Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/182AE820E86811EEB837739A775412E6.roa
File: 182AE820E86811EEB837739A775412E6.roa (raw, json)
Hash identifier: NsHELgbmwb6ohE2cl+ER1zAEWcC0xyiLuLtjB3nd2JI=
Subject key identifier: F2:71:B2:02:DB:AC:3E:1A:FE:FF:20:44:25:26:46:87:34:1E:AC:99
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1567
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/182AE820E86811EEB837739A775412E6.roa
Signing time: Fri 22 Mar 2024 16:20:28 +0000
ROA not before: Fri 22 Mar 2024 16:20:24 +0000
ROA not after: Sun 22 Mar 2026 16:20:24 +0000
asID: 29802
IP address blocks: 154.16.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5479 (0x1567)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 22 16:20:24 2024 GMT
Not After : Mar 22 16:20:24 2026 GMT
Subject: CN=65fdafcb-ec95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:28:50:63:4f:ec:a8:39:5a:0a:29:29:36:
cc:5b:2b:e9:c5:f4:00:1a:8a:9f:63:52:1b:47:b5:
c4:7c:5e:a5:77:59:88:4d:d4:ed:97:6c:2b:4c:4e:
2f:a0:b1:9c:bb:9d:e4:4f:a9:1c:e0:18:53:35:ff:
00:bd:12:99:52:8f:ce:e3:b5:d6:0a:1e:34:02:9b:
3c:88:cf:d3:f4:65:51:31:96:8f:b5:b0:67:df:7a:
e6:78:cb:05:32:0d:bb:03:dd:17:46:5e:5d:77:be:
c3:b5:94:44:14:d0:10:1a:2a:ad:5d:95:11:55:18:
2d:40:5d:fe:ac:9f:49:85:8a:fd:30:7f:23:d0:58:
d0:c9:a6:6a:2c:55:4d:f5:7c:0a:c1:bb:f8:4a:d1:
6b:bc:46:87:03:8a:d4:bb:57:91:dd:64:e8:fd:23:
da:1b:ee:f1:3d:e5:79:03:9d:aa:dd:7b:73:d6:25:
c1:4c:8a:38:53:d5:11:20:79:2a:ac:42:73:f4:55:
6b:67:c6:9c:9a:ca:63:51:a2:e5:04:78:45:bd:5f:
84:35:ca:b6:aa:b8:fb:68:03:21:a8:40:b2:29:4e:
33:09:bd:1c:0c:25:73:96:ad:e1:ba:d6:33:33:f0:
98:ae:6d:35:49:da:3c:dd:98:d8:7d:bc:9e:86:bc:
9b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:71:B2:02:DB:AC:3E:1A:FE:FF:20:44:25:26:46:87:34:1E:AC:99
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/182AE820E86811EEB837739A775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.57.0/24
Signature Algorithm: sha256WithRSAEncryption
af:6a:90:99:7f:dd:13:a4:49:f6:4e:60:c9:3e:d8:88:81:9f:
82:39:2c:5f:bb:17:18:ac:2a:ea:04:29:80:ab:29:16:e4:70:
f1:f9:ef:d1:d9:56:85:5c:33:57:41:fe:e5:ac:ea:6f:81:6f:
0d:cf:96:30:62:ee:34:2f:69:1e:25:0e:a8:ae:e3:a7:0e:d5:
e6:b7:ac:24:f2:15:3d:e3:e9:4c:54:69:24:a5:bf:5c:df:14:
be:d0:bf:2c:5f:d8:7c:4e:80:1b:71:58:f8:39:83:0a:3f:c0:
0b:66:90:1f:dc:49:4b:a9:38:10:1d:36:5f:1d:9e:4c:e6:47:
d7:5b:1f:d2:e8:68:cc:c9:54:d4:16:b2:fc:63:55:ba:a6:8e:
a0:f5:4e:ac:5b:4f:42:47:44:f1:98:56:ff:55:88:4a:87:a0:
64:56:96:cf:0d:3d:3b:56:4a:94:9b:63:d6:32:00:8c:2d:48:
f2:5b:58:7d:c0:79:05:56:2a:67:1f:14:97:d6:a4:b2:3d:0d:
ed:f8:e5:3e:4d:54:70:50:0f:1f:de:99:8d:40:be:eb:dc:7b:
08:4c:6d:0c:34:83:38:7d:88:2f:6c:78:fd:d7:20:23:63:17:
79:81:d1:8d:62:9f:00:f6:a3:45:e0:32:64:67:90:f6:9c:7d:
45:93:19:28
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFWcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMjIxNjIwMjRaFw0yNjAzMjIxNjIwMjRaMBgxFjAU
BgNVBAMTDTY1ZmRhZmNiLWVjOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDF1ChQY0/sqDlaCikpNsxbK+nF9AAaip9jUhtHtcR8XqV3WYhN1O2XbCtM
Ti+gsZy7neRPqRzgGFM1/wC9EplSj87jtdYKHjQCmzyIz9P0ZVExlo+1sGffeuZ4
ywUyDbsD3RdGXl13vsO1lEQU0BAaKq1dlRFVGC1AXf6sn0mFiv0wfyPQWNDJpmos
VU31fArBu/hK0Wu8RocDitS7V5HdZOj9I9ob7vE95XkDnarde3PWJcFMijhT1REg
eSqsQnP0VWtnxpyaymNRouUEeEW9X4Q1yraquPtoAyGoQLIpTjMJvRwMJXOWreG6
1jMz8JiubTVJ2jzdmNh9vJ6GvJulAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8nGy
AtusPhr+/yBEJSZGhzQerJkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzE4MkFFODIwRTg2ODExRUVCODM3NzM5QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDkwDQYJKoZIhvcNAQEL
BQADggEBAK9qkJl/3ROkSfZOYMk+2IiBn4I5LF+7FxisKuoEKYCrKRbkcPH579HZ
VoVcM1dB/uWs6m+Bbw3PljBi7jQvaR4lDqiu46cO1ea3rCTyFT3j6UxUaSSlv1zf
FL7Qvyxf2HxOgBtxWPg5gwo/wAtmkB/cSUupOBAdNl8dnkzmR9dbH9LoaMzJVNQW
svxjVbqmjqD1TqxbT0JHRPGYVv9ViEqHoGRWls8NPTtWSpSbY9YyAIwtSPJbWH3A
eQVWKmcfFJfWpLI9De345T5NVHBQDx/emY1AvuvcewhMbQw0gzh9iC9seP3XICNj
F3mB0Y1inwD2o0XgMmRnkPacfUWTGSg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:55 2025 by rpki-client