Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA2E35BCA73D11EF96A5C8AE762E951A.roa
File: FA2E35BCA73D11EF96A5C8AE762E951A.roa (raw, json)
Hash identifier: GKilwKQ2MuIvwDMgNntOZ92x28zSJd3YBM3uF8JELpY=
Subject key identifier: 7A:9C:49:97:29:0A:F6:95:4D:F6:85:08:4A:00:8D:51:2E:C4:4E:DF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 010FAB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA2E35BCA73D11EF96A5C8AE762E951A.roa
Signing time: Wed 20 Nov 2024 12:50:10 +0000
ROA not before: Wed 20 Nov 2024 12:50:07 +0000
ROA not after: Sat 30 Nov 2024 12:50:07 +0000
asID: 142062
IP address blocks: 154.212.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69547 (0x10fab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 20 12:50:07 2024 GMT
Not After : Nov 30 12:50:07 2024 GMT
Subject: CN=673ddb02-a749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:84:81:87:7a:c8:81:e7:cb:8f:22:10:bd:22:
46:5c:18:12:db:ac:07:d6:b0:46:82:98:70:73:01:
47:4f:2f:d4:0f:7c:e4:d1:82:3d:d2:94:31:4b:50:
35:80:8a:48:ac:7f:d4:53:94:29:01:23:ca:66:3a:
4e:f8:df:66:bc:0d:63:4b:ef:49:93:0f:bb:62:0a:
41:45:57:0b:a3:a6:28:6e:42:53:89:16:d5:e3:e9:
f0:ec:79:91:c4:7c:a3:ce:4e:9f:13:e9:bc:68:88:
c3:d8:c2:c1:10:73:08:0e:47:bd:e2:18:65:30:0d:
a4:cd:2a:28:0c:60:74:6e:c7:4b:41:1c:71:e3:db:
9a:a5:d7:3a:01:e5:03:e6:67:94:1b:d9:44:13:c5:
71:87:be:8d:8f:45:8d:e8:7c:49:5c:4c:50:ea:30:
4d:df:15:38:4b:51:15:ea:00:0b:d9:65:6a:1f:9c:
95:62:13:70:5d:20:08:22:6f:f2:49:97:1c:47:17:
18:10:d5:69:f9:2e:1e:a6:ec:85:e5:4f:17:08:ab:
30:72:eb:8e:c0:bc:58:38:11:bb:03:66:78:10:64:
c3:75:62:4f:d6:f9:78:de:5f:c7:db:28:71:b6:27:
09:32:a9:5f:79:9a:cc:f7:5f:89:62:5b:06:84:1a:
ea:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9C:49:97:29:0A:F6:95:4D:F6:85:08:4A:00:8D:51:2E:C4:4E:DF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA2E35BCA73D11EF96A5C8AE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.149.0/24
Signature Algorithm: sha256WithRSAEncryption
82:97:ef:c8:f8:b4:99:47:a1:9e:da:dc:0d:16:8a:b4:92:d4:
2f:79:30:cc:bd:ca:51:e3:a0:20:7b:2b:ff:ab:cd:c6:6f:ff:
ea:1b:f2:bb:46:5b:d5:da:ff:c8:53:7d:0e:12:66:57:cc:2a:
e6:30:21:d4:44:f7:16:88:70:8b:a0:04:a5:fe:9b:ce:f2:ca:
df:e8:e7:ab:ea:1a:b1:ec:31:65:c9:07:cc:dc:1c:80:48:ed:
24:32:97:7a:ec:64:f1:de:62:1e:71:e2:5b:38:6a:9f:22:6c:
e0:9f:4d:d9:48:fb:3e:6d:43:95:3a:cd:dd:9e:22:a4:a5:e7:
ee:08:83:66:0c:c4:76:92:bd:ca:b7:eb:4d:5a:3c:fa:09:a6:
15:59:a6:ca:df:a5:d6:8e:a2:47:af:59:71:45:5a:51:2b:ef:
c2:42:95:9a:f1:a8:f9:d3:1a:cd:3a:e7:d3:fc:c6:f7:45:89:
dd:68:78:ca:2e:c9:4c:59:e4:c5:e9:42:7b:81:52:58:65:45:
ca:19:c6:80:46:d8:42:57:7f:29:c4:19:37:44:51:cd:d6:f9:
e6:29:4e:59:48:61:be:4e:56:25:8e:59:2b:86:72:53:5b:1a:
6c:a4:6e:6b:0b:3e:ae:51:79:7d:0e:09:0f:ed:b8:17:40:89:
29:83:42:e5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQ+rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIwMTI1MDA3WhcNMjQxMTMwMTI1MDA3WjAYMRYw
FAYDVQQDEw02NzNkZGIwMi1hNzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4YSBh3rIgefLjyIQvSJGXBgS26wH1rBGgphwcwFHTy/UD3zk0YI90pQx
S1A1gIpIrH/UU5QpASPKZjpO+N9mvA1jS+9Jkw+7YgpBRVcLo6YobkJTiRbV4+nw
7HmRxHyjzk6fE+m8aIjD2MLBEHMIDke94hhlMA2kzSooDGB0bsdLQRxx49uapdc6
AeUD5meUG9lEE8Vxh76Nj0WN6HxJXExQ6jBN3xU4S1EV6gAL2WVqH5yVYhNwXSAI
Im/ySZccRxcYENVp+S4epuyF5U8XCKswcuuOwLxYOBG7A2Z4EGTDdWJP1vl43l/H
2yhxticJMqlfeZrM91+JYlsGhBrqRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHqc
SZcpCvaVTfaFCEoAjVEuxE7fMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQTJFMzVCQ0E3M0QxMUVGOTZBNUM4QUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtSVMA0GCSqGSIb3DQEB
CwUAA4IBAQCCl+/I+LSZR6Ge2twNFoq0ktQveTDMvcpR46Ageyv/q83Gb//qG/K7
RlvV2v/IU30OEmZXzCrmMCHURPcWiHCLoASl/pvO8srf6Oer6hqx7DFlyQfM3ByA
SO0kMpd67GTx3mIeceJbOGqfImzgn03ZSPs+bUOVOs3dniKkpefuCINmDMR2kr3K
t+tNWjz6CaYVWabK36XWjqJHr1lxRVpRK+/CQpWa8aj50xrNOufT/Mb3RYndaHjK
LslMWeTF6UJ7gVJYZUXKGcaARthCV38pxBk3RFHN1vnmKU5ZSGG+TlYljlkrhnJT
WxpspG5rCz6uUXl9DgkP7bgXQIkpg0Ll
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:31 2024 by rpki-client on console-fra.rpki-client.org