Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4CE36DACE86911EE932D88A4775412E6.roa
File: 4CE36DACE86911EE932D88A4775412E6.roa (raw, json)
Hash identifier: g40vlzldgnrEZJDABebnuOX+r7LC0RrXe2TBsvJrJl4=
Subject key identifier: C8:24:48:AE:CB:99:27:F5:5E:4B:58:EC:D3:0D:AD:B1:AD:3E:0A:7A
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1573
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4CE36DACE86911EE932D88A4775412E6.roa
Signing time: Fri 22 Mar 2024 16:29:05 +0000
ROA not before: Fri 22 Mar 2024 16:29:02 +0000
ROA not after: Sun 22 Mar 2026 16:29:02 +0000
asID: 29802
IP address blocks: 154.16.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5491 (0x1573)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 22 16:29:02 2024 GMT
Not After : Mar 22 16:29:02 2026 GMT
Subject: CN=65fdb1d1-7b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:1e:19:4b:3a:71:6e:bf:f5:1f:d3:a7:42:
ba:6c:b6:30:37:b8:ad:27:0c:bb:9c:a4:ac:b4:5f:
7d:30:ff:a1:3c:a8:cf:65:ba:3e:8e:f2:e5:19:c6:
cc:b8:4f:59:45:52:60:46:28:2c:60:a8:16:79:64:
46:2f:95:af:c0:dc:8e:ae:42:15:f7:96:e5:bd:47:
4b:37:33:f9:b6:fa:46:c9:96:d9:40:07:f6:29:66:
04:cc:7b:cb:2d:af:ca:d8:38:6f:d4:2b:a4:6d:3d:
d7:d0:ed:41:40:62:ac:72:cd:33:a1:ac:2d:ae:8f:
bf:0f:6e:8f:0c:5c:c1:ae:34:42:81:c9:bc:91:e2:
c5:8f:06:af:95:fc:bf:54:86:e8:80:fa:17:33:e9:
2b:c3:1e:13:76:1e:02:30:0d:76:91:54:d3:6d:b6:
d2:ab:a1:4c:9d:d3:bc:96:97:35:42:0d:98:ce:ce:
cb:da:51:61:c2:05:a2:2b:6a:06:5d:30:c0:90:11:
cd:db:ac:5c:ed:04:b7:91:2e:ac:7c:29:ca:95:1b:
df:d1:3b:95:27:b1:ec:5a:83:f9:b1:e2:09:ef:a7:
c9:55:4a:ae:71:63:a2:70:71:cd:59:44:ad:45:c9:
20:a7:c9:c3:32:c5:76:42:aa:8a:7f:13:74:68:f4:
90:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:24:48:AE:CB:99:27:F5:5E:4B:58:EC:D3:0D:AD:B1:AD:3E:0A:7A
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4CE36DACE86911EE932D88A4775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.215.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ee:bb:78:64:db:4a:04:0f:cc:81:9d:8f:81:0e:ff:d9:9f:
be:27:60:f5:fb:03:ec:8d:37:4b:19:3b:91:23:b5:cd:5b:7b:
fb:5a:62:3c:cc:b9:ae:f4:59:a4:03:6c:56:2d:7b:31:2a:f9:
3c:d0:42:c6:69:27:c1:c0:b7:0f:bb:8a:ee:a8:c0:70:de:37:
c0:f5:69:58:4e:0a:c6:f2:8e:d4:6e:8d:1e:c5:cf:39:b8:b9:
91:c0:68:21:e5:aa:43:0c:7a:a2:5e:36:72:ad:f0:50:05:fc:
22:70:24:32:24:0d:6e:4a:e0:44:88:58:c1:2e:92:f6:c3:3f:
7d:1f:a0:b2:44:38:e6:88:84:08:6d:7b:d3:4b:92:82:35:da:
57:c1:9d:ea:8b:69:2c:c2:4a:94:69:7b:36:70:64:2d:6a:e9:
ff:1f:58:2b:24:34:be:75:ed:23:ee:9e:7d:d4:00:04:bf:5e:
bc:f5:c8:23:d2:e8:45:43:cc:20:34:05:69:02:8b:06:77:44:
ee:76:17:dc:3d:c8:6e:c5:8b:1b:1e:0d:25:46:f9:e9:eb:e2:
e7:6c:51:8a:92:3d:b3:32:b1:78:6f:2c:86:bc:9d:bf:05:63:
ac:8b:65:a7:5d:4d:79:28:7b:48:ea:6b:d3:0c:f5:b3:a2:57:
2a:00:ba:0e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFXMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMjIxNjI5MDJaFw0yNjAzMjIxNjI5MDJaMBgxFjAU
BgNVBAMTDTY1ZmRiMWQxLTdiOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCb4B4ZSzpxbr/1H9OnQrpstjA3uK0nDLucpKy0X30w/6E8qM9luj6O8uUZ
xsy4T1lFUmBGKCxgqBZ5ZEYvla/A3I6uQhX3luW9R0s3M/m2+kbJltlAB/YpZgTM
e8str8rYOG/UK6RtPdfQ7UFAYqxyzTOhrC2uj78Pbo8MXMGuNEKBybyR4sWPBq+V
/L9UhuiA+hcz6SvDHhN2HgIwDXaRVNNtttKroUyd07yWlzVCDZjOzsvaUWHCBaIr
agZdMMCQEc3brFztBLeRLqx8KcqVG9/RO5Unsexag/mx4gnvp8lVSq5xY6Jwcc1Z
RK1FySCnycMyxXZCqop/E3Ro9JD5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUyCRI
rsuZJ/VeS1js0w2tsa0+CnowHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzRDRTM2REFDRTg2OTExRUU5MzJEODhBNDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENcwDQYJKoZIhvcNAQEL
BQADggEBAIjuu3hk20oED8yBnY+BDv/Zn74nYPX7A+yNN0sZO5Ejtc1be/taYjzM
ua70WaQDbFYtezEq+TzQQsZpJ8HAtw+7iu6owHDeN8D1aVhOCsbyjtRujR7Fzzm4
uZHAaCHlqkMMeqJeNnKt8FAF/CJwJDIkDW5K4ESIWMEukvbDP30foLJEOOaIhAht
e9NLkoI12lfBneqLaSzCSpRpezZwZC1q6f8fWCskNL517SPunn3UAAS/Xrz1yCPS
6EVDzCA0BWkCiwZ3RO52F9w9yG7FixseDSVG+enr4udsUYqSPbMysXhvLIa8nb8F
Y6yLZaddTXkoe0jqa9MM9bOiVyoAug4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:18 2025 by rpki-client