Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3D4946A9AAD11EFAAFE5072762E951A.roa
File: E3D4946A9AAD11EFAAFE5072762E951A.roa (raw, json)
Hash identifier: 42A31XyELbHII6pky9YTdm3axt5m58y+TvEH9AonijM=
Subject key identifier: 3E:40:44:92:F0:A0:6B:97:D1:B1:43:8C:87:F2:F6:70:B3:8E:1B:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0106B6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3D4946A9AAD11EFAAFE5072762E951A.roa
Signing time: Mon 04 Nov 2024 13:08:31 +0000
ROA not before: Mon 04 Nov 2024 13:08:28 +0000
ROA not after: Tue 03 Dec 2024 13:08:28 +0000
asID: 141883
IP address blocks: 154.208.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67254 (0x106b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 4 13:08:28 2024 GMT
Not After : Dec 3 13:08:28 2024 GMT
Subject: CN=6728c74f-fb6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:37:49:a4:e2:e6:88:b9:08:af:7a:61:54:c8:
38:e3:8d:7d:31:a7:46:14:ae:58:e3:29:86:94:bc:
26:38:42:ec:46:d8:79:c3:30:08:f8:ae:88:74:94:
d0:41:7d:bf:3a:66:3a:13:a4:f8:ee:d4:3c:0b:70:
b1:c3:55:20:24:de:ad:ea:76:87:66:9f:9f:3a:0b:
e5:63:80:66:87:37:10:c0:c2:c9:f9:fa:96:b2:54:
23:03:07:6f:7a:5e:c1:39:23:bb:c2:76:44:9a:2b:
25:26:44:5a:46:90:29:0b:f4:c1:1b:ab:93:39:c2:
be:a6:98:e3:6c:c9:23:20:bf:03:de:ee:b7:66:a5:
1d:7c:96:3a:96:e8:ad:73:da:ca:ad:89:b7:cb:db:
93:c7:60:e1:58:e5:3e:97:3f:46:b6:b6:38:2d:a9:
10:7e:55:c0:1a:66:35:3c:d3:02:c8:76:9b:e7:7b:
05:b7:54:da:d4:78:30:4a:d8:0b:9e:55:f1:80:4b:
68:4a:82:e8:9b:ea:f6:77:6b:c4:52:00:2e:d6:1e:
6e:d4:81:2d:49:36:e8:87:8d:8d:16:6b:7a:f9:6f:
23:b7:26:3e:65:b2:65:a4:7d:ef:4b:75:57:77:79:
73:38:69:e0:68:ae:a3:25:1c:79:91:4f:c7:80:2e:
4a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:40:44:92:F0:A0:6B:97:D1:B1:43:8C:87:F2:F6:70:B3:8E:1B:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E3D4946A9AAD11EFAAFE5072762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.12.0/22
Signature Algorithm: sha256WithRSAEncryption
85:40:41:1c:c5:d9:28:91:e6:83:c4:1c:4d:bc:da:1d:8d:63:
85:85:ba:fb:40:5b:bc:3e:1c:3d:9f:20:32:e9:cc:df:fe:81:
ca:29:39:4e:9e:99:6f:22:65:b1:70:d5:15:54:43:cd:33:3c:
ea:d1:fc:3b:cc:5f:2f:b0:7c:80:fd:85:f1:60:94:3a:16:3f:
01:c5:a5:66:87:e8:3f:7a:43:34:1d:1b:d9:b7:4c:4f:8c:fa:
ee:2f:5c:36:39:15:8c:37:3c:9d:d7:28:1c:5d:b1:48:92:f9:
cf:66:db:67:05:05:08:fb:51:83:23:35:54:99:d9:80:35:03:
01:50:4b:e8:83:6e:53:88:2a:fe:f3:6f:e0:ee:10:f1:e9:6e:
f9:3c:65:0b:5b:df:cf:5c:0a:6e:62:03:f7:d3:4f:13:3b:54:
f0:0b:7a:f7:38:29:96:a1:57:17:01:fe:81:1f:a3:2c:f1:c9:
82:9b:a4:26:cf:46:37:a2:7b:8d:ec:68:80:7a:c0:d3:5d:8c:
4f:44:98:9d:6f:c3:a5:d2:e6:38:ff:60:ba:0b:dc:98:03:1d:
a6:ab:f0:c9:b8:55:8b:d5:bf:62:bb:46:7b:a9:2a:67:b3:4e:
3e:38:7a:b6:34:ea:bc:e6:10:43:24:74:e0:be:42:d1:fa:1a:
4b:c3:bf:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQa2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA0MTMwODI4WhcNMjQxMjAzMTMwODI4WjAYMRYw
FAYDVQQDEw02NzI4Yzc0Zi1mYjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+jdJpOLmiLkIr3phVMg44419MadGFK5Y4ymGlLwmOELsRth5wzAI+K6I
dJTQQX2/OmY6E6T47tQ8C3Cxw1UgJN6t6naHZp+fOgvlY4BmhzcQwMLJ+fqWslQj
Awdvel7BOSO7wnZEmislJkRaRpApC/TBG6uTOcK+ppjjbMkjIL8D3u63ZqUdfJY6
luitc9rKrYm3y9uTx2DhWOU+lz9GtrY4LakQflXAGmY1PNMCyHab53sFt1Ta1Hgw
StgLnlXxgEtoSoLom+r2d2vEUgAu1h5u1IEtSTboh42NFmt6+W8jtyY+ZbJlpH3v
S3VXd3lzOGngaK6jJRx5kU/HgC5KmwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD5A
RJLwoGuX0bFDjIfy9nCzjhvaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FM0Q0OTQ2QTlBQUQxMUVGQUFGRTUwNzI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtAMMA0GCSqGSIb3DQEB
CwUAA4IBAQCFQEEcxdkokeaDxBxNvNodjWOFhbr7QFu8Phw9nyAy6czf/oHKKTlO
nplvImWxcNUVVEPNMzzq0fw7zF8vsHyA/YXxYJQ6Fj8BxaVmh+g/ekM0HRvZt0xP
jPruL1w2ORWMNzyd1ygcXbFIkvnPZttnBQUI+1GDIzVUmdmANQMBUEvog25TiCr+
82/g7hDx6W75PGULW9/PXApuYgP3008TO1TwC3r3OCmWoVcXAf6BH6Ms8cmCm6Qm
z0Y3onuN7GiAesDTXYxPRJidb8Ol0uY4/2C6C9yYAx2mq/DJuFWL1b9iu0Z7qSpn
s04+OHq2NOq85hBDJHTgvkLR+hpLw7+k
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:32 2024 by rpki-client on console-ams.rpki-client.org