Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/22BA7AD8EF5311EFAA394CB9762E951A.roa
File: 22BA7AD8EF5311EFAA394CB9762E951A.roa (raw, json)
Hash identifier: 4Wd/W9uirCLjVeuHVTmCziM31j53rr/OEtEq3eVsHAM=
Subject key identifier: 0E:CC:08:52:C9:38:4D:43:45:28:C7:3B:BD:C0:FB:62:DB:2F:F2:10
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A10
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/22BA7AD8EF5311EFAA394CB9762E951A.roa
Signing time: Thu 20 Feb 2025 06:23:02 +0000
ROA not before: Thu 20 Feb 2025 06:22:58 +0000
ROA not after: Sat 20 Feb 2027 06:22:58 +0000
asID: 834
IP address blocks: 154.16.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6672 (0x1a10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 20 06:22:58 2025 GMT
Not After : Feb 20 06:22:58 2027 GMT
Subject: CN=67b6ca45-8512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:95:d5:27:59:7b:5c:ca:f4:37:67:6c:72:71:
7b:85:4e:49:45:8f:f9:31:1c:e6:62:f3:ae:42:5b:
a3:cf:5d:6b:83:d5:b7:62:57:d1:d2:e4:94:f0:e0:
13:18:41:1a:2f:60:ce:62:2e:44:cd:fa:96:26:1b:
3d:b2:be:fb:6f:5a:c4:b7:84:61:ca:78:ec:97:cb:
bc:d6:20:fa:ce:f2:43:2d:01:35:bf:14:81:60:c6:
4b:aa:1e:97:ca:d2:00:d7:14:2c:0f:e9:7f:09:97:
4c:21:2b:f3:7e:07:7a:ea:15:36:6e:0b:b4:27:95:
c1:d6:d6:0c:32:cf:e6:3a:40:1e:5f:ee:a6:0c:79:
38:14:c6:a4:0b:9c:ce:99:e9:19:8b:ba:8a:9d:a0:
27:01:c6:7e:25:2d:e2:09:c1:b2:56:45:d5:81:91:
48:ee:8f:9e:bd:dc:59:94:7a:bf:5d:0d:24:cc:61:
4f:3a:80:02:3e:52:b4:91:58:26:33:ad:60:9a:bf:
06:95:c8:34:85:90:95:d4:3a:43:69:85:b0:24:f4:
70:84:27:23:a7:2d:79:fb:39:82:7f:40:b6:cc:fc:
d5:2f:d8:bb:42:ed:20:92:bc:75:7d:e7:be:b7:7b:
0a:69:4e:d5:29:8d:46:b7:bc:9d:c4:05:03:ae:ee:
5c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CC:08:52:C9:38:4D:43:45:28:C7:3B:BD:C0:FB:62:DB:2F:F2:10
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/22BA7AD8EF5311EFAA394CB9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.203.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:b4:9f:8f:b7:6f:c1:f1:80:bc:fe:49:40:c0:d4:ee:9b:62:
e7:f8:a2:7d:13:64:ee:51:9b:76:3e:39:6b:c3:2f:e0:fc:90:
03:b0:3f:f6:f5:43:8d:3a:f0:27:7c:d5:1b:f5:5a:c7:d3:5a:
29:da:91:83:56:41:a0:2d:6d:52:fc:02:ec:ab:74:35:7c:1c:
08:14:c8:14:78:75:f3:55:d8:ea:4c:ee:eb:2c:bc:1f:f0:f2:
01:43:37:d0:5c:67:05:6c:08:41:52:5e:72:d7:a4:9e:b8:18:
f4:80:65:ec:90:75:12:67:8f:a1:6d:cc:d0:75:84:08:9e:80:
0c:20:0e:1b:ae:68:4b:6e:68:20:3c:5e:86:71:9f:b6:70:58:
07:bf:77:ea:ec:55:fc:f9:f0:80:f1:24:ad:b8:e4:c4:61:87:
b1:c6:4c:3d:f8:95:69:db:c8:6e:7d:75:61:c7:f4:6c:cd:f8:
54:06:de:1b:c3:36:c6:f9:29:c0:1b:3e:02:72:37:ce:d4:b7:
85:20:c1:03:63:cc:97:bf:58:c9:60:76:9e:6f:0f:4a:18:4e:
f8:01:0e:c7:f8:9c:54:05:10:6c:37:d8:90:45:19:69:30:01:
40:74:64:63:c1:5c:80:c6:09:b1:dc:61:78:e5:0c:50:96:54:
7f:6b:cb:34
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGhAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMjAwNjIyNThaFw0yNzAyMjAwNjIyNThaMBgxFjAU
BgNVBAMTDTY3YjZjYTQ1LTg1MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIldUnWXtcyvQ3Z2xycXuFTklFj/kxHOZi865CW6PPXWuD1bdiV9HS5JTw
4BMYQRovYM5iLkTN+pYmGz2yvvtvWsS3hGHKeOyXy7zWIPrO8kMtATW/FIFgxkuq
HpfK0gDXFCwP6X8Jl0whK/N+B3rqFTZuC7QnlcHW1gwyz+Y6QB5f7qYMeTgUxqQL
nM6Z6RmLuoqdoCcBxn4lLeIJwbJWRdWBkUjuj5693FmUer9dDSTMYU86gAI+UrSR
WCYzrWCavwaVyDSFkJXUOkNphbAk9HCEJyOnLXn7OYJ/QLbM/NUv2LtC7SCSvHV9
5763ewppTtUpjUa3vJ3EBQOu7lzRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUDswI
Usk4TUNFKMc7vcD7Ytsv8hAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzIyQkE3QUQ4RUY1MzExRUZBQTM5NENCOTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMswDQYJKoZIhvcNAQEL
BQADggEBAMe0n4+3b8HxgLz+SUDA1O6bYuf4on0TZO5Rm3Y+OWvDL+D8kAOwP/b1
Q4068Cd81Rv1WsfTWinakYNWQaAtbVL8AuyrdDV8HAgUyBR4dfNV2OpM7ussvB/w
8gFDN9BcZwVsCEFSXnLXpJ64GPSAZeyQdRJnj6FtzNB1hAiegAwgDhuuaEtuaCA8
XoZxn7ZwWAe/d+rsVfz58IDxJK245MRhh7HGTD34lWnbyG59dWHH9GzN+FQG3hvD
Nsb5KcAbPgJyN87Ut4UgwQNjzJe/WMlgdp5vD0oYTvgBDsf4nFQFEGw32JBFGWkw
AUB0ZGPBXIDGCbHcYXjlDFCWVH9ryzQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:58:58 2025 by rpki-client