Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/40400B42F66D11EFA565C14A762E951A.roa
File: 40400B42F66D11EFA565C14A762E951A.roa (raw, json)
Hash identifier: 65P7fIhAp7tFMLbniHZGm082ztdDSiByqjk7KM3iMFE=
Subject key identifier: 1F:AA:D0:B8:3B:7D:5D:19:CE:09:82:73:9C:6B:B7:B9:57:F1:C3:54
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A36
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/40400B42F66D11EFA565C14A762E951A.roa
Signing time: Sat 01 Mar 2025 07:17:36 +0000
ROA not before: Sat 01 Mar 2025 07:17:32 +0000
ROA not after: Mon 01 Mar 2027 07:17:32 +0000
asID: 834
IP address blocks: 154.16.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6710 (0x1a36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 1 07:17:32 2025 GMT
Not After : Mar 1 07:17:32 2027 GMT
Subject: CN=67c2b490-2646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bd:2f:e4:6b:bc:23:4b:5e:79:6b:51:0f:85:
53:fe:1e:8f:7a:44:ce:5c:9b:1b:8b:fa:be:29:1d:
b6:f2:71:72:60:21:3f:03:b2:01:ed:19:e9:15:0c:
2c:8b:1c:f8:17:51:ce:fe:f3:7d:b8:98:85:1b:bc:
3b:ea:fc:98:83:3e:7c:9d:ee:40:ce:19:4f:41:85:
57:88:c3:26:8a:8b:41:cb:95:62:d2:2e:e9:4e:88:
9f:20:8b:91:2a:48:8e:62:8c:60:5a:98:53:fd:bf:
3f:50:21:32:08:c1:21:22:a5:2e:53:e5:2e:a7:56:
7d:20:d9:a6:56:cc:76:4d:83:d0:37:b2:11:cc:d8:
23:4c:f3:41:df:84:8b:9c:db:51:e3:33:b5:0f:4d:
13:65:a5:06:6d:34:5e:fc:a1:00:5e:29:5e:31:0d:
1e:0e:b3:e9:7d:b6:33:9f:e8:a9:c5:60:38:47:35:
d7:61:24:91:c8:2e:b0:40:a5:ff:21:84:37:6f:a2:
8a:6e:f7:cd:a9:3a:c5:b6:c3:f3:30:74:91:7f:a5:
ea:9b:92:50:22:7e:80:53:4b:bd:50:9e:32:35:d5:
56:31:ed:55:0a:a2:26:72:dd:de:8f:93:bc:73:87:
a6:68:e2:15:a1:46:ca:58:38:d7:4d:80:fa:66:d8:
cc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AA:D0:B8:3B:7D:5D:19:CE:09:82:73:9C:6B:B7:B9:57:F1:C3:54
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/40400B42F66D11EFA565C14A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.246.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:9a:d5:ff:d7:2b:6d:ad:21:58:63:0b:38:57:5a:92:81:33:
6c:0a:19:49:76:36:ae:e0:c8:7f:32:ec:a4:a9:34:dc:6b:f3:
ba:e4:8a:92:21:f8:45:1f:1c:f9:2a:ec:29:82:8c:e0:e8:b5:
2a:6a:12:86:ef:d6:a3:08:2e:56:65:88:52:67:82:b0:23:ce:
bf:84:03:8f:cd:14:fa:b0:ab:80:52:e4:59:bf:31:cd:72:ca:
70:11:4d:0b:f2:13:50:77:56:8f:16:90:22:e6:f9:f1:49:be:
ab:7a:77:8e:e3:e5:8b:fe:8f:8f:43:fe:57:6c:ed:fb:6f:8c:
e2:05:aa:89:81:3b:00:48:73:ab:25:6d:09:ff:de:5c:ca:25:
07:03:c0:36:f9:22:30:8a:8a:ce:f3:5f:90:09:9e:bd:6b:5f:
9a:fd:f0:cc:8e:96:40:97:72:e7:c3:bc:5d:ef:a7:a5:8b:b2:
37:5c:ea:d9:f6:8b:71:4d:32:5f:f8:4d:b1:9b:36:09:c0:ba:
66:e9:ab:9d:69:6a:59:86:a2:11:88:77:42:a3:e5:71:4d:3d:
46:06:c5:49:a5:ed:3e:91:25:5a:a8:0b:bd:54:ba:a9:43:64:
23:83:e8:f3:63:f1:dc:00:28:00:20:e7:c4:3e:d8:b7:56:70:
cb:58:fa:1f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGjYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAzMDEwNzE3MzJaFw0yNzAzMDEwNzE3MzJaMBgxFjAU
BgNVBAMTDTY3YzJiNDkwLTI2NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/vS/ka7wjS155a1EPhVP+Ho96RM5cmxuL+r4pHbbycXJgIT8DsgHtGekV
DCyLHPgXUc7+8324mIUbvDvq/JiDPnyd7kDOGU9BhVeIwyaKi0HLlWLSLulOiJ8g
i5EqSI5ijGBamFP9vz9QITIIwSEipS5T5S6nVn0g2aZWzHZNg9A3shHM2CNM80Hf
hIuc21HjM7UPTRNlpQZtNF78oQBeKV4xDR4Os+l9tjOf6KnFYDhHNddhJJHILrBA
pf8hhDdvoopu982pOsW2w/MwdJF/peqbklAifoBTS71QnjI11VYx7VUKoiZy3d6P
k7xzh6Zo4hWhRspYONdNgPpm2MwzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUH6rQ
uDt9XRnOCYJznGu3uVfxw1QwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQwNDAwQjQyRjY2RDExRUZBNTY1QzE0QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPYwDQYJKoZIhvcNAQEL
BQADggEBAK6a1f/XK22tIVhjCzhXWpKBM2wKGUl2Nq7gyH8y7KSpNNxr87rkipIh
+EUfHPkq7CmCjODotSpqEobv1qMILlZliFJngrAjzr+EA4/NFPqwq4BS5Fm/Mc1y
ynARTQvyE1B3Vo8WkCLm+fFJvqt6d47j5Yv+j49D/lds7ftvjOIFqomBOwBIc6sl
bQn/3lzKJQcDwDb5IjCKis7zX5AJnr1rX5r98MyOlkCXcufDvF3vp6WLsjdc6tn2
i3FNMl/4TbGbNgnAumbpq51palmGohGId0Kj5XFNPUYGxUml7T6RJVqoC71UuqlD
ZCOD6PNj8dwAKAAg58Q+2LdWcMtY+h8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:56 2025 by rpki-client