Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3C1F3D7A54A211EF8CB9586A762E951A.roa
File: 3C1F3D7A54A211EF8CB9586A762E951A.roa (raw, json)
Hash identifier: IYBbAvZb4ozp6wpYB8PR+wYX/togpoo+pMQqJpGXsHU=
Subject key identifier: 0D:FE:F7:A6:16:03:A7:0A:49:55:8B:1F:E3:F4:80:F1:61:A8:06:C2
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1787
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3C1F3D7A54A211EF8CB9586A762E951A.roa
Signing time: Wed 07 Aug 2024 09:48:44 +0000
ROA not before: Wed 07 Aug 2024 09:48:41 +0000
ROA not after: Fri 07 Aug 2026 09:48:41 +0000
asID: 14670
IP address blocks: 154.16.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6023 (0x1787)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Aug 7 09:48:41 2024 GMT
Not After : Aug 7 09:48:41 2026 GMT
Subject: CN=66b342fc-9b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:59:c0:97:5d:f2:23:35:24:dc:34:b7:cf:2c:
13:73:2c:9f:3b:0f:0d:8e:55:5c:9f:5d:6b:31:87:
cb:26:72:6c:d5:f0:9b:ab:9e:c3:51:7d:18:9f:43:
18:4a:1d:75:5f:f4:af:cd:b2:81:b5:f7:30:fd:65:
5a:23:fb:7a:8a:12:5e:4d:13:93:ef:4b:99:2b:cb:
b8:03:a5:d3:b3:b2:b4:42:ed:ef:f6:f0:5f:16:ab:
10:ba:a1:b2:e6:25:ba:19:ca:b6:83:42:66:2d:99:
13:14:a3:5a:4c:88:a6:3f:1a:5c:b1:2b:31:a0:56:
c4:9a:78:80:ab:a6:91:bf:b9:b1:64:77:29:f6:d5:
fc:87:09:ae:fc:90:19:95:a3:7d:c2:1c:1d:e5:91:
a5:59:52:5c:a0:1c:56:58:b7:54:8f:13:aa:c5:25:
97:9d:d5:da:9c:a4:f3:cb:f9:82:7d:8e:09:8f:fb:
fa:c0:95:46:9f:62:8b:1f:4d:32:49:e9:dc:02:c3:
0e:9e:73:d3:3c:24:93:52:bb:ab:5e:d9:61:e6:30:
83:a6:cd:53:fe:67:87:44:8d:26:e2:e5:b3:dd:50:
5d:5b:e3:8f:61:b5:90:fd:3c:3a:81:fe:c1:21:7f:
b6:47:30:f5:6b:db:d4:a3:73:1b:37:49:07:73:db:
b0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:FE:F7:A6:16:03:A7:0A:49:55:8B:1F:E3:F4:80:F1:61:A8:06:C2
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3C1F3D7A54A211EF8CB9586A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.117.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a0:f1:14:cd:e0:e3:9f:6b:e8:47:dd:eb:11:4c:c8:2c:ed:
c0:10:ea:16:fe:41:45:2c:2e:4c:cb:db:59:9a:bb:37:f2:ee:
d6:46:43:58:43:8a:b0:7d:78:bb:8f:b4:e5:de:42:12:12:1d:
e3:83:23:3a:3b:54:61:9e:9d:e2:68:c2:15:20:d5:eb:3c:f4:
45:6e:c9:52:bb:4a:b5:41:09:5a:a1:20:a4:ba:bf:89:c8:86:
09:8c:46:7c:22:84:8f:82:0b:79:26:68:47:6c:ec:c4:93:aa:
2c:31:c6:e0:12:e1:2a:59:e8:cf:4f:ad:a9:16:9b:1b:d1:3b:
fd:7a:91:85:4e:b6:db:e8:8e:1d:58:c9:8f:06:20:f6:48:6b:
4e:e8:e3:b8:7b:43:95:ea:81:c0:2e:42:83:5e:92:67:76:ae:
d9:5d:dc:d1:db:0b:30:c2:87:82:e6:1e:0b:c9:44:a7:46:89:
08:e4:89:1e:72:e7:d6:ab:d1:51:1f:95:8e:93:23:b7:7a:32:
cb:46:9d:74:7c:17:41:e5:e4:b4:13:90:08:7a:a3:1b:6b:a5:
5f:81:29:46:cb:12:0e:c9:0c:b5:56:ca:fc:f2:9c:42:d4:af:
42:c0:95:38:3b:52:3b:d8:31:26:02:d4:3d:42:8b:56:51:46:
a9:2b:aa:60
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICF4cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA4MDcwOTQ4NDFaFw0yNjA4MDcwOTQ4NDFaMBgxFjAU
BgNVBAMTDTY2YjM0MmZjLTliMGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2WcCXXfIjNSTcNLfPLBNzLJ87Dw2OVVyfXWsxh8smcmzV8JurnsNRfRif
QxhKHXVf9K/NsoG19zD9ZVoj+3qKEl5NE5PvS5kry7gDpdOzsrRC7e/28F8WqxC6
obLmJboZyraDQmYtmRMUo1pMiKY/GlyxKzGgVsSaeICrppG/ubFkdyn21fyHCa78
kBmVo33CHB3lkaVZUlygHFZYt1SPE6rFJZed1dqcpPPL+YJ9jgmP+/rAlUafYosf
TTJJ6dwCww6ec9M8JJNSu6te2WHmMIOmzVP+Z4dEjSbi5bPdUF1b449htZD9PDqB
/sEhf7ZHMPVr29Sjcxs3SQdz27BlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUDf73
phYDpwpJVYsf4/SA8WGoBsIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzNDMUYzRDdBNTRBMjExRUY4Q0I5NTg2QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEHUwDQYJKoZIhvcNAQEL
BQADggEBAEGg8RTN4OOfa+hH3esRTMgs7cAQ6hb+QUUsLkzL21mauzfy7tZGQ1hD
irB9eLuPtOXeQhISHeODIzo7VGGeneJowhUg1es89EVuyVK7SrVBCVqhIKS6v4nI
hgmMRnwihI+CC3kmaEds7MSTqiwxxuAS4SpZ6M9PrakWmxvRO/16kYVOttvojh1Y
yY8GIPZIa07o47h7Q5XqgcAuQoNekmd2rtld3NHbCzDCh4LmHgvJRKdGiQjkiR5y
59ar0VEflY6TI7d6MstGnXR8F0Hl5LQTkAh6oxtrpV+BKUbLEg7JDLVWyvzynELU
r0LAlTg7UjvYMSYC1D1Ci1ZRRqkrqmA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:30 2024 by rpki-client on console-fra.rpki-client.org