Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCB8711A96B411EF924DD963762E951A.roa
File: FCB8711A96B411EF924DD963762E951A.roa (raw, json)
Hash identifier: xJg5TyOeTNui9PWHjIKuwsOzPR+oGCktCQ/dUar81ys=
Subject key identifier: D0:E2:B9:B2:A4:E2:3F:92:E6:FB:B6:8E:00:4D:A0:85:F4:16:47:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01041B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCB8711A96B411EF924DD963762E951A.roa
Signing time: Wed 30 Oct 2024 11:49:16 +0000
ROA not before: Wed 30 Oct 2024 11:49:10 +0000
ROA not after: Wed 11 Dec 2024 11:49:10 +0000
asID: 138915
IP address blocks: 154.203.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Nov 2024 00:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66587 (0x1041b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Oct 30 11:49:10 2024 GMT
Not After : Dec 11 11:49:10 2024 GMT
Subject: CN=67221d3b-2c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:13:8f:71:6d:3e:56:59:65:a3:ae:9a:49:
1d:c3:3e:92:b3:79:e0:83:6f:3d:37:25:35:2a:ec:
7b:53:5d:32:6b:4f:c1:a8:34:6e:16:a3:75:f3:06:
b9:9d:56:06:31:d4:62:c8:cb:6e:72:e4:d4:72:77:
6c:fa:95:fa:ed:96:6e:8c:91:70:1e:76:fa:76:06:
01:81:60:16:d8:34:12:c2:19:12:f3:7f:b3:d3:3a:
fb:a0:28:9d:2e:78:c1:e7:6e:93:4e:15:3d:a3:59:
5a:86:46:2c:e8:ec:5f:4c:39:d6:4f:3a:a7:a1:62:
9f:58:9d:6b:00:e0:09:a9:85:7b:5a:5d:b9:08:23:
8d:0c:8e:34:b6:78:99:76:19:68:22:82:89:62:b7:
fb:da:c4:9a:82:b9:dc:22:f5:e3:4d:8d:97:d9:3a:
bb:df:9c:b3:df:71:57:9d:ae:da:a1:cd:e5:a7:5c:
36:e3:dc:50:5f:ab:1e:f2:7a:98:b5:ca:6c:4a:b1:
02:cf:0a:7e:2b:ec:55:9a:ab:70:17:c6:7f:0d:c4:
56:43:29:1e:e2:d0:00:53:d5:7e:e4:ea:c2:e1:89:
21:a0:1e:47:97:75:8a:7f:be:ae:7e:e9:6f:69:53:
78:81:eb:d0:f6:70:7d:4e:a1:2f:b7:6c:c6:81:02:
b6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E2:B9:B2:A4:E2:3F:92:E6:FB:B6:8E:00:4D:A0:85:F4:16:47:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FCB8711A96B411EF924DD963762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.156.0/22
Signature Algorithm: sha256WithRSAEncryption
21:45:1e:9b:da:77:e0:5a:15:4b:99:86:41:a8:5c:51:fe:6c:
87:d5:e6:e2:8a:ba:39:56:26:ca:a0:5e:69:3f:67:5d:9a:73:
5b:dc:07:55:f5:db:30:43:3b:72:b5:0c:44:e6:fb:b7:33:25:
89:09:98:f8:b8:0b:2c:5b:17:ac:d3:e5:e2:b9:20:58:2c:bf:
d4:28:fd:a5:3c:f5:21:7c:6b:fd:23:0e:a5:be:54:92:11:d3:
3f:79:68:2b:28:0b:20:46:f4:bf:28:c0:fd:7d:a1:18:8e:d6:
c9:c2:c3:17:92:cb:44:99:20:8c:ce:11:5b:ac:55:8e:91:76:
0b:96:e1:cf:53:ec:6c:ac:16:d2:9f:95:88:13:e1:a1:51:d2:
af:07:b4:fb:a2:1c:d6:75:14:b7:31:7c:b7:0f:16:31:6b:89:
1e:6c:ae:f6:c7:06:0a:69:6a:db:3f:f7:10:59:a8:a5:0e:b5:
7b:ef:09:20:80:7c:b6:71:f2:74:01:1d:fb:0e:a9:aa:a7:79:
c0:f4:28:bf:d3:77:49:98:5c:a4:45:bb:52:20:ef:49:73:9a:
ee:7f:b9:cc:d1:a9:ca:d0:af:ad:cb:62:eb:b6:b5:17:4b:50:
37:ce:b0:00:6b:ec:13:96:85:36:e8:8a:83:b0:98:54:47:a3:
f1:2b:2e:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAQQbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMDMwMTE0OTEwWhcNMjQxMjExMTE0OTEwWjAYMRYw
FAYDVQQDEw02NzIyMWQzYi0yYzc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt1MTj3FtPlZZZaOumkkdwz6Ss3ngg289NyU1Kux7U10ya0/BqDRuFqN1
8wa5nVYGMdRiyMtucuTUcnds+pX67ZZujJFwHnb6dgYBgWAW2DQSwhkS83+z0zr7
oCidLnjB526TThU9o1lahkYs6OxfTDnWTzqnoWKfWJ1rAOAJqYV7Wl25CCONDI40
tniZdhloIoKJYrf72sSagrncIvXjTY2X2Tq735yz33FXna7aoc3lp1w249xQX6se
8nqYtcpsSrECzwp+K+xVmqtwF8Z/DcRWQyke4tAAU9V+5OrC4YkhoB5Hl3WKf76u
fulvaVN4gevQ9nB9TqEvt2zGgQK2YwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNDi
ubKk4j+S5vu2jgBNoIX0FkcAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GQ0I4NzExQTk2QjQxMUVGOTI0REQ5NjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsucMA0GCSqGSIb3DQEB
CwUAA4IBAQAhRR6b2nfgWhVLmYZBqFxR/myH1ebiiro5VibKoF5pP2ddmnNb3AdV
9dswQztytQxE5vu3MyWJCZj4uAssWxes0+XiuSBYLL/UKP2lPPUhfGv9Iw6lvlSS
EdM/eWgrKAsgRvS/KMD9faEYjtbJwsMXkstEmSCMzhFbrFWOkXYLluHPU+xsrBbS
n5WIE+GhUdKvB7T7ohzWdRS3MXy3DxYxa4kebK72xwYKaWrbP/cQWailDrV77wkg
gHy2cfJ0AR37Dqmqp3nA9Ci/03dJmFykRbtSIO9Jc5ruf7nM0anK0K+ty2LrtrUX
S1A3zrAAa+wTloU26IqDsJhUR6PxKy5/
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:34:47 2024 by rpki-client on console-ams.rpki-client.org