Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F0438492A8D911EFBDD15F50762E951A.roa
File: F0438492A8D911EFBDD15F50762E951A.roa (raw, json)
Hash identifier: gQOFjR9RgQeRTBXW22OhCg+LzVDQHfD7YKfYQu6X/c4=
Subject key identifier: FE:D8:F9:A9:29:EE:0C:CE:97:28:4C:A8:E4:67:95:B5:3D:D5:AA:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011049
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F0438492A8D911EFBDD15F50762E951A.roa
Signing time: Fri 22 Nov 2024 13:59:06 +0000
ROA not before: Fri 22 Nov 2024 13:59:03 +0000
ROA not after: Mon 02 Dec 2024 13:59:03 +0000
asID: 44559
IP address blocks: 154.94.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69705 (0x11049)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 13:59:03 2024 GMT
Not After : Dec 2 13:59:03 2024 GMT
Subject: CN=67408e2a-4b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:27:1e:d5:ea:24:14:93:47:3f:60:61:3b:65:
55:89:d9:36:e6:f6:d8:8c:bd:36:e1:cd:de:52:4d:
ac:17:90:f2:7f:39:49:78:d5:df:62:08:64:13:d1:
01:fd:cd:df:61:f0:a9:c0:fb:75:0e:8c:c8:16:f6:
a1:e4:1d:65:d8:70:6b:ee:4c:9b:5b:57:8e:8d:fd:
42:f9:53:51:56:0f:62:c9:40:7d:3d:fb:ee:15:cb:
18:42:e2:da:a4:c9:ae:e1:2f:d2:1d:19:5e:6c:79:
b6:cf:53:9b:d0:d5:bd:4b:0e:ff:07:cf:eb:e9:00:
4f:e8:f2:25:94:33:21:8f:09:56:f2:f9:f3:8c:e8:
5b:fe:db:19:8b:4f:d9:58:d7:0a:95:a0:f9:26:79:
5a:cb:22:30:d7:6b:08:50:17:4c:9e:94:d2:0d:dc:
f6:bb:a8:3b:41:cd:d1:3c:c3:4a:d3:24:3f:1b:65:
e9:52:48:8b:8b:4d:85:0a:0a:78:76:b1:41:a8:26:
2d:7c:c0:60:ca:d3:93:db:64:d3:a2:84:4b:a6:b1:
ac:67:55:ab:40:cd:37:55:78:a2:6b:83:68:d5:78:
60:56:94:d3:1d:f7:96:d0:9d:46:95:60:4e:10:78:
e8:44:6f:11:11:ab:fd:76:d7:c2:0f:d4:f9:83:69:
61:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D8:F9:A9:29:EE:0C:CE:97:28:4C:A8:E4:67:95:B5:3D:D5:AA:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F0438492A8D911EFBDD15F50762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.237.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b0:25:c7:e4:68:a9:80:04:67:f5:86:1d:94:9d:2d:f5:cf:
1f:eb:1b:45:5c:e0:4f:5a:ae:2e:3c:69:7f:af:c5:45:f4:1f:
0e:c9:c8:15:9b:31:13:c3:07:ab:3b:9f:77:42:43:a2:8e:c6:
7a:cb:dc:ab:4a:76:89:e7:a3:53:8c:cf:e5:f9:0d:cc:24:e0:
c2:05:5c:da:c2:71:85:9e:7a:2f:ba:42:ae:6d:93:ea:1f:65:
a2:a6:8d:65:aa:6f:31:6c:09:b0:cb:a0:ff:61:4a:d8:c3:55:
9e:0f:9f:d6:55:80:d4:b1:55:99:ab:89:73:57:ce:f6:96:67:
42:15:55:83:d3:d2:33:52:4a:35:2e:e2:97:93:85:7e:83:de:
66:eb:9e:3b:6e:64:d8:f5:c9:83:22:fd:71:ff:2a:a8:81:73:
b2:b7:59:2f:a6:d7:57:82:65:42:5c:dc:d8:42:2c:76:07:72:
da:49:03:03:bf:7b:69:db:c4:de:4d:4a:e3:b5:4c:54:c7:34:
98:3d:63:43:be:80:46:63:02:59:ec:ae:c0:10:e0:83:49:d5:
79:48:64:5a:71:4a:6a:9e:a3:59:14:dc:9e:25:01:94:71:68:
14:ed:0b:9c:90:15:94:fc:8a:2d:c6:e4:c6:e3:92:2b:be:08:
e7:20:54:7b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARBJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTM1OTAzWhcNMjQxMjAyMTM1OTAzWjAYMRYw
FAYDVQQDEw02NzQwOGUyYS00YjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ice1eokFJNHP2BhO2VVidk25vbYjL024c3eUk2sF5DyfzlJeNXfYghk
E9EB/c3fYfCpwPt1DozIFvah5B1l2HBr7kybW1eOjf1C+VNRVg9iyUB9PfvuFcsY
QuLapMmu4S/SHRlebHm2z1Ob0NW9Sw7/B8/r6QBP6PIllDMhjwlW8vnzjOhb/tsZ
i0/ZWNcKlaD5JnlayyIw12sIUBdMnpTSDdz2u6g7Qc3RPMNK0yQ/G2XpUkiLi02F
Cgp4drFBqCYtfMBgytOT22TTooRLprGsZ1WrQM03VXiia4No1XhgVpTTHfeW0J1G
lWBOEHjoRG8REav9dtfCD9T5g2lhXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP7Y
+akp7gzOlyhMqORnlbU91aqCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMDQzODQ5MkE4RDkxMUVGQkREMTVGNTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml7tMA0GCSqGSIb3DQEB
CwUAA4IBAQAOsCXH5GipgARn9YYdlJ0t9c8f6xtFXOBPWq4uPGl/r8VF9B8OycgV
mzETwwerO593QkOijsZ6y9yrSnaJ56NTjM/l+Q3MJODCBVzawnGFnnovukKubZPq
H2Wipo1lqm8xbAmwy6D/YUrYw1WeD5/WVYDUsVWZq4lzV872lmdCFVWD09IzUko1
LuKXk4V+g95m6547bmTY9cmDIv1x/yqogXOyt1kvptdXgmVCXNzYQix2B3LaSQMD
v3tp28TeTUrjtUxUxzSYPWNDvoBGYwJZ7K7AEOCDSdV5SGRacUpqnqNZFNyeJQGU
cWgU7QuckBWU/IotxuTG45IrvgjnIFR7
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:45 2024 by rpki-client on console-ams.rpki-client.org