Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/425504ECB69511ED99AE9BC0F1222468.roa
File: 425504ECB69511ED99AE9BC0F1222468.roa (raw, json)
Hash identifier: S3q+dDcNA6Hb7p/6inNFqzmETmX8iYVbp8YRKz7IEEk=
Subject key identifier: 0A:D1:F4:66:54:1D:49:77:90:6A:14:23:C0:44:54:40:89:D4:77:53
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0C6B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/425504ECB69511ED99AE9BC0F1222468.roa
Signing time: Mon 27 Feb 2023 11:52:50 +0000
ROA not before: Mon 27 Feb 2023 11:52:46 +0000
ROA not after: Thu 27 Feb 2025 11:52:46 +0000
asID: 61317
IP address blocks: 154.16.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3179 (0xc6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 27 11:52:46 2023 GMT
Not After : Feb 27 11:52:46 2025 GMT
Subject: CN=63fc9992-0048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:92:75:d8:a1:c8:aa:e4:e2:1c:7d:30:fb:56:
43:b9:65:66:2a:90:37:01:6c:dc:4f:cc:cb:f5:b8:
d2:f4:b9:85:60:41:07:56:97:53:14:52:69:28:62:
5d:23:31:08:64:6c:db:a5:f8:82:c1:65:1b:dc:c4:
d2:20:75:f6:a2:3a:22:19:e4:12:86:19:51:d8:f9:
30:60:cf:53:60:56:a3:36:e0:b3:d6:10:92:28:c8:
43:3c:a3:7c:0b:55:32:8f:b2:74:d6:17:14:ce:f3:
f1:0d:54:cb:4a:7c:11:53:eb:18:37:dc:b0:93:14:
e9:f3:4d:28:46:a8:e7:73:8a:bb:04:09:a7:b5:2b:
0b:88:83:15:ed:30:a9:31:99:69:bd:bf:a9:61:ad:
ca:71:87:29:21:bb:90:97:87:9f:cc:12:de:e8:5a:
eb:43:dc:3a:5b:60:1e:36:1a:e3:5a:e4:6c:ce:08:
b7:ce:9a:37:1b:d0:44:9f:ca:19:ba:62:02:fe:9c:
6b:23:ee:e9:4d:eb:d6:43:29:46:0d:83:6d:91:20:
ec:25:18:6d:ac:75:b2:84:24:e8:a3:ea:25:10:40:
46:e3:3c:9c:1c:dd:4e:23:03:fe:5e:ac:f7:45:d7:
57:da:8a:dc:14:f5:00:33:2b:67:e6:a6:80:b7:98:
8d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D1:F4:66:54:1D:49:77:90:6A:14:23:C0:44:54:40:89:D4:77:53
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/425504ECB69511ED99AE9BC0F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.138.0/24
Signature Algorithm: sha256WithRSAEncryption
71:8d:90:68:8a:09:1a:f7:f6:5e:06:c7:99:c4:69:f8:04:27:
d9:57:6d:08:93:ba:11:86:fd:44:50:d1:d5:ae:06:ca:7f:34:
c8:74:cf:fa:9d:9a:07:d0:8e:e4:27:88:58:c1:47:00:1f:26:
bc:6b:73:01:b5:1e:2b:f0:84:f9:4c:b4:60:c5:48:fc:d7:22:
db:62:6b:80:74:a3:c9:9e:36:b2:c3:a3:a0:c8:3d:99:a8:90:
97:27:70:c5:ca:52:64:16:dd:3e:88:35:25:2b:81:25:88:c1:
09:01:6a:b6:da:25:58:aa:3a:5d:21:93:a0:e7:7b:f9:bb:47:
91:da:af:2c:15:7b:5d:91:2f:eb:a6:db:e2:b0:62:8e:27:5c:
2a:e0:f9:93:02:7f:11:e3:2c:3c:3a:fc:1c:06:5f:18:bb:0e:
8d:bf:67:16:ba:43:86:93:84:f7:53:06:72:7d:62:a4:5d:ee:
ec:6d:2a:ca:53:40:e7:88:77:64:8a:c5:97:57:a4:67:3c:bd:
bd:a4:dd:1f:e2:53:f6:be:2d:8d:aa:a3:5f:00:67:df:6f:70:
0a:d2:eb:b0:10:28:10:a9:51:cb:44:3c:3f:36:63:eb:76:dd:
b7:5c:72:12:d1:77:c5:68:c4:05:ca:14:8c:2e:f5:63:a4:56:
07:4a:3c:0b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDGswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjcxMTUyNDZaFw0yNTAyMjcxMTUyNDZaMBgxFjAU
BgNVBAMMDTYzZmM5OTkyLTAwNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0knXYociq5OIcfTD7VkO5ZWYqkDcBbNxPzMv1uNL0uYVgQQdWl1MUUmko
Yl0jMQhkbNul+ILBZRvcxNIgdfaiOiIZ5BKGGVHY+TBgz1NgVqM24LPWEJIoyEM8
o3wLVTKPsnTWFxTO8/ENVMtKfBFT6xg33LCTFOnzTShGqOdzirsECae1KwuIgxXt
MKkxmWm9v6lhrcpxhykhu5CXh5/MEt7oWutD3DpbYB42GuNa5GzOCLfOmjcb0ESf
yhm6YgL+nGsj7ulN69ZDKUYNg22RIOwlGG2sdbKEJOij6iUQQEbjPJwc3U4jA/5e
rPdF11faitwU9QAzK2fmpoC3mI2lAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCtH0
ZlQdSXeQahQjwERUQInUd1MwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQyNTUwNEVDQjY5NTExRUQ5OUFFOUJDMEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIowDQYJKoZIhvcNAQEL
BQADggEBAHGNkGiKCRr39l4Gx5nEafgEJ9lXbQiTuhGG/URQ0dWuBsp/NMh0z/qd
mgfQjuQniFjBRwAfJrxrcwG1HivwhPlMtGDFSPzXIttia4B0o8meNrLDo6DIPZmo
kJcncMXKUmQW3T6INSUrgSWIwQkBarbaJViqOl0hk6Dne/m7R5HarywVe12RL+um
2+KwYo4nXCrg+ZMCfxHjLDw6/BwGXxi7Do2/Zxa6Q4aThPdTBnJ9YqRd7uxtKspT
QOeId2SKxZdXpGc8vb2k3R/iU/a+LY2qo18AZ99vcArS67AQKBCpUctEPD82Y+t2
3bdcchLRd8VoxAXKFIwu9WOkVgdKPAs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:42 2025 by rpki-client