a:cd:c9:
18:a2:6d:f3:03:46:db:39:a3:77:7f:8b:c5:c7:96:ce:6b:08:
11:16:0a:42:83:32:41:eb:d4:5f:5c:13:b5:0b:c2:b1:a5:6d:
da:fd:2a:da:8b:36:a6:45:29:49:c7:bf:34:49:4a:75:86:ee:
51:81:53:36:0d:6c:34:19:4b:88:68:fa:53:3a:65:19:d1:4c:
88:65:64:b1:47:38:34:87:ca:dc:b7:c6:e9:6f:57:12:a8:fe:
57:ca:83:27:41:19:09:49:7a:c1:09:20:ed:9d:fd:cf:d3:72:
39:0a:e8:fd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQnIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA4MDczNDIyWhcNMjQxMTMwMDczNDIyWjAYMRYw
FAYDVQQDEw02NzJkYmYwMi1hMDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA18a6Myjvpcm2ojzGMtW9MFLUnlpR6oqRJ3xDpQk3FzLDVDJYWadrGO9r
iNYLxx212/FsPRDB0+tFUwhM+LmXj42QI69yo0ROx4wkxgikjRa7V0I0iDX9n41w
CntCZ+VQL/QYLNjHDOHSOMWNPPPnc3G9Ph2+KcMWfPkYywCrPFD/Z6GCiwb1mg6o
dwlcOWgQiSW3glN6RL4kCpqC1alql8w+p+3Pxa3cFuiVcpjpMAvqT07Iyi5PtUyy
4hIFwmSbWonplR3zDKFd9zNaYbmQr8OOCaDXy0QVfYPq2ybmPfEueVz5V8Tyho/h
BMXpGtpbv1T/dBgsNHJaCFyJVimRQwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFL1h
T4uShlUNJq2W4NhoiQA0x2wMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMTYyM0VEQzlEQTMxMUVGODNBNzFGQTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtLUMA0GCSqGSIb3DQEB
CwUAA4IBAQCbw8NRsCKV0i2NNpOw1WldDcsxZw0Rq5pZWgZCHKnxvtGYfXFGIIAp
6gwo4r/jq7X5aqiuNyUv5F/eAdE1mAyok6nhOuU4OrR2wmxRFGDeZcvaSqQzX4vo
hjVbDtu8Zgv96rIxZdIBjcXrz/dp2d2uA86VEB587wBhJ1M5vlic8YYlTysN69H+
335HZXEqzckYom3zA0bbOaN3f4vFx5bOawgRFgpCgzJB69RfXBO1C8KxpW3a/Sra
izamRSlJx780SUp1hu5RgVM2DWw0GUuIaPpTOmUZ0UyIZWSxRzg0h8rct8bpb1cS
qP5XyoMnQRkJSXrBCSDtnf3P03I5Cuj9
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:28 2024 by rpki-client on console-fra.rpki-client.org