Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/9C09B7B08C5B11EF97A33DAD762E951A.roa
File: 9C09B7B08C5B11EF97A33DAD762E951A.roa (raw, json)
Hash identifier: wxM38QraAKXmv7qmvp1uZQ/qgQObaM2CthIrnBfETSw=
Subject key identifier: D8:97:4C:EB:D7:B7:96:E7:C3:2D:12:00:0C:24:71:F3:B9:6B:07:ED
Certificate issuer: /CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Certificate serial: 26
Authority key identifier: 25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/9C09B7B08C5B11EF97A33DAD762E951A.roa
Signing time: Thu 17 Oct 2024 07:44:16 +0000
ROA not before: Thu 17 Oct 2024 07:44:12 +0000
ROA not after: Tue 17 Oct 2034 07:44:12 +0000
asID: 37680
IP address blocks: 154.0.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.mft
rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38 (0x26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FC6C8AF/serialNumber=2511BAD4078D4672ACF4324299218CE4855D039D
Validity
Not Before: Oct 17 07:44:12 2024 GMT
Not After : Oct 17 07:44:12 2034 GMT
Subject: CN=6710c050-0061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:01:6f:22:a1:90:88:73:05:ea:79:b7:d1:
9c:8b:e9:e6:ba:d0:14:1d:08:46:ec:17:10:c7:08:
f5:ab:5d:8d:04:2d:16:3d:a9:07:a9:e0:61:bd:63:
04:52:e9:3b:2e:46:ed:8a:fd:83:e8:97:f3:47:4e:
c0:92:f4:98:53:98:41:3f:80:6b:2f:54:89:dd:90:
0c:b5:4c:f1:51:30:e8:a2:b7:ea:78:97:82:bd:7b:
cd:23:b1:a6:3f:4a:f7:6c:f5:eb:63:9b:6c:01:83:
e8:e5:e4:08:62:a5:83:22:1f:e7:98:70:19:19:f3:
6c:67:c4:3f:c1:f1:4d:46:79:69:c0:dd:c6:45:6a:
29:04:ae:e3:ab:45:38:59:0f:81:bb:f6:4f:92:ba:
30:d0:a2:68:a4:18:2b:6e:07:30:27:0f:1b:17:04:
ea:d7:7e:df:ba:27:57:4a:db:52:61:82:2c:39:48:
b3:cd:04:79:86:98:c1:fe:bb:77:07:8e:6f:4f:a2:
e3:be:94:25:b9:d0:ad:30:74:3d:ee:ff:16:9f:bd:
05:ce:91:12:3f:23:bf:6b:60:45:ee:7f:f7:37:fe:
3e:60:a1:eb:5d:f5:94:cb:ba:9f:fb:f0:86:ad:f1:
95:38:25:72:54:ec:7a:7e:fc:30:4e:15:45:1f:2e:
e1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:97:4C:EB:D7:B7:96:E7:C3:2D:12:00:0C:24:71:F3:B9:6B:07:ED
X509v3 Authority Key Identifier:
keyid:25:11:BA:D4:07:8D:46:72:AC:F4:32:42:99:21:8C:E4:85:5D:03:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/JRG61AeNRnKs9DJCmSGM5IVdA50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JRG61AeNRnKs9DJCmSGM5IVdA50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/D37D2DA070E311EF84610147762E951A/9C09B7B08C5B11EF97A33DAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.0.0.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:7d:d3:86:d5:a4:fb:7b:08:09:87:71:06:48:98:f0:39:c4:
77:32:f3:62:4d:f1:b9:a4:11:ea:b1:e8:82:91:f9:02:ae:8e:
02:05:26:34:c0:6f:2f:99:29:cc:f7:fb:49:83:c0:3c:de:50:
a2:9f:5f:37:2a:36:a8:4b:46:a6:9c:b0:d7:74:0e:cc:91:0a:
9e:d3:f0:9e:24:0c:f6:b9:51:97:30:7e:ed:6e:98:2d:50:94:
6a:42:3e:b2:a7:71:c2:a0:b8:5d:6c:db:92:d5:61:f1:59:6e:
df:73:13:74:6d:f5:be:dd:1c:20:db:44:1a:28:e9:6a:fc:66:
97:ae:53:4f:c0:d1:e9:c2:fb:3a:81:9c:20:fe:a6:43:04:53:
6d:bf:13:b3:dd:62:ae:65:cd:62:66:6d:25:d1:09:34:91:6a:
8f:bd:c6:a0:77:d4:6f:18:9a:c6:16:2e:4a:90:65:d9:e2:0c:
f4:4e:3c:06:35:fa:16:6c:ca:74:97:4f:10:aa:0a:ce:2d:e4:
56:c0:f4:63:0e:e8:1e:f9:c9:17:9b:2a:d6:ac:de:07:56:cf:
94:56:55:c3:b4:8f:63:46:48:e9:a7:96:ad:68:de:f2:c4:64:
4d:26:21:b0:af:64:d9:eb:41:19:ad:4d:3d:7b:b7:74:8a:0c:
ed:d1:40:07
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QzZDOEFGMTEwLwYDVQQFEygyNTExQkFENDA3OEQ0NjcyQUNGNDMyNDI5OTIxOENF
NDg1NUQwMzlEMB4XDTI0MTAxNzA3NDQxMloXDTM0MTAxNzA3NDQxMlowGDEWMBQG
A1UEAxMNNjcxMGMwNTAtMDA2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlfAW8ioZCIcwXqebfRnIvp5rrQFB0IRuwXEMcI9atdjQQtFj2pB6ngYb1j
BFLpOy5G7Yr9g+iX80dOwJL0mFOYQT+Aay9Uid2QDLVM8VEw6KK36niXgr17zSOx
pj9K92z162ObbAGD6OXkCGKlgyIf55hwGRnzbGfEP8HxTUZ5acDdxkVqKQSu46tF
OFkPgbv2T5K6MNCiaKQYK24HMCcPGxcE6td+37onV0rbUmGCLDlIs80EeYaYwf67
dweOb0+i476UJbnQrTB0Pe7/Fp+9Bc6REj8jv2tgRe5/9zf+PmCh6131lMu6n/vw
hq3xlTglclTsen78ME4VRR8u4dMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTYl0zr
17eW58MtEgAMJHHzuWsH7TAfBgNVHSMEGDAWgBQlEbrUB41Gcqz0MkKZIYzkhV0D
nTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYyRTk1MUEvSlJHNjFB
ZU5SbktzOURKQ21TR001SVZkQTUwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSlJHNjFBZU5SbktzOURKQ21TR001SVZkQTUwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkM2QzgvRDM3RDJEQTA3MEUzMTFFRjg0NjEwMTQ3NzYy
RTk1MUEvOUMwOUI3QjA4QzVCMTFFRjk3QTMzREFENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJoAADANBgkqhkiG9w0BAQsF
AAOCAQEAsX3ThtWk+3sICYdxBkiY8DnEdzLzYk3xuaQR6rHogpH5Aq6OAgUmNMBv
L5kpzPf7SYPAPN5Qop9fNyo2qEtGppyw13QOzJEKntPwniQM9rlRlzB+7W6YLVCU
akI+sqdxwqC4XWzbktVh8Vlu33MTdG31vt0cINtEGijpavxml65TT8DR6cL7OoGc
IP6mQwRTbb8Ts91irmXNYmZtJdEJNJFqj73GoHfUbxiaxhYuSpBl2eIM9E48BjX6
FmzKdJdPEKoKzi3kVsD0Yw7oHvnJF5sq1qzeB1bPlFZVw7SPY0ZI6aeWrWje8sRk
TSYhsK9k2etBGa1NPXu3dIoM7dFABw==
-----END CERTIFICATE-----
Generated at Sun Nov 24 04:29:40 2024 by rpki-client on console-fra.rpki-client.org