Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF9E44009B8211EFB47101B2762E951A.roa
File: EF9E44009B8211EFB47101B2762E951A.roa (raw, json)
Hash identifier: HlQOzM8kIq8T9lFgeUcJnjlsgADgvHOI9J+HsuoZbvc=
Subject key identifier: C7:5F:B9:A3:14:22:E9:88:07:A1:20:56:6A:5B:76:D3:46:B3:23:89
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0107FB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF9E44009B8211EFB47101B2762E951A.roa
Signing time: Tue 05 Nov 2024 14:33:34 +0000
ROA not before: Tue 05 Nov 2024 14:33:29 +0000
ROA not after: Mon 20 Jan 2025 14:33:29 +0000
asID: 135097
IP address blocks: 154.220.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67579 (0x107fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 5 14:33:29 2024 GMT
Not After : Jan 20 14:33:29 2025 GMT
Subject: CN=672a2cbe-c012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:49:7c:92:d4:a9:75:68:6f:f5:96:73:2b:47:
7c:7e:5a:a9:a4:09:75:b1:69:79:01:08:46:55:4d:
58:84:99:7d:84:85:ad:93:b0:af:20:0b:4a:7f:9e:
50:cc:f9:e1:ea:5e:3e:04:56:05:04:d3:3b:b4:cb:
b3:78:76:25:11:b9:cd:a1:e5:82:90:10:1f:17:6c:
65:97:29:31:8a:a9:a5:7a:07:ef:6a:13:ce:2d:92:
ff:64:b6:21:11:4a:40:db:67:8f:34:3c:28:db:39:
b5:03:27:16:0d:6e:0d:f5:3a:eb:69:23:71:9b:04:
ca:6e:b6:5a:58:da:d0:1c:11:69:2c:cf:f2:a7:54:
ad:c7:14:ab:aa:f2:a6:80:2b:ea:23:0f:cc:4a:b3:
58:7e:0e:39:e8:64:ea:1d:a6:e0:41:22:a4:cb:fd:
84:ab:85:aa:d7:1d:ff:f1:74:c9:26:5e:73:24:91:
a0:63:a2:4a:d0:01:57:6a:da:7c:b9:43:ea:c1:ff:
18:f4:78:36:a9:09:d5:34:f8:c0:f0:b9:69:9d:5e:
2a:da:63:25:9a:56:fb:fb:52:aa:06:c3:62:29:75:
07:ae:49:d2:b8:00:14:5c:89:13:4c:7f:60:b2:47:
17:58:d5:e5:b6:ab:7b:c7:f5:b5:b6:73:af:c5:c1:
17:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5F:B9:A3:14:22:E9:88:07:A1:20:56:6A:5B:76:D3:46:B3:23:89
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF9E44009B8211EFB47101B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.220.16.0/20
Signature Algorithm: sha256WithRSAEncryption
94:8f:88:82:43:bc:80:21:2d:66:74:87:54:47:c9:7c:4b:77:
83:39:72:08:e0:87:6c:5e:4b:26:48:30:5b:1a:d4:90:51:af:
05:07:f9:ef:d0:4d:c2:90:60:38:50:4e:a2:c1:30:c1:ed:8f:
fb:1f:49:57:6a:87:a1:a0:f9:2a:1c:6a:e9:8f:c3:af:91:42:
08:03:71:7d:a7:5e:ca:8f:f8:03:40:32:2e:fb:7d:4e:45:52:
3a:81:55:8a:71:82:c5:f9:47:af:0a:c3:e1:a3:d5:ad:f9:4d:
e1:e8:26:2e:8e:cd:11:39:f6:06:83:e6:ff:a2:04:bd:98:67:
8c:6c:e5:2c:af:6a:cf:26:81:31:44:82:74:f6:ce:bd:01:92:
35:5f:c8:63:0f:2b:45:80:cd:05:db:22:d0:a8:55:f0:a4:d5:
d7:c6:d2:55:5c:72:31:67:69:94:86:be:9e:7d:e8:80:14:54:
ec:87:4b:5b:33:74:89:97:1c:e1:50:73:2a:e5:5b:b7:ba:8b:
07:b3:b9:21:6f:a2:37:4f:a2:1d:88:8f:78:53:a8:8c:74:21:
f3:72:bf:d8:5c:2e:4c:d7:f1:b7:43:80:ee:a2:3f:43:3b:56:
51:cf:46:d7:3b:4a:2b:75:df:09:84:df:aa:f6:10:54:96:80:
8c:d4:4d:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQf7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA1MTQzMzI5WhcNMjUwMTIwMTQzMzI5WjAYMRYw
FAYDVQQDEw02NzJhMmNiZS1jMDEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4El8ktSpdWhv9ZZzK0d8flqppAl1sWl5AQhGVU1YhJl9hIWtk7CvIAtK
f55QzPnh6l4+BFYFBNM7tMuzeHYlEbnNoeWCkBAfF2xllykxiqmlegfvahPOLZL/
ZLYhEUpA22ePNDwo2zm1AycWDW4N9TrraSNxmwTKbrZaWNrQHBFpLM/yp1StxxSr
qvKmgCvqIw/MSrNYfg456GTqHabgQSKky/2Eq4Wq1x3/8XTJJl5zJJGgY6JK0AFX
atp8uUPqwf8Y9Hg2qQnVNPjA8LlpnV4q2mMlmlb7+1KqBsNiKXUHrknSuAAUXIkT
TH9gskcXWNXltqt7x/W1tnOvxcEX5wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMdf
uaMUIumIB6EgVmpbdtNGsyOJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRjlFNDQwMDlCODIxMUVGQjQ3MTAxQjI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmtwQMA0GCSqGSIb3DQEB
CwUAA4IBAQCUj4iCQ7yAIS1mdIdUR8l8S3eDOXII4IdsXksmSDBbGtSQUa8FB/nv
0E3CkGA4UE6iwTDB7Y/7H0lXaoehoPkqHGrpj8OvkUIIA3F9p17Kj/gDQDIu+31O
RVI6gVWKcYLF+UevCsPho9Wt+U3h6CYujs0ROfYGg+b/ogS9mGeMbOUsr2rPJoEx
RIJ09s69AZI1X8hjDytFgM0F2yLQqFXwpNXXxtJVXHIxZ2mUhr6efeiAFFTsh0tb
M3SJlxzhUHMq5Vu3uosHs7khb6I3T6IdiI94U6iMdCHzcr/YXC5M1/G3Q4Duoj9D
O1ZRz0bXO0ordd8JhN+q9hBUloCM1E11
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:04:34 2024 by rpki-client on console-ams.rpki-client.org