Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3EB184606B4C11EF8EF7BCA0762E951A.roa
File: 3EB184606B4C11EF8EF7BCA0762E951A.roa (raw, json)
Hash identifier: 4hSdzkVhRL9IxMiljm4qS0URk6/aBW3KPsqSN+6gNQc=
Subject key identifier: 2D:BC:2E:76:49:DA:21:F6:D1:C8:A8:41:7F:5B:B7:27:63:F6:36:8F
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 17ED
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3EB184606B4C11EF8EF7BCA0762E951A.roa
Signing time: Thu 05 Sep 2024 06:01:09 +0000
ROA not before: Thu 05 Sep 2024 06:01:04 +0000
ROA not after: Sat 05 Sep 2026 06:01:04 +0000
asID: 834
IP address blocks: 154.16.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6125 (0x17ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Sep 5 06:01:04 2024 GMT
Not After : Sep 5 06:01:04 2026 GMT
Subject: CN=66d94924-176c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2a:14:b5:e9:3f:5b:b9:37:97:e7:34:83:c6:
58:70:53:3e:28:d7:60:30:44:1d:f7:9e:89:52:7d:
9b:39:8c:f8:bf:15:ae:79:c8:e6:ea:f7:d5:c9:e2:
9b:bb:7b:94:bf:25:29:4b:17:f3:8e:6f:36:96:b8:
c0:c3:09:b3:5a:c5:70:69:17:22:b0:94:75:f4:72:
d8:07:21:1f:94:d7:94:b7:b0:10:9b:40:21:9e:25:
03:a0:35:ed:b3:c0:d5:0b:d0:34:f3:68:a5:fc:6b:
08:0a:ee:1b:27:90:48:79:26:39:a6:07:42:0c:4d:
b3:ee:59:52:00:ab:f0:2a:dc:f5:67:c9:09:65:d8:
9b:2a:56:58:26:3a:65:0c:83:2b:40:79:0d:eb:62:
c8:09:f7:72:7a:13:60:8a:f3:c3:67:ef:a9:35:ff:
b7:3f:99:80:bf:c4:f4:39:da:c8:32:b6:67:68:4d:
2e:ce:74:41:7f:8b:3b:18:18:0e:76:1c:fa:1a:9f:
ac:3f:33:cb:9f:a9:cb:9f:84:eb:19:ca:36:6b:dc:
c4:c6:08:a4:ba:0f:bf:74:e7:ad:3f:01:2c:92:7a:
03:44:6e:0c:17:0d:85:8d:6a:7b:d9:47:30:b0:e7:
f7:a9:fa:b5:14:ea:db:c1:f7:8a:23:fc:1a:fa:a0:
31:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BC:2E:76:49:DA:21:F6:D1:C8:A8:41:7F:5B:B7:27:63:F6:36:8F
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/3EB184606B4C11EF8EF7BCA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.72.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:91:c5:4c:1e:f9:19:87:68:7d:34:1b:c2:73:19:3e:bc:5e:
ef:01:5c:63:81:36:b3:e0:bb:df:29:a2:e5:50:be:d9:59:1e:
59:a4:54:cc:06:9c:95:05:df:e4:9f:32:e5:94:d1:94:f5:e5:
0d:bd:dd:10:45:7b:ef:00:29:f8:c6:ef:60:cd:4d:f6:3e:f6:
c7:a0:ff:79:05:69:b3:8e:f3:72:49:a4:6a:19:a3:f4:dd:da:
99:6f:ed:36:b8:9f:cb:3f:7b:97:a8:8e:b6:db:e6:29:17:1f:
71:64:31:86:e2:7d:3d:70:8e:99:b9:2e:61:8e:15:f0:83:1e:
f7:66:60:d2:31:81:08:a8:fc:40:43:67:4e:74:13:df:3d:d9:
69:6e:ca:6e:6f:e0:b6:47:53:17:02:96:3c:51:3e:31:04:c8:
70:83:9a:fe:c6:40:61:d8:ff:49:8c:b2:3d:08:9f:63:86:2c:
fa:c2:cd:01:6f:51:0e:64:eb:a0:b0:31:fe:84:6c:16:29:47:
83:f5:bc:6a:55:14:1c:42:8b:ff:a9:6a:84:95:c1:46:5f:c9:
a1:9c:0d:87:5e:31:d9:b6:0c:70:61:6b:57:d8:d9:58:2c:a3:
69:82:51:cc:d4:fc:b2:3c:cf:44:9d:3b:a0:b8:39:d2:af:df:
09:84:74:1c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICF+0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA5MDUwNjAxMDRaFw0yNjA5MDUwNjAxMDRaMBgxFjAU
BgNVBAMTDTY2ZDk0OTI0LTE3NmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDlKhS16T9buTeX5zSDxlhwUz4o12AwRB33nolSfZs5jPi/Fa55yObq99XJ
4pu7e5S/JSlLF/OObzaWuMDDCbNaxXBpFyKwlHX0ctgHIR+U15S3sBCbQCGeJQOg
Ne2zwNUL0DTzaKX8awgK7hsnkEh5JjmmB0IMTbPuWVIAq/Aq3PVnyQll2JsqVlgm
OmUMgytAeQ3rYsgJ93J6E2CK88Nn76k1/7c/mYC/xPQ52sgytmdoTS7OdEF/izsY
GA52HPoan6w/M8ufqcufhOsZyjZr3MTGCKS6D790560/ASySegNEbgwXDYWNanvZ
RzCw5/ep+rUU6tvB94oj/Br6oDFvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQULbwu
dknaIfbRyKhBf1u3J2P2No8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzNFQjE4NDYwNkI0QzExRUY4RUY3QkNBMDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEgwDQYJKoZIhvcNAQEL
BQADggEBAA2RxUwe+RmHaH00G8JzGT68Xu8BXGOBNrPgu98pouVQvtlZHlmkVMwG
nJUF3+SfMuWU0ZT15Q293RBFe+8AKfjG72DNTfY+9seg/3kFabOO83JJpGoZo/Td
2plv7Ta4n8s/e5eojrbb5ikXH3FkMYbifT1wjpm5LmGOFfCDHvdmYNIxgQio/EBD
Z050E9892Wluym5v4LZHUxcCljxRPjEEyHCDmv7GQGHY/0mMsj0In2OGLPrCzQFv
UQ5k66CwMf6EbBYpR4P1vGpVFBxCi/+paoSVwUZfyaGcDYdeMdm2DHBha1fY2Vgs
o2mCUczU/LI8z0SdO6C4OdKv3wmEdBw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:22 2025 by rpki-client