Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA29B2E6A74111EF9F02FD47762E951A.roa
File: EA29B2E6A74111EF9F02FD47762E951A.roa (raw, json)
Hash identifier: wE+OfX7iv3exdtB32MU2LdnhENuaA1d5va/dedtjYdY=
Subject key identifier: 00:DE:A8:89:61:55:E2:83:2E:89:60:99:2C:1A:B9:FE:F9:1B:28:4D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010FB9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA29B2E6A74111EF9F02FD47762E951A.roa
Signing time: Wed 20 Nov 2024 13:18:22 +0000
ROA not before: Wed 20 Nov 2024 13:18:18 +0000
ROA not after: Sat 30 Nov 2024 13:18:18 +0000
asID: 142062
IP address blocks: 154.212.154.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69561 (0x10fb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 20 13:18:18 2024 GMT
Not After : Nov 30 13:18:18 2024 GMT
Subject: CN=673de19d-9b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a9:5e:45:88:54:cf:52:36:dd:b5:a3:0e:13:
88:46:57:e2:4c:29:fd:a6:24:68:4b:77:0f:68:70:
46:cc:f1:af:3d:f1:db:0c:34:9a:01:d1:2d:95:ef:
07:9f:24:28:b6:1a:7b:4e:e4:b5:57:10:45:bd:25:
23:28:cd:d6:d5:30:9b:9f:2f:42:2c:89:87:ae:26:
32:58:68:35:19:42:f7:51:ad:00:e8:aa:bb:81:65:
af:a5:0f:b2:44:41:f1:4b:03:1b:45:4b:49:99:3d:
89:99:27:00:aa:20:ac:88:d9:73:45:b2:69:e2:f7:
b3:93:33:bc:47:00:9b:50:a2:30:77:8d:89:43:b1:
4d:54:74:89:a8:f2:8a:aa:c4:2f:77:46:94:8e:e0:
70:85:22:fb:9c:ae:0f:05:97:d8:e7:8b:0b:04:9c:
4c:aa:7a:a5:a3:e4:88:06:98:d1:db:f8:7f:17:ba:
39:a5:0c:58:a3:29:f3:3a:46:d5:47:37:92:cd:93:
03:82:8f:ef:bf:30:e0:f9:c6:cb:6f:3a:cd:34:c4:
2f:b2:8a:6e:bf:fa:25:99:43:44:e4:d8:89:5a:90:
bc:a0:2b:a3:41:c6:29:2c:d6:13:ac:65:bc:ee:48:
13:fa:b2:92:0d:fd:34:5a:a8:53:6b:af:f9:9b:cb:
f8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:DE:A8:89:61:55:E2:83:2E:89:60:99:2C:1A:B9:FE:F9:1B:28:4D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EA29B2E6A74111EF9F02FD47762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.154.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:5a:e4:37:ba:53:7e:42:29:24:22:23:df:43:6f:75:70:a7:
78:04:a4:37:9d:49:d8:27:8e:38:bb:f7:b9:de:49:73:5a:4f:
b3:b1:5e:4b:b5:b6:cd:ab:bf:21:b8:19:e3:1f:0c:90:0c:9c:
36:ba:35:c5:04:4c:62:7e:7b:cd:a3:d0:7c:30:62:f4:04:e5:
ff:8e:7d:72:c1:6e:8c:04:7c:05:3c:1d:76:a7:e0:a6:8b:70:
96:eb:11:37:14:7e:0f:d5:1d:74:e5:7b:75:47:04:93:74:fb:
ce:fe:f0:cf:a4:12:1f:18:29:f6:4e:a0:50:32:98:f0:22:7f:
8a:bf:e2:b3:77:4f:3c:39:4b:8a:e4:f8:af:42:b0:b0:ef:94:
95:11:a3:70:42:75:bf:03:68:24:44:e4:b1:2a:ff:71:cf:f9:
33:fa:4b:3a:41:16:dd:25:3d:a3:48:40:e3:4d:76:b8:57:57:
f2:a7:14:c8:08:b0:2a:19:e0:d6:f0:ac:f1:cd:83:3e:a9:aa:
6c:12:5c:6c:7c:fd:51:61:83:78:ea:32:6f:0d:83:74:7c:23:
d6:b8:0b:15:ed:2c:62:87:5a:a0:2c:49:02:69:f1:02:33:25:
ab:a6:14:70:40:93:0e:e4:d8:a1:1b:7f:ec:7f:d0:aa:fd:61:
5b:94:df:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ+5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMTMxODE4WhcNMjQxMTMwMTMxODE4WjAYMRYw
FAYDVQQDEw02NzNkZTE5ZC05YjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtqleRYhUz1I23bWjDhOIRlfiTCn9piRoS3cPaHBGzPGvPfHbDDSaAdEt
le8HnyQothp7TuS1VxBFvSUjKM3W1TCbny9CLImHriYyWGg1GUL3Ua0A6Kq7gWWv
pQ+yREHxSwMbRUtJmT2JmScAqiCsiNlzRbJp4vezkzO8RwCbUKIwd42JQ7FNVHSJ
qPKKqsQvd0aUjuBwhSL7nK4PBZfY54sLBJxMqnqlo+SIBpjR2/h/F7o5pQxYoynz
OkbVRzeSzZMDgo/vvzDg+cbLbzrNNMQvsopuv/olmUNE5NiJWpC8oCujQcYpLNYT
rGW87kgT+rKSDf00WqhTa6/5m8v44QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFADe
qIlhVeKDLolgmSwauf75GyhNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQTI5QjJFNkE3NDExMUVGOUYwMkZENDc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmtSaMA0GCSqGSIb3DQEB
CwUAA4IBAQAuWuQ3ulN+QikkIiPfQ291cKd4BKQ3nUnYJ444u/e53klzWk+zsV5L
tbbNq78huBnjHwyQDJw2ujXFBExifnvNo9B8MGL0BOX/jn1ywW6MBHwFPB12p+Cm
i3CW6xE3FH4P1R105Xt1RwSTdPvO/vDPpBIfGCn2TqBQMpjwIn+Kv+Kzd088OUuK
5PivQrCw75SVEaNwQnW/A2gkROSxKv9xz/kz+ks6QRbdJT2jSEDjTXa4V1fypxTI
CLAqGeDW8KzxzYM+qapsElxsfP1RYYN46jJvDYN0fCPWuAsV7Sxih1qgLEkCafEC
MyWrphRwQJMO5NihG3/sf9Cq/WFblN+E
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:33 2024 by rpki-client on console-ams.rpki-client.org