Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F62ACEB49CCD11EFBA4A8F65762E951A.roa
File: F62ACEB49CCD11EFBA4A8F65762E951A.roa (raw, json)
Hash identifier: P8+R0G46212Jw+ubGbEiJskAYzi6br7KLcum7qoxk10=
Subject key identifier: 4D:D7:BA:86:ED:D0:DC:99:24:34:0D:0C:87:16:C7:1A:00:EE:D4:C0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010923
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F62ACEB49CCD11EFBA4A8F65762E951A.roa
Signing time: Thu 07 Nov 2024 06:03:08 +0000
ROA not before: Thu 07 Nov 2024 06:03:05 +0000
ROA not after: Fri 08 Aug 2025 06:03:05 +0000
asID: 137990
IP address blocks: 154.197.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67875 (0x10923)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 7 06:03:05 2024 GMT
Not After : Aug 8 06:03:05 2025 GMT
Subject: CN=672c581c-5822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a7:78:ec:06:72:4b:61:65:2c:ce:2a:3b:cf:
c5:ec:68:3f:e2:37:5f:18:ce:01:7c:4a:2c:4c:6c:
b4:5e:3e:24:2e:b2:90:42:ac:9e:89:3d:6c:84:1d:
8c:69:2d:d0:0c:77:a6:1b:91:89:0f:d4:a0:0c:d6:
6c:77:75:44:2c:63:66:32:d4:ba:99:9b:96:9c:46:
79:87:39:39:8b:5e:6b:2c:7c:32:f1:e4:9d:ca:e5:
3a:e1:55:f6:fe:d2:d4:49:e8:f2:fa:ce:e5:e0:8c:
6a:6c:0e:4a:c9:22:ab:a4:2f:13:83:69:31:65:c8:
97:fb:d4:db:8e:4c:90:65:ca:ec:07:42:a9:41:90:
9e:b7:90:50:37:b3:42:1a:59:60:fb:18:25:b5:56:
73:ca:9c:7c:e4:ca:e5:35:56:8c:7f:36:72:3b:b0:
3a:fb:1f:0d:c7:e9:dc:d9:68:a3:ae:1d:0b:0d:ac:
03:6c:06:ed:22:e6:74:4f:7a:88:25:0e:94:1d:92:
a9:9e:2b:ef:75:e6:bc:cb:85:b3:9e:44:97:77:31:
29:a1:92:21:5e:ff:38:f8:b2:44:24:07:6e:a5:ef:
6b:7b:13:06:38:33:47:7c:f2:64:8c:70:a5:af:70:
a5:ca:1e:23:f1:3d:25:66:b8:c9:82:38:2d:44:f8:
ef:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D7:BA:86:ED:D0:DC:99:24:34:0D:0C:87:16:C7:1A:00:EE:D4:C0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F62ACEB49CCD11EFBA4A8F65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.28.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:b7:92:18:69:65:e1:1b:9b:72:34:70:72:4b:06:03:7a:be:
07:fb:52:ef:11:ac:fe:f3:5c:f4:8e:16:e0:bc:22:2b:4e:a9:
ef:b1:b1:ea:a2:a0:51:ad:28:28:85:7a:7a:d0:9b:e5:1b:48:
0a:9f:5a:61:de:b5:02:7f:f2:38:42:5c:80:93:0f:25:0d:fb:
33:83:24:bf:f8:9a:a8:e1:9b:4c:5f:ce:25:08:2f:fd:91:fe:
cd:00:28:60:8e:36:c5:9b:da:6c:c3:2a:ce:02:22:67:8c:d9:
21:bc:d8:b2:4c:88:21:bf:9f:b4:29:bd:dc:5b:a3:f9:18:40:
58:d8:a6:4f:71:5c:91:2b:c8:d1:cc:76:d0:8f:af:07:f9:8f:
97:b3:aa:09:a7:e9:d6:0e:ba:4f:39:5e:84:77:31:3b:9e:94:
85:7c:7e:38:40:a5:2d:5d:04:a4:66:a9:ff:0b:34:51:9f:d6:
00:b8:0f:59:d9:77:9a:c3:61:b4:44:0a:af:86:f6:be:a2:b4:
a8:d1:2f:7b:b5:c0:74:4b:e9:3e:51:3c:b5:c9:8c:62:48:30:
5a:06:ad:36:9b:8c:2e:50:a2:50:7a:c1:61:2f:e0:66:98:b7:
bf:4d:7b:bb:36:6b:60:da:29:46:68:98:ac:4f:47:ff:7e:f6:
6f:9a:90:ba
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQkjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTA3MDYwMzA1WhcNMjUwODA4MDYwMzA1WjAYMRYw
FAYDVQQDEw02NzJjNTgxYy01ODIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6ad47AZyS2FlLM4qO8/F7Gg/4jdfGM4BfEosTGy0Xj4kLrKQQqyeiT1s
hB2MaS3QDHemG5GJD9SgDNZsd3VELGNmMtS6mZuWnEZ5hzk5i15rLHwy8eSdyuU6
4VX2/tLUSejy+s7l4IxqbA5KySKrpC8Tg2kxZciX+9TbjkyQZcrsB0KpQZCet5BQ
N7NCGllg+xgltVZzypx85MrlNVaMfzZyO7A6+x8Nx+nc2Wijrh0LDawDbAbtIuZ0
T3qIJQ6UHZKpnivvdea8y4WznkSXdzEpoZIhXv84+LJEJAdupe9rexMGODNHfPJk
jHClr3Clyh4j8T0lZrjJgjgtRPjvQwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE3X
uobt0NyZJDQNDIcWxxoA7tTAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNjJBQ0VCNDlDQ0QxMUVGQkE0QThGNjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsUcMA0GCSqGSIb3DQEB
CwUAA4IBAQB6t5IYaWXhG5tyNHBySwYDer4H+1LvEaz+81z0jhbgvCIrTqnvsbHq
oqBRrSgohXp60JvlG0gKn1ph3rUCf/I4QlyAkw8lDfszgyS/+Jqo4ZtMX84lCC/9
kf7NAChgjjbFm9pswyrOAiJnjNkhvNiyTIghv5+0Kb3cW6P5GEBY2KZPcVyRK8jR
zHbQj68H+Y+Xs6oJp+nWDrpPOV6EdzE7npSFfH44QKUtXQSkZqn/CzRRn9YAuA9Z
2Xeaw2G0RAqvhva+orSo0S97tcB0S+k+UTy1yYxiSDBaBq02m4wuUKJQesFhL+Bm
mLe/TXu7Nmtg2ilGaJisT0f/fvZvmpC6
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:32:34 2024 by rpki-client on console-fra.rpki-client.org