Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4531F9AA32411EF83AC017B762E951A.roa
File: E4531F9AA32411EF83AC017B762E951A.roa (raw, json)
Hash identifier: xbKOwmzk5ptet74NSXcjl3M5Jc49/2u8xkw/zqRXBrg=
Subject key identifier: 16:F4:04:D9:E7:27:38:AE:7B:8D:47:1C:6F:6C:1F:6A:5D:F1:A3:8E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010D44
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4531F9AA32411EF83AC017B762E951A.roa
Signing time: Fri 15 Nov 2024 07:40:32 +0000
ROA not before: Fri 15 Nov 2024 07:40:28 +0000
ROA not after: Thu 12 Dec 2024 07:40:28 +0000
asID: 394432
IP address blocks: 154.196.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 08:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68932 (0x10d44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 15 07:40:28 2024 GMT
Not After : Dec 12 07:40:28 2024 GMT
Subject: CN=6736faf0-d80e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f3:23:4c:e9:7c:eb:4f:fa:90:1c:dc:ea:c2:
db:58:16:fc:31:08:53:e3:2f:f9:0c:45:a7:2b:58:
19:82:97:5b:76:96:b9:91:7a:71:da:5b:73:ee:08:
a7:42:8c:fb:3a:6f:f2:9d:4c:6d:81:0a:a6:8f:b0:
bb:5b:c8:af:a0:98:b0:e7:2a:14:f4:2b:bf:e2:b8:
99:c6:fa:34:ba:47:d1:25:ad:be:29:b8:9e:57:24:
23:ed:71:f6:fe:11:04:4a:ea:a6:19:23:66:11:95:
5d:40:75:0a:50:ff:1a:78:d0:33:16:60:94:61:17:
93:16:1b:a6:ce:b2:d6:ba:6a:cf:49:59:2f:91:e3:
b3:6a:94:a7:d4:ba:b1:29:ac:ef:c5:ed:aa:69:40:
f2:2c:84:48:8c:a9:00:fd:be:4f:42:34:72:07:fc:
bd:71:b6:46:3a:e9:ed:37:66:5d:82:ce:ef:21:ea:
7e:04:00:8f:cb:4b:23:b5:4f:82:dc:54:93:31:a6:
ab:83:7a:cd:e1:02:66:3e:f8:cf:e1:b3:73:3f:5f:
78:82:94:80:4b:e3:b3:d4:cd:3f:eb:1f:60:f3:0f:
dc:4a:7b:86:43:8a:ed:1c:f7:72:2b:44:9e:5c:e0:
e1:cf:30:64:00:45:2c:d6:5f:84:ae:2c:cc:87:dd:
f6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:F4:04:D9:E7:27:38:AE:7B:8D:47:1C:6F:6C:1F:6A:5D:F1:A3:8E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E4531F9AA32411EF83AC017B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.203.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:63:a4:d1:cc:67:c8:c7:c1:9a:91:fa:c4:f2:d7:b6:32:51:
8c:dd:24:e6:d8:d9:f8:c4:63:75:b6:a2:a3:0d:fa:cd:64:2c:
ef:09:a6:fc:8e:63:43:15:cd:3d:50:f7:34:cc:d3:b2:ea:0b:
27:37:55:90:4f:f1:53:2a:6e:2a:0f:6e:1e:32:76:34:9e:06:
91:42:89:d5:53:4f:1b:cd:3a:5d:96:8b:e1:e6:bb:8a:96:dd:
5e:9c:b6:76:d7:16:d0:9a:8e:64:fc:e4:57:a6:c5:c8:5c:b2:
18:c0:fc:1c:b8:75:d3:98:1e:28:69:f1:a1:74:4c:17:de:94:
6e:54:7c:b3:c9:5d:8b:3c:07:9b:57:d5:04:65:7a:b8:bc:67:
da:1a:88:b2:11:67:9c:7d:63:86:93:1b:95:48:37:dc:ca:1f:
48:56:ff:04:68:bf:59:35:9d:26:a6:e4:44:a5:97:f3:e6:7a:
98:59:cc:0b:4e:cf:cd:dd:40:31:76:95:51:37:ed:e8:e3:cd:
b4:0e:8d:86:24:8f:1c:53:58:22:80:cf:e3:04:38:b7:3f:a3:
bd:a7:71:27:e5:02:af:ea:f6:7c:7b:ce:cf:fa:6b:0d:6b:6e:
9e:12:10:dc:e5:b6:23:66:4f:d2:cb:05:82:a6:0c:61:f8:5b:
57:6d:db:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ1EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTE1MDc0MDI4WhcNMjQxMjEyMDc0MDI4WjAYMRYw
FAYDVQQDEw02NzM2ZmFmMC1kODBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAufMjTOl860/6kBzc6sLbWBb8MQhT4y/5DEWnK1gZgpdbdpa5kXpx2ltz
7ginQoz7Om/ynUxtgQqmj7C7W8ivoJiw5yoU9Cu/4riZxvo0ukfRJa2+KbieVyQj
7XH2/hEESuqmGSNmEZVdQHUKUP8aeNAzFmCUYReTFhumzrLWumrPSVkvkeOzapSn
1LqxKazvxe2qaUDyLIRIjKkA/b5PQjRyB/y9cbZGOuntN2Zdgs7vIep+BACPy0sj
tU+C3FSTMaarg3rN4QJmPvjP4bNzP194gpSAS+Oz1M0/6x9g8w/cSnuGQ4rtHPdy
K0SeXODhzzBkAEUs1l+ErizMh9328wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBb0
BNnnJziue41HHG9sH2pd8aOOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FNDUzMUY5QUEzMjQxMUVGODNBQzAxN0I3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsTLMA0GCSqGSIb3DQEB
CwUAA4IBAQAbY6TRzGfIx8GakfrE8te2MlGM3STm2Nn4xGN1tqKjDfrNZCzvCab8
jmNDFc09UPc0zNOy6gsnN1WQT/FTKm4qD24eMnY0ngaRQonVU08bzTpdlovh5ruK
lt1enLZ21xbQmo5k/ORXpsXIXLIYwPwcuHXTmB4oafGhdEwX3pRuVHyzyV2LPAeb
V9UEZXq4vGfaGoiyEWecfWOGkxuVSDfcyh9IVv8EaL9ZNZ0mpuREpZfz5nqYWcwL
Ts/N3UAxdpVRN+3o4820Do2GJI8cU1gigM/jBDi3P6O9p3En5QKv6vZ8e87P+msN
a26eEhDc5bYjZk/SywWCpgxh+FtXbdtp
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:34:00 2024 by rpki-client on console-fra.rpki-client.org