Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1C7D3220C44A11EFA1D43155762E951A.roa
File: 1C7D3220C44A11EFA1D43155762E951A.roa (raw, json)
Hash identifier: a7puqxYZ/DEd78WQefg1my3ato3W+NGXBegG/OkqR6s=
Subject key identifier: 4D:45:DE:A3:39:9B:4A:1A:09:3B:2D:88:10:8D:1F:71:E0:EE:BB:83
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 196E
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1C7D3220C44A11EFA1D43155762E951A.roa
Signing time: Fri 27 Dec 2024 12:00:06 +0000
ROA not before: Fri 27 Dec 2024 12:00:02 +0000
ROA not after: Sun 27 Dec 2026 12:00:02 +0000
asID: 212238
IP address blocks: 154.16.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6510 (0x196e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 27 12:00:02 2024 GMT
Not After : Dec 27 12:00:02 2026 GMT
Subject: CN=676e96c6-de57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:d3:88:f8:4f:c8:90:ca:55:11:09:6e:b1:3b:
cc:78:ae:6c:ee:0a:1c:c1:b8:f0:e3:00:25:2f:3f:
cb:df:c2:88:07:fe:93:8d:1d:4b:fe:25:98:d3:8a:
d6:a7:42:ac:77:e7:94:7c:85:7e:75:92:c3:4b:3c:
32:76:ad:f1:e7:58:cf:96:d9:b0:9b:7b:1d:6d:34:
62:e6:89:e1:90:71:4d:72:01:be:e3:3e:74:97:d0:
39:0d:c4:bb:c3:45:f2:54:5a:16:56:71:4a:c7:69:
5b:7d:2f:41:2a:17:8e:e0:ee:d2:28:0f:74:53:e8:
1a:be:c1:a2:fb:55:07:c6:45:c6:b2:77:c7:f5:2b:
e1:31:b1:49:01:ae:81:bb:96:01:bb:70:bd:cf:6e:
a3:02:8f:3b:91:d8:1a:88:99:dd:37:8a:7b:2c:07:
b8:a0:31:2c:7e:45:57:26:e3:9d:3b:4c:61:2d:f2:
b6:d9:25:79:23:82:e9:84:d9:23:05:d9:e6:bb:8b:
3a:3a:94:82:f5:6e:84:c6:ce:22:f5:f0:83:57:bd:
6d:4d:0f:8b:fd:3a:a6:d5:0e:63:49:95:2c:bb:33:
c2:8c:87:93:23:02:c4:69:2f:2c:5e:b9:e9:a7:01:
00:3a:fb:11:d6:c6:f8:64:2e:ee:8b:3e:0c:26:08:
07:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:45:DE:A3:39:9B:4A:1A:09:3B:2D:88:10:8D:1F:71:E0:EE:BB:83
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/1C7D3220C44A11EFA1D43155762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.149.0/24
Signature Algorithm: sha256WithRSAEncryption
99:2d:d5:01:d7:3e:95:ba:67:de:20:cc:5b:cd:de:43:94:58:
b0:c7:d6:a5:dd:fc:28:16:1e:27:f8:ec:44:11:cf:f4:1e:8e:
1a:80:f4:bb:90:a6:a5:2f:ff:7e:37:17:4b:4a:46:2e:02:04:
c0:88:ed:fe:a2:47:f4:14:ac:77:c8:4e:aa:78:31:9d:c4:64:
87:04:e0:d9:7f:49:2c:d6:bc:b6:9e:dd:a2:eb:43:55:5c:56:
b5:bc:93:9e:90:94:37:60:b8:b9:3d:f0:ec:15:6e:e7:23:ce:
14:45:59:18:89:7f:fc:be:1e:00:e6:c9:f6:ab:64:40:f2:89:
29:53:4c:82:22:b3:36:2d:fe:8b:f8:f9:55:13:6c:ae:f9:d8:
2f:b7:5f:95:eb:28:1b:99:87:26:bd:65:67:8d:af:96:99:ce:
90:12:77:07:47:b0:07:87:1a:81:09:57:79:d9:2d:17:78:78:
25:ed:40:de:1d:0c:18:7d:4b:9b:e4:4d:d0:27:30:6c:a2:c4:
53:0e:e7:05:4e:96:87:17:fc:dd:3f:43:cf:6f:a6:48:f3:f7:
1e:ae:98:e8:38:43:09:7a:ac:c9:09:71:54:44:c9:a4:11:08:
3b:ce:5b:7d:71:3f:9a:fa:60:bb:ba:87:b6:fd:8c:ce:b7:62:
80:67:c9:70
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGW4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjcxMjAwMDJaFw0yNjEyMjcxMjAwMDJaMBgxFjAU
BgNVBAMTDTY3NmU5NmM2LWRlNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD204j4T8iQylURCW6xO8x4rmzuChzBuPDjACUvP8vfwogH/pONHUv+JZjT
itanQqx355R8hX51ksNLPDJ2rfHnWM+W2bCbex1tNGLmieGQcU1yAb7jPnSX0DkN
xLvDRfJUWhZWcUrHaVt9L0EqF47g7tIoD3RT6Bq+waL7VQfGRcayd8f1K+ExsUkB
roG7lgG7cL3PbqMCjzuR2BqImd03inssB7igMSx+RVcm4507TGEt8rbZJXkjgumE
2SMF2ea7izo6lIL1boTGziL18INXvW1ND4v9OqbVDmNJlSy7M8KMh5MjAsRpLyxe
uemnAQA6+xHWxvhkLu6LPgwmCAfDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUTUXe
ozmbShoJOy2IEI0fceDuu4MwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzFDN0QzMjIwQzQ0QTExRUZBMUQ0MzE1NTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJUwDQYJKoZIhvcNAQEL
BQADggEBAJkt1QHXPpW6Z94gzFvN3kOUWLDH1qXd/CgWHif47EQRz/QejhqA9LuQ
pqUv/343F0tKRi4CBMCI7f6iR/QUrHfITqp4MZ3EZIcE4Nl/SSzWvLae3aLrQ1Vc
VrW8k56QlDdguLk98OwVbucjzhRFWRiJf/y+HgDmyfarZEDyiSlTTIIiszYt/ov4
+VUTbK752C+3X5XrKBuZhya9ZWeNr5aZzpASdwdHsAeHGoEJV3nZLRd4eCXtQN4d
DBh9S5vkTdAnMGyixFMO5wVOlocX/N0/Q89vpkjz9x6umOg4Qwl6rMkJcVREyaQR
CDvOW31xP5r6YLu6h7b9jM63YoBnyXA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:56:23 2025 by rpki-client