Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF6BD6A074CC11EFAE331444762E951A.roa
File: EF6BD6A074CC11EFAE331444762E951A.roa (raw, json)
Hash identifier: Zz2Y6a1i8btBXZVzb6vTXcVQiVFM+nDaYY65nQVlf5Q=
Subject key identifier: D1:41:F1:8A:75:14:63:75:22:3A:27:EE:BE:96:7C:FA:9C:14:CB:92
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: EFF2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF6BD6A074CC11EFAE331444762E951A.roa
Signing time: Tue 17 Sep 2024 08:15:01 +0000
ROA not before: Tue 17 Sep 2024 08:14:58 +0000
ROA not after: Sat 30 Nov 2024 08:14:58 +0000
asID: 142403
IP address blocks: 154.221.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61426 (0xeff2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Sep 17 08:14:58 2024 GMT
Not After : Nov 30 08:14:58 2024 GMT
Subject: CN=66e93a85-b3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b1:6e:8d:7d:38:63:52:4e:3a:c1:d1:f2:1c:
f4:c4:6d:3d:a6:1b:c5:c7:01:fe:92:fb:2e:41:dc:
68:a4:5c:8f:a7:66:4e:ed:a5:c1:c9:1c:52:16:5f:
12:32:5c:6b:3d:56:e0:94:ea:70:0a:fa:93:b4:b8:
b6:44:78:13:3e:85:22:f2:02:53:e8:f9:7b:ab:b5:
dc:af:73:69:a4:1a:e7:7e:c2:c6:f1:25:09:94:7d:
ad:a2:01:14:d7:d7:98:96:b2:83:ca:f5:7b:3a:66:
80:00:a7:ac:10:a7:e2:12:97:c1:7d:90:5c:f1:eb:
09:cc:6d:78:13:d5:dc:bd:28:44:cb:db:0e:d7:50:
5f:57:97:db:1b:25:66:8c:89:b6:c0:f1:09:b7:e0:
39:23:a3:4c:75:56:0e:00:27:d6:4f:9a:c3:3d:64:
d2:86:1e:d4:4f:c5:95:5a:a9:91:3f:6e:77:48:d7:
80:b1:ac:65:01:1c:c8:03:bc:3c:d1:cf:c5:97:1b:
80:c6:76:56:79:42:45:d6:5a:6d:1e:51:48:ef:fc:
22:9e:97:46:4a:35:2d:29:4f:76:55:71:60:d0:3a:
48:b1:ff:78:a0:a6:5a:c9:65:fc:99:b5:71:7c:8b:
f1:88:bb:e7:5b:d5:3a:12:09:bd:9a:ea:70:4d:78:
f7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:41:F1:8A:75:14:63:75:22:3A:27:EE:BE:96:7C:FA:9C:14:CB:92
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF6BD6A074CC11EFAE331444762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.16.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:f7:2c:41:f5:aa:44:d2:c8:5b:2c:64:45:e6:8f:1c:6b:d0:
e1:b2:e0:97:64:20:4d:05:c4:b7:6f:0c:cc:10:80:d9:e6:b4:
ea:7e:1d:09:ac:97:f4:5a:bb:86:b8:09:39:14:9e:a0:b1:f4:
14:cf:7c:8d:13:e0:6a:8c:da:98:66:be:68:14:91:70:9a:f5:
94:b4:e6:18:f5:63:e3:0a:a5:fc:6a:5a:30:af:8c:71:37:8a:
a9:6d:1a:ca:fa:93:7e:30:eb:92:f6:5a:67:8f:3e:8c:5c:3f:
1e:5e:66:45:1c:94:64:5d:25:9b:2e:8d:f0:51:78:55:53:fd:
b1:46:e4:2a:04:f5:f4:4d:3b:f1:74:b5:a0:56:ae:87:f2:c5:
4c:e4:83:1c:21:eb:c3:0c:5d:e5:b9:9e:fb:0a:3e:12:79:b2:
57:16:03:0d:76:1a:2d:b5:ab:2b:7c:1c:c1:2c:df:e4:51:e1:
14:40:e6:94:7b:a4:fd:06:04:6c:15:af:e7:d9:20:a0:bd:b8:
f0:30:7f:74:74:89:ab:7a:38:c1:6e:43:44:fc:4c:24:71:fd:
ad:66:38:0d:7d:0b:00:7c:0c:47:9f:73:97:eb:93:74:13:e3:
8a:ce:29:9b:96:bf:bb:41:64:ca:d0:a3:36:a1:64:46:e3:48:
24:60:53:d4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAO/yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTE3MDgxNDU4WhcNMjQxMTMwMDgxNDU4WjAYMRYw
FAYDVQQDEw02NmU5M2E4NS1iM2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqrFujX04Y1JOOsHR8hz0xG09phvFxwH+kvsuQdxopFyPp2ZO7aXByRxS
Fl8SMlxrPVbglOpwCvqTtLi2RHgTPoUi8gJT6Pl7q7Xcr3NppBrnfsLG8SUJlH2t
ogEU19eYlrKDyvV7OmaAAKesEKfiEpfBfZBc8esJzG14E9XcvShEy9sO11BfV5fb
GyVmjIm2wPEJt+A5I6NMdVYOACfWT5rDPWTShh7UT8WVWqmRP253SNeAsaxlARzI
A7w80c/FlxuAxnZWeUJF1lptHlFI7/winpdGSjUtKU92VXFg0DpIsf94oKZayWX8
mbVxfIvxiLvnW9U6Egm9mupwTXj3wwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNFB
8Yp1FGN1Ijon7r6WfPqcFMuSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRjZCRDZBMDc0Q0MxMUVGQUUzMzE0NDQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt0QMA0GCSqGSIb3DQEB
CwUAA4IBAQDG9yxB9apE0shbLGRF5o8ca9DhsuCXZCBNBcS3bwzMEIDZ5rTqfh0J
rJf0WruGuAk5FJ6gsfQUz3yNE+BqjNqYZr5oFJFwmvWUtOYY9WPjCqX8alowr4xx
N4qpbRrK+pN+MOuS9lpnjz6MXD8eXmZFHJRkXSWbLo3wUXhVU/2xRuQqBPX0TTvx
dLWgVq6H8sVM5IMcIevDDF3luZ77Cj4SebJXFgMNdhottasrfBzBLN/kUeEUQOaU
e6T9BgRsFa/n2SCgvbjwMH90dImrejjBbkNE/Ewkcf2tZjgNfQsAfAxHn3OX65N0
E+OKzimblr+7QWTK0KM2oWRG40gkYFPU
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:30 2024 by rpki-client on console-fra.rpki-client.org