Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B195A7BAF9A411ED957D4A3B4AD9E6FC.roa
File: B195A7BAF9A411ED957D4A3B4AD9E6FC.roa (raw, json)
Hash identifier: Y5YvaLmhub1nxcwl5eb4bQOESMfgWE/T4ae+Mw/6Ke0=
Subject key identifier: B9:E6:C3:F5:E2:0D:E6:25:7D:92:9E:61:49:29:B8:FB:21:5D:B8:5A
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0DCF
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B195A7BAF9A411ED957D4A3B4AD9E6FC.roa
Signing time: Tue 23 May 2023 20:02:07 +0000
ROA not before: Tue 23 May 2023 20:02:01 +0000
ROA not after: Fri 23 May 2025 20:02:01 +0000
asID: 46337
IP address blocks: 154.16.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 23 May 2024 00:04:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3535 (0xdcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 23 20:02:01 2023 GMT
Not After : May 23 20:02:01 2025 GMT
Subject: CN=646d1bbf-1759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:32:dc:df:0a:a6:c6:77:2a:b2:d7:3d:40:7f:
20:78:9c:c4:a0:61:65:87:85:f2:f1:f3:b1:f2:fd:
a1:06:5e:c5:57:9f:c3:a8:ca:82:ee:fe:8d:fd:fa:
ed:a0:e1:0f:91:df:5a:9b:36:4c:ce:d5:ea:b0:df:
5e:02:8d:94:4b:85:fa:05:e5:77:5c:91:e4:a7:62:
93:4c:c8:c5:6b:6f:8a:11:a3:7d:3c:2f:97:87:d6:
46:cc:95:05:99:b5:d8:9e:05:6d:35:dc:92:5f:8a:
9d:c2:8b:5c:d5:08:9f:fe:c0:24:eb:1a:35:13:73:
be:46:01:bf:da:eb:4a:1f:8e:39:94:d8:b7:1b:1c:
47:38:8f:a4:19:4a:11:08:c0:62:06:62:1d:6b:50:
28:21:7e:1e:c8:3d:43:94:4c:1f:87:31:af:6b:2a:
30:31:f7:a8:29:1c:0c:20:64:e1:ed:2c:96:e7:05:
d9:72:48:f3:3d:a9:ec:14:61:e0:32:c7:dd:d5:59:
31:94:f1:3b:2d:f0:17:b4:cd:ba:3b:6d:a9:45:11:
3f:1a:a2:d3:d7:d4:8f:45:40:a8:44:5c:72:42:11:
78:c9:eb:cf:18:f4:6b:31:c9:98:34:19:9e:35:d0:
51:f0:23:8f:39:b5:b6:e4:89:30:d3:97:4e:47:b6:
67:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E6:C3:F5:E2:0D:E6:25:7D:92:9E:61:49:29:B8:FB:21:5D:B8:5A
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B195A7BAF9A411ED957D4A3B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.114.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:34:64:21:9c:df:ed:9d:b3:a5:e9:a4:ba:56:5d:a9:41:a2:
8f:0a:7c:d2:0a:8b:cf:82:7c:f9:9a:c9:42:9d:28:9c:67:92:
c5:04:c9:f5:71:89:92:88:d0:1a:fb:51:b6:a5:23:2f:09:a5:
74:ec:7b:8d:49:11:aa:4b:fe:cc:bc:ec:98:f7:50:e4:ba:6a:
0b:68:c4:ae:35:18:1e:8d:e3:ed:45:87:1c:b1:ec:e3:06:40:
f4:43:18:6d:c3:dc:e8:e8:88:3a:8a:a7:b2:f6:97:f4:eb:38:
aa:fb:ed:ff:99:b4:40:51:a4:94:7a:8a:d3:fa:11:3e:af:79:
10:c2:28:c1:80:f1:8c:b4:d9:c9:26:58:40:94:9f:96:87:57:
a2:42:1d:1d:35:4d:2e:8a:9d:d1:a2:4a:93:b7:09:20:62:e9:
f7:69:e3:b3:91:2e:f0:0a:a4:18:cd:5c:74:0e:fe:8e:df:f0:
cf:f0:a0:86:12:2a:f1:0c:da:78:39:b4:55:86:1e:9b:49:78:
16:dc:9f:6f:33:74:69:32:a6:ef:29:e5:86:fc:aa:b9:2f:3f:
57:ee:06:61:2c:83:54:cb:76:41:0c:5c:0f:1d:99:d6:0a:01:
50:b8:52:75:46:5b:97:28:41:d5:20:c8:57:7f:8f:7a:67:85:
98:01:ee:84
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDc8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA1MjMyMDAyMDFaFw0yNTA1MjMyMDAyMDFaMBgxFjAU
BgNVBAMTDTY0NmQxYmJmLTE3NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6MtzfCqbGdyqy1z1AfyB4nMSgYWWHhfLx87Hy/aEGXsVXn8OoyoLu/o39
+u2g4Q+R31qbNkzO1eqw314CjZRLhfoF5XdckeSnYpNMyMVrb4oRo308L5eH1kbM
lQWZtdieBW013JJfip3Ci1zVCJ/+wCTrGjUTc75GAb/a60ofjjmU2LcbHEc4j6QZ
ShEIwGIGYh1rUCghfh7IPUOUTB+HMa9rKjAx96gpHAwgZOHtLJbnBdlySPM9qewU
YeAyx93VWTGU8Tst8Be0zbo7balFET8aotPX1I9FQKhEXHJCEXjJ688Y9GsxyZg0
GZ410FHwI485tbbkiTDTl05HtmcLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUuebD
9eIN5iV9kp5hSSm4+yFduFowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0IxOTVBN0JBRjlBNDExRUQ5NTdENEEzQjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHIwDQYJKoZIhvcNAQEL
BQADggEBADs0ZCGc3+2ds6XppLpWXalBoo8KfNIKi8+CfPmayUKdKJxnksUEyfVx
iZKI0Br7UbalIy8JpXTse41JEapL/sy87Jj3UOS6agtoxK41GB6N4+1Fhxyx7OMG
QPRDGG3D3OjoiDqKp7L2l/TrOKr77f+ZtEBRpJR6itP6ET6veRDCKMGA8Yy02ckm
WECUn5aHV6JCHR01TS6KndGiSpO3CSBi6fdp47ORLvAKpBjNXHQO/o7f8M/woIYS
KvEM2ng5tFWGHptJeBbcn28zdGkypu8p5Yb8qrkvP1fuBmEsg1TLdkEMXA8dmdYK
AVC4UnVGW5coQdUgyFd/j3pnhZgB7oQ=
-----END CERTIFICATE-----
Generated at Tue May 21 01:50:06 2024 by rpki-client on console-ams.rpki-client.org