Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0BDFA1FAC44511EFAB2D8BB3762E951A.roa
File: 0BDFA1FAC44511EFAB2D8BB3762E951A.roa (raw, json)
Hash identifier: DtU9vBNP6QS1TPBIAbERB9Xmca4FbFZJITdhy90oR2I=
Subject key identifier: F4:D3:1E:47:3B:21:B0:44:12:65:4F:E5:57:DF:1A:F3:0A:AA:0E:70
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1962
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0BDFA1FAC44511EFAB2D8BB3762E951A.roa
Signing time: Fri 27 Dec 2024 11:23:50 +0000
ROA not before: Fri 27 Dec 2024 11:23:47 +0000
ROA not after: Sun 27 Dec 2026 11:23:47 +0000
asID: 400039
IP address blocks: 154.16.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6498 (0x1962)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 27 11:23:47 2024 GMT
Not After : Dec 27 11:23:47 2026 GMT
Subject: CN=676e8e46-1664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:67:00:bb:43:04:61:6a:ac:11:86:b9:16:
98:43:66:b0:04:72:60:1c:d1:e7:19:7d:65:84:82:
e0:ed:ee:2d:37:12:18:3e:73:89:a2:4e:59:4d:76:
82:4e:ac:bf:2b:a0:8c:37:ba:e7:f8:18:08:80:f7:
21:c7:6d:62:02:50:66:6c:75:9d:74:7a:b8:60:13:
62:5d:b2:82:d7:78:f2:d4:da:a8:7b:ce:e9:d8:c9:
6d:10:ca:15:28:a2:d8:42:f4:5f:1e:90:80:fe:42:
33:ae:44:de:18:ed:41:39:ab:33:49:a6:6f:27:d5:
d5:27:64:04:61:7b:d4:a7:99:9e:ba:63:5c:42:f2:
ec:b4:d0:d3:77:d7:e7:17:19:e2:20:4c:12:b4:8a:
a5:3b:15:bf:fb:1d:64:1a:a2:5e:67:62:17:b7:b4:
41:18:af:2c:39:d0:1f:26:f0:97:90:44:7b:00:d5:
bd:4c:13:7f:24:01:a6:d2:c6:bd:f9:e7:5a:cf:81:
5d:ff:6f:a8:4c:20:8b:70:5f:ac:ea:89:70:f8:f9:
5b:00:01:61:c9:80:f3:b1:48:de:71:52:2c:7f:e3:
00:f0:3f:12:3a:0d:7d:f7:ae:45:bb:62:9d:f9:1f:
2f:c1:01:7d:09:d5:49:ee:e7:60:e4:d3:e2:5e:c4:
75:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D3:1E:47:3B:21:B0:44:12:65:4F:E5:57:DF:1A:F3:0A:AA:0E:70
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/0BDFA1FAC44511EFAB2D8BB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.37.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:91:0c:57:8c:04:f4:9e:b3:db:0e:94:c9:e4:d3:1c:8f:0d:
b8:c8:68:c1:e7:94:e8:49:97:fc:c3:c9:40:39:2b:ba:35:25:
59:da:0d:92:ab:64:8b:a3:d6:22:ed:20:80:13:c6:38:e9:cf:
60:41:24:d3:21:f2:f4:ac:35:ce:88:31:72:e9:8f:20:93:80:
28:95:54:f2:f8:f6:7a:26:00:e4:15:90:38:0c:ec:bb:bf:d2:
9b:ef:4c:1a:02:46:89:a5:dd:50:c6:10:35:a9:f1:d6:e8:d6:
2b:56:d6:f4:6b:f6:0d:40:fc:15:1b:20:f3:0d:10:3d:20:03:
7d:fd:51:f1:15:d6:d6:c5:09:09:9e:f2:1f:56:ab:5d:09:6f:
7d:f3:f1:e3:6a:6a:bc:49:fd:d8:cc:91:8b:0a:e8:1f:93:ca:
36:00:f5:e6:5f:19:73:28:76:9e:38:51:d1:79:cb:d1:08:4c:
fd:56:3b:1e:5d:ab:b7:f3:43:43:5c:64:dd:ff:8b:f1:b9:22:
be:26:0a:33:95:53:18:92:7d:51:7e:3f:d3:23:3a:f4:75:58:
90:79:39:df:a2:2e:57:28:d5:a7:f1:98:72:a5:49:00:df:cd:
6f:dc:7a:aa:b0:06:71:db:e1:3f:d1:b0:b8:af:3d:b7:1d:84:
96:0a:03:53
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGWIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjcxMTIzNDdaFw0yNjEyMjcxMTIzNDdaMBgxFjAU
BgNVBAMTDTY3NmU4ZTQ2LTE2NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0LmcAu0MEYWqsEYa5FphDZrAEcmAc0ecZfWWEguDt7i03Ehg+c4miTllN
doJOrL8roIw3uuf4GAiA9yHHbWICUGZsdZ10erhgE2JdsoLXePLU2qh7zunYyW0Q
yhUoothC9F8ekID+QjOuRN4Y7UE5qzNJpm8n1dUnZARhe9SnmZ66Y1xC8uy00NN3
1+cXGeIgTBK0iqU7Fb/7HWQaol5nYhe3tEEYryw50B8m8JeQRHsA1b1ME38kAabS
xr3551rPgV3/b6hMIItwX6zqiXD4+VsAAWHJgPOxSN5xUix/4wDwPxI6DX33rkW7
Yp35Hy/BAX0J1Unu52Dk0+JexHVrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9NMe
RzshsEQSZU/lV98a8wqqDnAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzBCREZBMUZBQzQ0NTExRUZBQjJEOEJCMzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECUwDQYJKoZIhvcNAQEL
BQADggEBALqRDFeMBPSes9sOlMnk0xyPDbjIaMHnlOhJl/zDyUA5K7o1JVnaDZKr
ZIuj1iLtIIATxjjpz2BBJNMh8vSsNc6IMXLpjyCTgCiVVPL49nomAOQVkDgM7Lu/
0pvvTBoCRoml3VDGEDWp8dbo1itW1vRr9g1A/BUbIPMNED0gA339UfEV1tbFCQme
8h9Wq10Jb33z8eNqarxJ/djMkYsK6B+TyjYA9eZfGXModp44UdF5y9EITP1WOx5d
q7fzQ0NcZN3/i/G5Ir4mCjOVUxiSfVF+P9MjOvR1WJB5Od+iLlco1afxmHKlSQDf
zW/ceqqwBnHb4T/RsLivPbcdhJYKA1M=
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:01:43 2025 by rpki-client