Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/42D8C97EB8F911EDAE5B9FF7F1222468.roa
File: 42D8C97EB8F911EDAE5B9FF7F1222468.roa (raw, json)
Hash identifier: n1Brd7ZIm/26MkN0BYkfSLW9Ns3uMa+z3P0SUdtx8/I=
Subject key identifier: E6:2B:BD:27:DE:98:9B:D7:CA:6B:E4:4D:1D:8A:7C:AA:5C:0D:EB:F1
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0CBA
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/42D8C97EB8F911EDAE5B9FF7F1222468.roa
Signing time: Thu 02 Mar 2023 12:53:43 +0000
ROA not before: Thu 02 Mar 2023 12:53:39 +0000
ROA not after: Sat 01 Mar 2025 12:53:39 +0000
asID: 61317
IP address blocks: 154.16.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3258 (0xcba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 2 12:53:39 2023 GMT
Not After : Mar 1 12:53:39 2025 GMT
Subject: CN=64009c57-50e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:20:ec:3c:bc:03:0f:20:36:c0:e4:70:2b:a2:
50:6d:c7:e6:81:7e:bc:a1:43:14:64:6a:6e:fd:43:
f9:b3:4d:98:b0:d9:68:21:17:b7:f6:4e:3e:0e:83:
fc:93:3a:30:27:c5:b7:c9:85:24:22:60:ec:43:a3:
1a:65:e7:2f:a0:3f:c4:36:ef:be:da:f4:58:35:2c:
68:ff:a0:79:cf:a0:8e:a8:ac:13:30:7f:0c:b1:96:
d1:c8:69:79:f0:93:a9:5f:40:15:f3:24:7c:d5:bf:
ec:e8:6f:d2:38:77:f6:dd:de:df:2a:c9:80:2e:98:
ae:6e:77:b0:e9:78:62:7c:f3:9b:c4:ad:ef:10:05:
0f:8f:fc:db:11:85:aa:43:57:fa:c1:d2:f7:9f:a4:
3e:06:2a:06:0a:75:23:f0:20:37:5f:c1:5f:c3:b0:
dd:82:35:cf:a2:b8:ab:20:73:ac:84:73:4f:e4:4d:
7e:59:f7:f9:e7:d9:7e:d3:fd:ad:00:16:ae:38:0c:
a3:ca:2e:63:73:d3:e0:b0:aa:e5:eb:df:b9:fb:5b:
c9:f8:31:35:d2:77:ff:e0:ce:51:a2:96:d9:c6:82:
ce:fa:bb:17:c7:e8:9f:bf:9e:eb:3c:3e:41:3c:3e:
cb:3a:9f:d6:68:58:a8:80:14:05:43:b2:f6:73:d6:
87:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2B:BD:27:DE:98:9B:D7:CA:6B:E4:4D:1D:8A:7C:AA:5C:0D:EB:F1
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/42D8C97EB8F911EDAE5B9FF7F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.236.0/24
Signature Algorithm: sha256WithRSAEncryption
09:27:85:51:79:c5:f8:ca:25:a7:c1:cc:9e:c6:bb:db:23:2f:
ec:51:96:c8:8f:c5:6a:23:dc:1c:d4:00:90:7b:8b:ec:2a:8b:
4a:af:67:e8:65:c3:89:e8:ae:b5:cb:5f:c9:1b:2a:0c:c1:8e:
07:e8:70:0e:4c:cb:b5:03:11:45:fe:2a:4c:a9:2c:db:a5:31:
c2:78:ef:80:3e:a7:de:fc:ac:27:9d:cd:eb:b9:4d:c2:2b:db:
43:ad:d6:39:9c:89:23:d9:d3:7f:f0:96:fa:bc:02:74:5f:07:
d3:49:3d:7f:9a:c5:cb:27:05:d2:38:85:fd:85:3e:b7:d4:12:
20:e2:64:d4:ff:3b:7a:3b:b5:26:20:04:b7:53:d3:d7:e5:82:
ca:a6:8e:dd:21:7b:43:c4:b9:de:48:d6:ba:08:72:b5:7d:55:
c9:b7:4c:6d:d0:d7:00:33:96:bf:1e:de:8f:61:bd:4e:05:67:
05:10:50:6b:a0:9f:0a:d0:ea:b5:f5:69:39:4c:ef:64:ed:27:
00:9e:d0:70:af:db:cd:41:e0:cc:3f:a0:e4:7e:04:ed:70:48:
0f:9f:09:a6:df:6b:a0:bb:d3:80:62:a6:58:f1:c7:89:1d:d9:
4c:94:b2:73:5e:10:d7:5c:f6:b8:45:96:23:f8:0c:e0:c4:26:
da:e8:84:07
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDLowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMjUzMzlaFw0yNTAzMDExMjUzMzlaMBgxFjAU
BgNVBAMMDTY0MDA5YzU3LTUwZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBIOw8vAMPIDbA5HArolBtx+aBfryhQxRkam79Q/mzTZiw2WghF7f2Tj4O
g/yTOjAnxbfJhSQiYOxDoxpl5y+gP8Q2777a9Fg1LGj/oHnPoI6orBMwfwyxltHI
aXnwk6lfQBXzJHzVv+zob9I4d/bd3t8qyYAumK5ud7DpeGJ885vEre8QBQ+P/NsR
hapDV/rB0vefpD4GKgYKdSPwIDdfwV/DsN2CNc+iuKsgc6yEc0/kTX5Z9/nn2X7T
/a0AFq44DKPKLmNz0+CwquXr37n7W8n4MTXSd//gzlGiltnGgs76uxfH6J+/nus8
PkE8Pss6n9ZoWKiAFAVDsvZz1ofxAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU5iu9
J96Ym9fKa+RNHYp8qlwN6/EwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzQyRDhDOTdFQjhGOTExRURBRTVCOUZGN0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOwwDQYJKoZIhvcNAQEL
BQADggEBAAknhVF5xfjKJafBzJ7Gu9sjL+xRlsiPxWoj3BzUAJB7i+wqi0qvZ+hl
w4norrXLX8kbKgzBjgfocA5My7UDEUX+KkypLNulMcJ474A+p978rCedzeu5TcIr
20Ot1jmciSPZ03/wlvq8AnRfB9NJPX+axcsnBdI4hf2FPrfUEiDiZNT/O3o7tSYg
BLdT09flgsqmjt0he0PEud5I1roIcrV9Vcm3TG3Q1wAzlr8e3o9hvU4FZwUQUGug
nwrQ6rX1aTlM72TtJwCe0HCv281B4Mw/oOR+BO1wSA+fCabfa6C704Bipljxx4kd
2UyUsnNeENdc9rhFliP4DODEJtrohAc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:20 2025 by rpki-client