Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA681E22A8EA11EFB34CE4BA762E951A.roa
File: FA681E22A8EA11EFB34CE4BA762E951A.roa (raw, json)
Hash identifier: M+4X3/Q3DGoDFWOfNf6dRSFiePKe75r8zmDJqSBmwOI=
Subject key identifier: CB:11:EC:E9:EC:BA:ED:E0:CD:8F:9D:B5:7F:D5:D6:54:23:64:3C:CE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01110B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA681E22A8EA11EFB34CE4BA762E951A.roa
Signing time: Fri 22 Nov 2024 16:01:05 +0000
ROA not before: Fri 22 Nov 2024 16:01:01 +0000
ROA not after: Tue 03 Dec 2024 16:01:01 +0000
asID: 62240
IP address blocks: 154.195.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69899 (0x1110b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Nov 22 16:01:01 2024 GMT
Not After : Dec 3 16:01:01 2024 GMT
Subject: CN=6740aac1-579e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:3a:2f:f9:f0:91:bd:75:43:f1:a5:dc:76:
30:2d:16:7f:c4:d6:92:f2:c9:cc:44:9f:ce:82:af:
34:79:99:9a:66:20:c8:42:25:84:28:a9:40:42:a8:
d5:84:f6:dd:bd:46:71:2b:8a:67:01:63:2c:9f:f6:
d9:d2:d7:fc:e6:10:fc:26:9f:45:72:07:21:09:15:
aa:0d:9a:b2:57:7b:53:a2:2e:d1:ad:f5:8d:86:9a:
f2:ae:0c:66:8f:46:50:ed:16:08:5e:d4:9f:13:da:
4b:cc:06:eb:30:ad:0c:ff:d2:7d:56:2d:4e:27:60:
4f:a0:f6:af:5b:0a:c0:91:d9:bd:8d:20:fd:36:d1:
9f:bf:11:32:18:9d:88:11:fb:f0:1c:e9:88:3a:2a:
54:e6:47:80:43:cc:f0:86:64:79:12:9b:11:08:d5:
50:08:73:24:dd:d8:19:42:ff:12:08:ba:d0:1d:17:
44:64:a9:ef:58:ae:ca:01:2c:08:2a:ca:c0:f6:6d:
45:f3:a4:57:67:d0:1d:eb:8d:79:3d:6b:63:df:73:
57:eb:fd:c9:8c:dc:c4:06:12:36:9b:03:38:98:d9:
7d:32:1a:ee:e2:3b:77:26:91:1b:16:80:7d:ae:70:
1b:71:da:1e:0f:52:1e:58:78:8f:56:92:17:b9:3d:
5b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:11:EC:E9:EC:BA:ED:E0:CD:8F:9D:B5:7F:D5:D6:54:23:64:3C:CE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FA681E22A8EA11EFB34CE4BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.195.128.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:45:41:0b:67:03:77:e9:fb:c0:00:15:5e:3e:4d:5f:19:a9:
30:ec:cf:b1:7c:c3:81:17:65:71:2c:b6:d2:aa:61:70:2d:e8:
f3:d6:18:b2:a6:74:ea:41:70:02:69:99:02:f1:fd:3e:df:71:
e7:50:c9:dc:f6:67:0f:9d:29:25:ef:a4:f0:50:04:8a:38:09:
f9:6d:91:b4:d2:54:58:bb:c9:ac:27:6a:df:e0:65:f7:3b:f1:
09:f1:70:28:25:17:4e:17:6b:e4:4e:32:da:5c:6e:72:e3:86:
37:62:c5:0b:60:2b:02:68:36:d6:b3:df:16:15:8d:59:96:cc:
c6:ee:28:50:b3:bf:25:7e:73:c7:09:b6:fc:3d:60:48:eb:fd:
37:7d:b4:f6:ca:ea:a0:ae:6a:6c:f1:55:69:8a:36:da:32:8f:
78:c0:cc:de:72:4f:95:59:e5:0c:ed:45:88:7d:f4:7b:36:2c:
9a:dd:41:dd:0c:71:a1:5f:1d:2a:1a:07:f2:a4:06:7e:61:13:
81:0d:5b:48:fd:95:38:80:63:00:06:01:76:d2:53:98:27:dc:
de:7b:fa:0f:f4:c2:b8:11:74:3d:d2:b2:4a:68:ad:9c:b9:0e:
bd:f2:4d:5e:2b:96:2d:79:7a:5b:8e:e2:06:31:bb:d0:93:12:
ee:ba:e2:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARELMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTIyMTYwMTAxWhcNMjQxMjAzMTYwMTAxWjAYMRYw
FAYDVQQDEw02NzQwYWFjMS01NzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAywQ6L/nwkb11Q/Gl3HYwLRZ/xNaS8snMRJ/Ogq80eZmaZiDIQiWEKKlA
QqjVhPbdvUZxK4pnAWMsn/bZ0tf85hD8Jp9FcgchCRWqDZqyV3tToi7RrfWNhpry
rgxmj0ZQ7RYIXtSfE9pLzAbrMK0M/9J9Vi1OJ2BPoPavWwrAkdm9jSD9NtGfvxEy
GJ2IEfvwHOmIOipU5keAQ8zwhmR5EpsRCNVQCHMk3dgZQv8SCLrQHRdEZKnvWK7K
ASwIKsrA9m1F86RXZ9Ad6415PWtj33NX6/3JjNzEBhI2mwM4mNl9Mhru4jt3JpEb
FoB9rnAbcdoeD1IeWHiPVpIXuT1b4wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMsR
7Onsuu3gzY+dtX/V1lQjZDzOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQTY4MUUyMkE4RUExMUVGQjM0Q0U0QkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsOAMA0GCSqGSIb3DQEB
CwUAA4IBAQCoRUELZwN36fvAABVePk1fGakw7M+xfMOBF2VxLLbSqmFwLejz1hiy
pnTqQXACaZkC8f0+33HnUMnc9mcPnSkl76TwUASKOAn5bZG00lRYu8msJ2rf4GX3
O/EJ8XAoJRdOF2vkTjLaXG5y44Y3YsULYCsCaDbWs98WFY1ZlszG7ihQs78lfnPH
Cbb8PWBI6/03fbT2yuqgrmps8VVpijbaMo94wMzeck+VWeUM7UWIffR7Niya3UHd
DHGhXx0qGgfypAZ+YROBDVtI/ZU4gGMABgF20lOYJ9zee/oP9MK4EXQ90rJKaK2c
uQ698k1eK5YteXpbjuIGMbvQkxLuuuJw
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:33:55 2024 by rpki-client on console-fra.rpki-client.org