Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2B6B988CBEC111EF9C610BBB762E951A.roa
File: 2B6B988CBEC111EF9C610BBB762E951A.roa (raw, json)
Hash identifier: m6hBdum+YkXNuSBN4qz3Vzw7+WAaqrDX+JfPrI2L25k=
Subject key identifier: 14:3E:20:7B:F2:AD:D0:B9:C6:56:2E:25:55:FA:F6:8C:40:91:71:7E
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 194F
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2B6B988CBEC111EF9C610BBB762E951A.roa
Signing time: Fri 20 Dec 2024 10:57:14 +0000
ROA not before: Fri 20 Dec 2024 10:57:10 +0000
ROA not after: Sun 20 Dec 2026 10:57:10 +0000
asID: 212384
IP address blocks: 154.16.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6479 (0x194f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 20 10:57:10 2024 GMT
Not After : Dec 20 10:57:10 2026 GMT
Subject: CN=67654d8a-c038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f1:90:b2:d1:88:70:34:34:2c:08:32:03:70:
9c:45:93:c6:33:9d:28:3e:c0:7d:a7:0d:94:0d:d9:
a7:c6:5d:bc:ac:24:e6:f3:16:51:52:c1:f6:57:fd:
4e:c1:b7:ba:0f:e2:54:bb:db:54:da:72:69:7f:46:
ca:47:e9:53:81:d3:2a:4c:fd:e1:45:bc:a2:9e:6b:
1c:2e:35:f6:2d:7a:3e:da:70:a0:81:02:b3:36:ac:
23:9a:cb:90:ed:0d:93:2f:1f:66:ad:69:34:49:ba:
07:fc:99:2d:c3:2a:f6:14:31:ef:95:85:0e:70:1a:
6b:74:c8:d3:91:a0:07:20:d6:82:a9:89:f9:70:8f:
3d:04:44:39:76:c3:da:b4:ab:80:91:af:b8:d5:a6:
c5:5a:7f:e6:1c:6e:48:aa:a4:91:ba:39:10:03:64:
94:87:d2:70:4b:9b:9e:d8:24:59:2e:e3:87:63:f9:
ae:dd:b1:19:f0:9a:8c:1e:e5:76:4a:e2:1a:ea:70:
02:78:e7:54:84:80:88:ed:b3:2a:36:56:f6:97:76:
01:8b:7b:ba:18:49:97:65:2d:9f:64:03:88:ee:a3:
37:0d:23:8a:d0:07:3b:be:1f:ca:3a:6b:97:41:9a:
55:fd:ef:3d:6f:bc:1e:d8:17:3a:31:ec:60:9a:9b:
cd:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3E:20:7B:F2:AD:D0:B9:C6:56:2E:25:55:FA:F6:8C:40:91:71:7E
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2B6B988CBEC111EF9C610BBB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.153.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:67:f0:a9:fe:11:f2:02:42:f4:ee:5b:af:12:de:23:02:db:
84:45:33:43:0a:08:b1:1e:16:59:72:c4:9a:ef:79:2d:22:d8:
22:f0:6a:21:0b:37:52:60:7b:73:37:4b:32:6f:53:bf:4f:7f:
34:f5:25:af:45:00:31:d3:82:b3:26:44:09:95:58:8f:2c:23:
d7:76:e0:1e:2a:e7:b9:fd:cb:7c:b7:69:70:c0:59:9d:b5:cd:
66:c1:8c:b2:20:9f:df:a7:58:58:7a:07:dc:58:a9:42:15:77:
50:f4:e1:e9:0f:59:bb:bf:28:a6:0b:ad:91:fe:53:65:06:20:
d7:91:08:89:cb:66:c5:e7:81:01:f1:61:d6:e9:82:d0:8d:c6:
91:2b:88:cf:e7:9f:a4:da:6c:33:f0:78:cc:94:e2:dd:41:66:
11:99:80:84:7a:bd:20:53:8f:26:48:d0:82:c6:2e:ea:4d:80:
a4:85:5c:21:5f:0c:b4:8c:24:44:6c:e7:b0:85:f2:ad:38:3b:
e5:2f:2b:88:21:98:96:be:b2:72:7f:61:39:a2:52:1a:9e:81:
60:6d:75:9c:4d:b6:a2:e0:31:7b:03:44:02:c1:c3:96:2c:75:
c0:3a:24:f8:07:ba:f5:ed:df:d2:26:37:72:16:3c:b1:29:a2:
73:56:3c:1d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGU8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjAxMDU3MTBaFw0yNjEyMjAxMDU3MTBaMBgxFjAU
BgNVBAMTDTY3NjU0ZDhhLWMwMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDv8ZCy0YhwNDQsCDIDcJxFk8YznSg+wH2nDZQN2afGXbysJObzFlFSwfZX
/U7Bt7oP4lS721Tacml/RspH6VOB0ypM/eFFvKKeaxwuNfYtej7acKCBArM2rCOa
y5DtDZMvH2ataTRJugf8mS3DKvYUMe+VhQ5wGmt0yNORoAcg1oKpiflwjz0ERDl2
w9q0q4CRr7jVpsVaf+YcbkiqpJG6ORADZJSH0nBLm57YJFku44dj+a7dsRnwmowe
5XZK4hrqcAJ451SEgIjtsyo2VvaXdgGLe7oYSZdlLZ9kA4juozcNI4rQBzu+H8o6
a5dBmlX97z1vvB7YFzox7GCam82/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUFD4g
e/Kt0LnGVi4lVfr2jECRcX4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJCNkI5ODhDQkVDMTExRUY5QzYxMEJCQjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJkwDQYJKoZIhvcNAQEL
BQADggEBAMln8Kn+EfICQvTuW68S3iMC24RFM0MKCLEeFllyxJrveS0i2CLwaiEL
N1Jge3M3SzJvU79PfzT1Ja9FADHTgrMmRAmVWI8sI9d24B4q57n9y3y3aXDAWZ21
zWbBjLIgn9+nWFh6B9xYqUIVd1D04ekPWbu/KKYLrZH+U2UGINeRCInLZsXngQHx
YdbpgtCNxpEriM/nn6TabDPweMyU4t1BZhGZgIR6vSBTjyZI0ILGLupNgKSFXCFf
DLSMJERs57CF8q04O+UvK4ghmJa+snJ/YTmiUhqegWBtdZxNtqLgMXsDRALBw5Ys
dcA6JPgHuvXt39ImN3IWPLEponNWPB0=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:42:54 2025 by rpki-client