Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3457C0C28B8411EEB8B434144AD9E6FC.roa
File: 3457C0C28B8411EEB8B434144AD9E6FC.roa (raw, json)
Hash identifier: y0izVYTWxrCYV6SRapzQRlN9PGfbXW0zpa4YwRIovu4=
Subject key identifier: 24:8C:8A:7B:C6:F5:88:AC:A8:8D:1F:8A:21:5D:E9:63:1B:E3:05:79
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1355
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3457C0C28B8411EEB8B434144AD9E6FC.roa
Signing time: Sat 25 Nov 2023 11:17:23 +0000
ROA not before: Sat 25 Nov 2023 11:17:19 +0000
ROA not after: Tue 25 Nov 2025 11:17:19 +0000
asID: 212238
IP address blocks: 154.16.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 27 Apr 2024 05:23:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4949 (0x1355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Nov 25 11:17:19 2023 GMT
Not After : Nov 25 11:17:19 2025 GMT
Subject: CN=6561d7c2-b6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:f4:05:a6:bb:e3:cd:c5:5c:8e:eb:63:41:a3:
50:da:f6:40:bf:1e:a4:ff:9e:6f:b3:e4:7c:18:1b:
f2:e8:3a:a9:3a:cf:c0:27:bc:e0:39:b2:0a:f4:7d:
b1:bb:ea:04:0b:09:36:bd:24:23:cd:d8:c9:fb:f0:
65:1f:5a:ae:78:9a:50:31:bb:6b:b7:49:fa:63:41:
8e:38:87:f9:99:6f:e1:5f:64:76:a8:8e:7c:04:02:
32:0c:99:8e:d6:e6:4d:40:87:ca:02:38:b2:31:0b:
c4:82:fe:22:aa:ad:8b:a4:8b:b0:20:9c:a8:e7:2c:
77:45:15:10:e7:c0:b7:c7:a5:1e:42:f8:36:6b:85:
8c:e8:c6:de:d3:7d:34:2c:17:41:c9:e6:33:6f:04:
9b:48:f4:60:8b:47:69:2e:f9:63:98:7d:20:ac:58:
6e:13:67:9b:3a:04:f3:0b:92:03:1f:3e:48:24:12:
39:88:d7:fc:b9:1b:9c:7d:8e:c5:37:c2:0d:5a:3c:
9b:6e:39:79:8f:ab:ce:49:b5:75:74:b2:df:12:19:
aa:1b:2d:c6:f9:44:08:23:89:04:eb:4f:2a:49:10:
62:08:73:ec:73:72:e7:d2:e3:5f:98:6c:e6:95:39:
02:c7:58:e1:c7:41:15:91:3e:c1:5f:33:26:64:88:
54:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8C:8A:7B:C6:F5:88:AC:A8:8D:1F:8A:21:5D:E9:63:1B:E3:05:79
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3457C0C28B8411EEB8B434144AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.3.0/24
Signature Algorithm: sha256WithRSAEncryption
68:d4:eb:00:cd:2b:f0:86:cb:9b:87:4f:35:d5:ca:7c:ee:dd:
f6:c6:94:84:df:f8:fb:ed:c2:99:13:07:7a:8d:69:e9:ee:ea:
2d:b4:9a:79:28:6b:93:f2:4c:68:73:ea:a9:9a:04:8e:3c:2b:
96:53:d2:18:fe:1b:b7:ae:51:3e:0c:65:96:30:79:6c:b6:d8:
b0:a5:5f:a8:ed:58:91:57:0b:a5:cf:0c:57:b5:aa:3a:31:9a:
81:b0:b2:a5:e0:fb:98:60:e1:c6:0a:d0:b1:2f:72:cc:20:4d:
6f:9c:18:7e:70:13:b7:b6:83:e9:bc:a2:8d:35:85:21:3f:17:
7f:18:4f:0e:d2:c1:90:f7:02:34:09:78:74:ba:24:04:0b:36:
90:42:0d:2b:51:be:e4:be:74:f0:43:e9:54:35:d8:f9:71:8f:
24:8f:4e:bc:b9:2f:42:b9:7e:af:af:28:e9:00:b7:df:9f:7e:
ba:19:a9:80:cb:83:84:85:da:1f:08:b0:03:3b:09:9c:87:ac:
58:ab:06:59:3f:2e:97:89:4e:cd:65:b9:4d:a9:86:d7:01:a3:
2c:61:ae:8b:49:35:b6:35:9f:db:46:a6:50:09:10:e5:b0:49:
b0:6a:25:9e:85:31:d1:b3:63:6f:1d:bf:f6:d0:a5:73:81:26:
53:f8:37:df
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE1UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTE3MTlaFw0yNTExMjUxMTE3MTlaMBgxFjAU
BgNVBAMTDTY1NjFkN2MyLWI2ZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD29AWmu+PNxVyO62NBo1Da9kC/HqT/nm+z5HwYG/LoOqk6z8AnvOA5sgr0
fbG76gQLCTa9JCPN2Mn78GUfWq54mlAxu2u3SfpjQY44h/mZb+FfZHaojnwEAjIM
mY7W5k1Ah8oCOLIxC8SC/iKqrYuki7AgnKjnLHdFFRDnwLfHpR5C+DZrhYzoxt7T
fTQsF0HJ5jNvBJtI9GCLR2ku+WOYfSCsWG4TZ5s6BPMLkgMfPkgkEjmI1/y5G5x9
jsU3wg1aPJtuOXmPq85JtXV0st8SGaobLcb5RAgjiQTrTypJEGIIc+xzcufS41+Y
bOaVOQLHWOHHQRWRPsFfMyZkiFSTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUJIyK
e8b1iKyojR+KIV3pYxvjBXkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzM0NTdDMEMyOEI4NDExRUVCOEI0MzQxNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAMwDQYJKoZIhvcNAQEL
BQADggEBAGjU6wDNK/CGy5uHTzXVynzu3fbGlITf+PvtwpkTB3qNaenu6i20mnko
a5PyTGhz6qmaBI48K5ZT0hj+G7euUT4MZZYweWy22LClX6jtWJFXC6XPDFe1qjox
moGwsqXg+5hg4cYK0LEvcswgTW+cGH5wE7e2g+m8oo01hSE/F38YTw7SwZD3AjQJ
eHS6JAQLNpBCDStRvuS+dPBD6VQ12PlxjySPTry5L0K5fq+vKOkAt9+ffroZqYDL
g4SF2h8IsAM7CZyHrFirBlk/LpeJTs1luU2phtcBoyxhrotJNbY1n9tGplAJEOWw
SbBqJZ6FMdGzY28dv/bQpXOBJlP4N98=
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:22 2024 by rpki-client on console-fra.rpki-client.org