Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/312CE1A0C44C11EF89E4D861762E951A.roa
File: 312CE1A0C44C11EF89E4D861762E951A.roa (raw, json)
Hash identifier: 5kuIPisnT9EWZkI0DvZMfxf2RbGC7plrrOfd/YRJMBU=
Subject key identifier: 61:A6:04:3A:4D:6C:BD:1A:99:0B:DA:E5:1B:88:4E:20:BB:0E:AE:8B
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1977
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/312CE1A0C44C11EF89E4D861762E951A.roa
Signing time: Fri 27 Dec 2024 12:14:59 +0000
ROA not before: Fri 27 Dec 2024 12:14:56 +0000
ROA not after: Sun 27 Dec 2026 12:14:56 +0000
asID: 400040
IP address blocks: 154.16.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6519 (0x1977)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 27 12:14:56 2024 GMT
Not After : Dec 27 12:14:56 2026 GMT
Subject: CN=676e9a43-45e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:50:cb:ae:4a:c8:ca:b4:e8:b2:bd:1a:ae:20:
f3:d2:0f:03:b6:5b:85:72:b4:1f:55:8e:85:0b:83:
30:1a:91:b5:57:18:4e:bb:56:96:ae:a8:55:43:23:
61:86:fb:8a:77:02:52:b4:4f:dc:6b:df:1a:00:fd:
f7:c3:59:4f:f6:63:b9:b3:59:e0:7c:38:6c:fc:3e:
f8:e2:b5:70:45:98:40:38:de:28:87:42:df:15:e7:
a0:a9:5e:e3:2f:2c:a9:54:42:03:8d:66:95:9c:af:
10:1d:24:f6:ca:20:9d:a3:17:81:91:a7:2d:74:5f:
3f:a5:1b:58:90:0a:15:f0:3a:94:38:95:a0:02:76:
56:ed:2c:49:a6:ce:ef:1e:ed:30:b9:22:fe:35:51:
6e:40:de:7c:52:e6:a5:de:24:15:99:f5:ea:71:cd:
09:97:2c:13:41:13:33:48:ce:d7:04:17:03:1b:6b:
80:78:fe:8a:57:28:6c:49:36:43:99:55:9f:16:fc:
81:c6:17:6d:8d:1d:3e:e9:2d:b8:6f:8b:c1:b3:92:
f8:fc:fe:00:ba:1b:2c:31:20:17:e3:0b:29:33:f8:
14:d6:c4:d2:88:f5:df:e7:fa:04:7e:f8:d8:1f:be:
24:81:a3:90:50:e7:59:b1:8e:ff:4a:ec:ca:58:f4:
c4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A6:04:3A:4D:6C:BD:1A:99:0B:DA:E5:1B:88:4E:20:BB:0E:AE:8B
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/312CE1A0C44C11EF89E4D861762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.237.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d5:93:85:c1:01:3b:78:c2:e2:09:53:bb:68:54:f1:04:10:
4f:14:92:f7:ab:63:5a:fc:aa:67:53:ae:8f:c0:6f:ad:53:f2:
e0:c1:7e:68:c9:bc:d4:32:c3:5d:24:09:9c:04:48:72:c9:cb:
04:5c:ce:cd:b9:1d:a8:80:79:2f:c1:a2:0b:5d:55:fe:5c:72:
fb:5c:42:9a:78:48:66:b2:00:35:14:e8:57:5d:79:28:c2:cb:
e6:e3:22:a0:49:b1:c5:ed:e0:66:bc:11:4d:13:ea:21:f1:88:
b3:a4:8f:2e:93:28:0c:37:f6:19:a8:5a:ef:5e:6b:6f:6d:c9:
4c:f1:33:a5:c6:b9:37:23:90:87:6c:5b:9a:f0:fc:da:6d:da:
4c:6f:11:35:35:ae:f2:02:08:43:af:ca:5d:b2:bf:e6:bd:a8:
ca:8f:c4:0d:ce:0a:cf:11:b7:22:e4:ee:72:90:95:92:6a:f2:
b6:19:5a:5c:71:44:eb:61:ff:c6:a1:d3:69:1d:b3:15:6a:b8:
a3:4d:70:dc:61:d1:7d:0b:0b:59:b7:ab:74:4b:c1:b7:e7:b1:
85:5e:a6:4c:46:59:ba:b9:5b:68:3a:ae:71:b0:21:3a:9a:cb:
8e:20:ac:db:71:1e:6a:51:17:d3:8e:e7:7d:00:30:ad:b4:07:
1a:52:f6:5d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGXcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjcxMjE0NTZaFw0yNjEyMjcxMjE0NTZaMBgxFjAU
BgNVBAMTDTY3NmU5YTQzLTQ1ZTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpUMuuSsjKtOiyvRquIPPSDwO2W4VytB9VjoULgzAakbVXGE67VpauqFVD
I2GG+4p3AlK0T9xr3xoA/ffDWU/2Y7mzWeB8OGz8PvjitXBFmEA43iiHQt8V56Cp
XuMvLKlUQgONZpWcrxAdJPbKIJ2jF4GRpy10Xz+lG1iQChXwOpQ4laACdlbtLEmm
zu8e7TC5Iv41UW5A3nxS5qXeJBWZ9epxzQmXLBNBEzNIztcEFwMba4B4/opXKGxJ
NkOZVZ8W/IHGF22NHT7pLbhvi8Gzkvj8/gC6GywxIBfjCykz+BTWxNKI9d/n+gR+
+NgfviSBo5BQ51mxjv9K7MpY9MRfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUYaYE
Ok1svRqZC9rlG4hOILsOroswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzMxMkNFMUEwQzQ0QzExRUY4OUU0RDg2MTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEO0wDQYJKoZIhvcNAQEL
BQADggEBABDVk4XBATt4wuIJU7toVPEEEE8UkverY1r8qmdTro/Ab61T8uDBfmjJ
vNQyw10kCZwESHLJywRczs25HaiAeS/BogtdVf5ccvtcQpp4SGayADUU6FddeSjC
y+bjIqBJscXt4Ga8EU0T6iHxiLOkjy6TKAw39hmoWu9ea29tyUzxM6XGuTcjkIds
W5rw/Npt2kxvETU1rvICCEOvyl2yv+a9qMqPxA3OCs8RtyLk7nKQlZJq8rYZWlxx
ROth/8ah02kdsxVquKNNcNxh0X0LC1m3q3RLwbfnsYVepkxGWbq5W2g6rnGwITqa
y44grNtxHmpRF9OO530AMK20BxpS9l0=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:58:01 2025 by rpki-client