Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/33E48F64B8F611EDB1887FEEF1222468.roa
File: 33E48F64B8F611EDB1887FEEF1222468.roa (raw, json)
Hash identifier: YyIU79eadb9qmd5QyK+aBqTTM4guDA/Nc+blQbs5VzY=
Subject key identifier: 58:9E:17:F6:08:8E:95:9D:65:A7:9D:A9:99:7C:D6:E2:0D:6E:80:38
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0C97
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/33E48F64B8F611EDB1887FEEF1222468.roa
Signing time: Thu 02 Mar 2023 12:31:49 +0000
ROA not before: Thu 02 Mar 2023 12:31:45 +0000
ROA not after: Sat 01 Mar 2025 12:31:45 +0000
asID: 61317
IP address blocks: 154.16.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3223 (0xc97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 2 12:31:45 2023 GMT
Not After : Mar 1 12:31:45 2025 GMT
Subject: CN=64009735-69f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1c:33:31:68:b4:f6:69:74:94:66:9c:3a:24:
c2:f7:50:90:e2:e2:89:ef:95:29:75:13:3e:62:63:
c6:57:b8:05:d3:70:32:8a:f0:6b:05:05:36:14:62:
d6:30:76:c6:1e:40:4e:1b:44:b0:cb:ce:5c:e0:ac:
7d:77:3e:96:e9:08:60:22:6c:c6:b7:d5:28:c3:dc:
a8:d9:a3:89:21:8e:58:bb:7c:55:98:88:ed:f4:83:
fa:4b:34:8b:7c:5a:8e:7c:9c:8d:08:63:c3:df:cb:
6d:86:bb:8f:00:b4:94:75:e8:1e:03:70:15:5b:98:
b9:e6:62:7e:b3:c3:06:23:77:21:6b:ae:3b:d2:cd:
95:67:f3:15:dc:ec:2d:4a:56:6d:e2:bb:7b:b2:47:
ff:06:8e:2c:23:76:29:f9:74:dc:d4:b0:34:c0:7f:
ac:f9:bf:11:70:fe:0d:86:6f:03:33:fa:64:ad:da:
e6:0f:31:b6:24:08:89:fd:58:6d:ef:d3:5d:47:d3:
3d:34:1b:1f:cb:c7:f5:40:25:e9:bf:13:92:d3:eb:
bf:3b:b4:39:b0:ea:7e:88:be:17:1c:39:fe:21:a8:
2c:0c:47:2d:23:a2:1a:b0:fd:68:10:6e:13:a9:27:
de:7b:6b:5c:26:fc:0a:5e:5c:c4:a5:b6:78:5a:12:
65:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:9E:17:F6:08:8E:95:9D:65:A7:9D:A9:99:7C:D6:E2:0D:6E:80:38
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/33E48F64B8F611EDB1887FEEF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.210.0/24
Signature Algorithm: sha256WithRSAEncryption
21:56:87:84:b7:0a:ee:11:f9:92:70:f8:c2:39:21:88:22:94:
a4:7e:89:49:33:7b:56:41:61:f1:28:ed:db:5b:0c:09:6b:a8:
9d:04:df:a4:6a:5e:77:e3:33:5b:1b:05:b5:5c:60:e5:48:be:
e8:04:9c:92:d3:80:3f:cf:da:f2:8d:48:97:d5:9e:6f:cd:8a:
96:c4:f1:eb:43:a1:77:71:87:c7:ee:aa:1d:63:01:39:f2:71:
b8:a5:14:2c:88:a6:d0:5c:81:9a:99:42:18:33:75:05:bd:58:
e4:2e:da:02:1f:66:d4:e2:2a:98:58:f9:3f:7a:cc:2f:55:93:
34:db:50:95:66:ba:91:e0:7e:ff:76:fb:3d:ec:77:c1:ab:69:
49:5b:17:0b:3b:ec:75:e7:23:1f:67:4a:fb:ff:60:98:b0:94:
64:6e:5b:29:1c:e3:8a:6b:f4:8c:a8:72:cd:55:b2:0e:4d:e3:
54:5d:78:66:0d:3b:21:c3:84:87:55:9a:6a:f6:06:b1:12:5f:
70:3d:39:9d:7b:31:e6:d2:d6:2f:31:1e:9b:4f:15:3c:34:af:
22:f3:98:cc:35:6e:08:cf:9e:cd:1b:83:0b:c2:9c:d3:0f:1c:
f4:af:52:0e:1e:ea:ec:ef:36:20:84:45:05:1f:ea:51:89:2a:
d7:72:36:58
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDJcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMjMxNDVaFw0yNTAzMDExMjMxNDVaMBgxFjAU
BgNVBAMMDTY0MDA5NzM1LTY5ZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDnHDMxaLT2aXSUZpw6JML3UJDi4onvlSl1Ez5iY8ZXuAXTcDKK8GsFBTYU
YtYwdsYeQE4bRLDLzlzgrH13PpbpCGAibMa31SjD3KjZo4khjli7fFWYiO30g/pL
NIt8Wo58nI0IY8Pfy22Gu48AtJR16B4DcBVbmLnmYn6zwwYjdyFrrjvSzZVn8xXc
7C1KVm3iu3uyR/8Gjiwjdin5dNzUsDTAf6z5vxFw/g2GbwMz+mSt2uYPMbYkCIn9
WG3v011H0z00Gx/Lx/VAJem/E5LT6787tDmw6n6IvhccOf4hqCwMRy0johqw/WgQ
bhOpJ957a1wm/ApeXMSltnhaEmUtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUWJ4X
9giOlZ1lp52pmXzW4g1ugDgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzMzRTQ4RjY0QjhGNjExRURCMTg4N0ZFRUYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENIwDQYJKoZIhvcNAQEL
BQADggEBACFWh4S3Cu4R+ZJw+MI5IYgilKR+iUkze1ZBYfEo7dtbDAlrqJ0E36Rq
XnfjM1sbBbVcYOVIvugEnJLTgD/P2vKNSJfVnm/NipbE8etDoXdxh8fuqh1jATny
cbilFCyIptBcgZqZQhgzdQW9WOQu2gIfZtTiKphY+T96zC9VkzTbUJVmupHgfv92
+z3sd8GraUlbFws77HXnIx9nSvv/YJiwlGRuWykc44pr9Iyocs1Vsg5N41RdeGYN
OyHDhIdVmmr2BrESX3A9OZ17MebS1i8xHptPFTw0ryLzmMw1bgjPns0bgwvCnNMP
HPSvUg4e6uzvNiCERQUf6lGJKtdyNlg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:30 2025 by rpki-client