Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AC8CDCAE86911EEA6A909A4775412E6.roa
File: 2AC8CDCAE86911EEA6A909A4775412E6.roa (raw, json)
Hash identifier: SiLh4ZJE43La2UiouxWpUtBu5w/0J4fx+PzfRuSZYks=
Subject key identifier: C5:F3:07:0B:B0:8E:9F:DD:46:31:44:BE:BE:1D:FA:89:29:9B:72:31
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1571
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AC8CDCAE86911EEA6A909A4775412E6.roa
Signing time: Fri 22 Mar 2024 16:28:08 +0000
ROA not before: Fri 22 Mar 2024 16:28:05 +0000
ROA not after: Sun 22 Mar 2026 16:28:05 +0000
asID: 29802
IP address blocks: 154.16.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5489 (0x1571)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 22 16:28:05 2024 GMT
Not After : Mar 22 16:28:05 2026 GMT
Subject: CN=65fdb198-a0f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:cb:eb:f3:48:2f:da:53:5f:f1:ec:fc:09:78:
67:03:c8:18:84:55:ec:26:e9:81:26:27:57:9f:12:
c3:07:06:6e:ed:5d:e0:db:fb:4b:15:4f:cd:32:56:
d3:8f:93:44:23:69:bd:a9:68:ea:7a:d3:1a:45:4e:
a5:2b:61:90:1e:fd:a2:71:3b:e5:df:59:d0:bf:de:
1f:7c:35:46:93:34:9f:14:13:fa:dd:80:7d:44:dc:
63:1d:ed:95:22:30:09:30:9b:5c:93:bd:18:ff:30:
7e:75:8f:85:55:6c:61:cb:5c:c8:a3:c4:5c:d0:66:
07:42:1e:6d:03:86:db:bb:c4:e4:0d:5a:75:e2:2d:
7d:1e:47:7c:85:00:eb:c8:9d:35:18:b4:8d:5a:f8:
3a:1b:ce:80:b6:d8:86:b6:db:f3:ea:db:ce:a6:78:
ef:e1:41:8d:63:80:76:a4:f6:1e:c4:e1:c9:37:6d:
cb:ce:96:81:50:6b:f5:55:a5:66:9f:2d:96:32:a9:
09:d5:d7:01:19:d1:14:41:01:77:6b:6e:0e:9d:30:
91:73:4c:b4:33:28:71:d4:8a:3a:24:fa:c7:4b:89:
6f:87:65:7c:56:f2:e6:12:73:63:20:ab:69:53:51:
1c:1b:1d:3f:36:01:4c:5f:43:12:1d:a2:cc:75:0d:
a7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F3:07:0B:B0:8E:9F:DD:46:31:44:BE:BE:1D:FA:89:29:9B:72:31
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2AC8CDCAE86911EEA6A909A4775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.210.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:7d:5d:d0:5f:da:e2:49:fa:7e:8a:e4:65:21:c8:9e:2d:0c:
49:14:f7:81:d5:d4:35:ee:d2:03:56:63:3a:b8:54:e2:b1:cc:
c3:36:fe:6a:c7:20:15:b9:57:4d:02:2f:75:5e:3a:3e:34:9b:
34:26:a1:49:80:fe:9b:c4:69:47:82:7a:8d:e8:8c:1f:66:ef:
08:99:16:ef:d7:a4:09:ee:45:8a:ef:4e:dc:1e:3b:f4:2d:22:
38:1f:33:f5:bf:a7:8a:ac:4f:de:66:f6:b5:2c:71:b9:b3:b2:
0b:dc:3c:4e:0a:23:e7:a7:d3:20:c4:17:06:99:c3:fd:e1:ae:
35:ad:ad:64:ce:0d:e4:03:05:de:dc:3b:2c:cb:45:98:9d:8c:
36:17:77:fd:de:5f:49:87:9e:7e:00:ea:8a:ba:b0:6b:10:f0:
6e:5d:a1:53:86:bc:0d:18:80:dd:f4:dd:36:0f:1b:d3:8f:5b:
4b:6e:7f:f7:6d:e5:c7:3e:25:1d:20:ab:49:88:47:d2:0a:85:
34:c2:c3:28:6a:d1:5c:b1:c6:74:27:ff:a3:66:a5:e2:22:81:
92:97:48:77:29:42:01:36:42:82:4a:95:1d:48:6c:08:5f:0b:
3d:e5:dc:5e:46:05:b3:08:6e:ef:50:6f:99:90:72:bd:f8:c1:
b1:64:85:7e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFXEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMjIxNjI4MDVaFw0yNjAzMjIxNjI4MDVaMBgxFjAU
BgNVBAMTDTY1ZmRiMTk4LWEwZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDty+vzSC/aU1/x7PwJeGcDyBiEVewm6YEmJ1efEsMHBm7tXeDb+0sVT80y
VtOPk0Qjab2paOp60xpFTqUrYZAe/aJxO+XfWdC/3h98NUaTNJ8UE/rdgH1E3GMd
7ZUiMAkwm1yTvRj/MH51j4VVbGHLXMijxFzQZgdCHm0Dhtu7xOQNWnXiLX0eR3yF
AOvInTUYtI1a+DobzoC22Ia22/Pq286meO/hQY1jgHak9h7E4ck3bcvOloFQa/VV
pWafLZYyqQnV1wEZ0RRBAXdrbg6dMJFzTLQzKHHUijok+sdLiW+HZXxW8uYSc2Mg
q2lTURwbHT82AUxfQxIdosx1Dad5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxfMH
C7COn91GMUS+vh36iSmbcjEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJBQzhDRENBRTg2OTExRUVBNkE5MDlBNDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENIwDQYJKoZIhvcNAQEL
BQADggEBAK59XdBf2uJJ+n6K5GUhyJ4tDEkU94HV1DXu0gNWYzq4VOKxzMM2/mrH
IBW5V00CL3VeOj40mzQmoUmA/pvEaUeCeo3ojB9m7wiZFu/XpAnuRYrvTtweO/Qt
IjgfM/W/p4qsT95m9rUscbmzsgvcPE4KI+en0yDEFwaZw/3hrjWtrWTODeQDBd7c
OyzLRZidjDYXd/3eX0mHnn4A6oq6sGsQ8G5doVOGvA0YgN303TYPG9OPW0tuf/dt
5cc+JR0gq0mIR9IKhTTCwyhq0VyxxnQn/6NmpeIigZKXSHcpQgE2QoJKlR1IbAhf
Cz3l3F5GBbMIbu9Qb5mQcr34wbFkhX4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:09 2025 by rpki-client