Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3600692AEF5011EF9BEFCCA5762E951A.roa
File: 3600692AEF5011EF9BEFCCA5762E951A.roa (raw, json)
Hash identifier: l/JnJWYZE/vJO7iqdjMa6c8hlE+ysp31hPGFefM2eak=
Subject key identifier: 7C:3E:DC:7D:2F:CA:49:90:56:0C:EB:90:DE:6B:BE:47:EE:17:2B:21
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 19FE
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3600692AEF5011EF9BEFCCA5762E951A.roa
Signing time: Thu 20 Feb 2025 06:02:05 +0000
ROA not before: Thu 20 Feb 2025 06:02:01 +0000
ROA not after: Sat 20 Feb 2027 06:02:01 +0000
asID: 834
IP address blocks: 154.16.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6654 (0x19fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 20 06:02:01 2025 GMT
Not After : Feb 20 06:02:01 2027 GMT
Subject: CN=67b6c55d-e1ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:02:6e:dd:5c:d3:77:aa:28:3d:2c:c1:5b:f6:
20:b0:00:55:ae:f3:00:ee:ad:65:da:59:a2:fd:38:
61:39:22:21:11:63:4a:04:1a:e1:02:92:53:c9:2c:
67:8b:fc:9f:c0:0d:f6:8b:1c:e3:bc:30:ac:82:82:
17:34:9b:79:00:21:4c:6a:bd:b7:27:6f:9e:02:e7:
11:ce:6e:d7:e6:78:7a:79:b0:b9:00:76:5d:88:ff:
78:e0:22:c1:54:c8:48:4c:65:a4:3c:82:2c:f0:e9:
b4:72:67:eb:bc:bf:5c:92:ee:77:5d:e5:c5:91:c6:
0f:d1:55:80:32:d5:0a:ca:03:8b:04:a4:67:ed:ac:
da:4d:25:e4:b9:05:08:47:04:84:b7:8f:e2:4d:1d:
d9:1c:c1:ed:28:39:7a:68:29:f3:b2:24:f8:3a:a7:
bc:6c:d6:d4:2a:86:2d:a4:4e:84:13:c5:49:66:41:
b2:6d:56:5f:cd:35:ac:f6:a6:1b:87:a1:da:e5:43:
25:2d:45:4b:b9:3f:a1:1f:40:95:c6:63:82:a4:3d:
e2:bb:97:bb:b4:40:66:ec:e2:5d:38:7b:31:da:54:
0e:3a:6e:51:c3:56:c8:3a:25:68:97:32:29:dd:29:
09:79:91:ba:b5:15:d8:d5:50:e8:9b:81:ca:22:e6:
ed:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:3E:DC:7D:2F:CA:49:90:56:0C:EB:90:DE:6B:BE:47:EE:17:2B:21
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3600692AEF5011EF9BEFCCA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.213.0/24
Signature Algorithm: sha256WithRSAEncryption
00:db:7f:e7:ad:5e:9d:1f:98:59:7c:b2:2f:c3:4f:69:8b:34:
46:20:15:02:e6:42:fe:6b:0f:bf:4c:2d:bd:93:e9:2e:4e:f1:
29:aa:ad:b1:b5:a4:d8:4f:52:95:7c:e4:c8:d8:a7:3c:0d:a5:
f6:12:56:bc:bb:8d:e4:e0:96:dd:bc:5c:50:0c:e6:48:8f:2e:
25:af:93:98:72:16:27:78:61:f3:e0:ee:fd:a1:a5:db:ac:dc:
d9:e1:7e:d3:c9:d6:8c:46:44:af:4e:08:a9:e4:5c:ae:b2:0b:
21:19:cc:85:7d:9b:f5:5d:f5:c2:e7:59:63:0c:9b:47:7c:7b:
72:1d:ec:11:e5:47:a7:59:20:92:7d:d1:d7:68:a5:17:8b:86:
7d:e1:46:8c:90:f8:90:4c:98:60:34:f6:87:10:b9:52:da:74:
f4:e4:41:d1:ad:39:9a:a7:bb:20:59:5d:27:f3:53:5b:b9:de:
36:7f:c5:02:cb:d4:4e:06:59:9a:f4:8a:a2:29:94:55:31:52:
00:5a:ea:75:37:72:e4:32:2e:11:3c:10:b6:bb:0c:f0:d1:73:
58:16:15:1c:07:79:4d:4e:67:a0:ae:28:e4:4c:f8:07:d9:5d:
bd:e9:10:7c:80:14:ba:8b:00:32:fe:fe:04:5b:86:52:28:77:
0b:b4:4c:04
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGf4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMjAwNjAyMDFaFw0yNzAyMjAwNjAyMDFaMBgxFjAU
BgNVBAMTDTY3YjZjNTVkLWUxZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCZAm7dXNN3qig9LMFb9iCwAFWu8wDurWXaWaL9OGE5IiERY0oEGuECklPJ
LGeL/J/ADfaLHOO8MKyCghc0m3kAIUxqvbcnb54C5xHObtfmeHp5sLkAdl2I/3jg
IsFUyEhMZaQ8gizw6bRyZ+u8v1yS7ndd5cWRxg/RVYAy1QrKA4sEpGftrNpNJeS5
BQhHBIS3j+JNHdkcwe0oOXpoKfOyJPg6p7xs1tQqhi2kToQTxUlmQbJtVl/NNaz2
phuHodrlQyUtRUu5P6EfQJXGY4KkPeK7l7u0QGbs4l04ezHaVA46blHDVsg6JWiX
MindKQl5kbq1FdjVUOibgcoi5u39AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfD7c
fS/KSZBWDOuQ3mu+R+4XKyEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzM2MDA2OTJBRUY1MDExRUY5QkVGQ0NBNTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENUwDQYJKoZIhvcNAQEL
BQADggEBAADbf+etXp0fmFl8si/DT2mLNEYgFQLmQv5rD79MLb2T6S5O8SmqrbG1
pNhPUpV85MjYpzwNpfYSVry7jeTglt28XFAM5kiPLiWvk5hyFid4YfPg7v2hpdus
3NnhftPJ1oxGRK9OCKnkXK6yCyEZzIV9m/Vd9cLnWWMMm0d8e3Id7BHlR6dZIJJ9
0ddopReLhn3hRoyQ+JBMmGA09ocQuVLadPTkQdGtOZqnuyBZXSfzU1u53jZ/xQLL
1E4GWZr0iqIplFUxUgBa6nU3cuQyLhE8ELa7DPDRc1gWFRwHeU1OZ6CuKORM+AfZ
Xb3pEHyAFLqLADL+/gRbhlIodwu0TAQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:03 2025 by rpki-client