Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/567F7EA8EE1411EFB3E0B292762E951A.roa
File: 567F7EA8EE1411EFB3E0B292762E951A.roa (raw, json)
Hash identifier: gmEVRBVBaCK5773NNksCEqosLM98cuHY4wDtpFL3mVA=
Subject key identifier: A5:DE:E0:46:AD:20:30:2F:50:97:2B:54:AA:AA:87:12:5F:7D:7A:CC
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 19EB
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/567F7EA8EE1411EFB3E0B292762E951A.roa
Signing time: Tue 18 Feb 2025 16:20:59 +0000
ROA not before: Tue 18 Feb 2025 16:20:55 +0000
ROA not after: Sat 20 Feb 2027 16:20:55 +0000
asID: 61317
IP address blocks: 154.16.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6635 (0x19eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 18 16:20:55 2025 GMT
Not After : Feb 20 16:20:55 2027 GMT
Subject: CN=67b4b36b-6f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:f9:fa:33:56:da:aa:81:7f:aa:6e:d4:76:5c:
d3:3b:5d:84:8a:46:de:2d:8e:56:8d:6b:24:cd:9d:
96:6b:ea:56:4c:f9:6e:b6:a5:4d:f9:3d:d5:85:ef:
e9:18:fc:86:fd:0e:ce:c7:db:b9:a6:33:24:c1:bd:
d1:6f:1a:d5:33:30:c9:89:84:d7:bf:24:3b:d8:ef:
79:6f:7e:8c:ec:0f:1d:86:4a:55:df:bd:93:0d:25:
75:8d:5f:32:89:23:e4:06:18:94:7b:af:08:d5:9c:
af:2c:fa:e5:c5:a3:6b:c5:8b:eb:94:d4:9d:90:e9:
e3:15:00:09:0d:41:37:1a:99:65:2a:ec:13:a3:5c:
28:de:53:ca:d8:da:81:c6:de:87:f7:cc:e2:50:52:
2f:3d:5c:c4:b7:1c:4b:70:f6:50:d0:7b:e3:ea:1e:
aa:a5:52:6a:2b:77:19:3e:e9:d8:83:48:d7:e0:86:
db:1b:7b:61:d2:61:e5:11:26:c6:c4:43:44:96:37:
ce:32:70:5f:a5:54:09:64:ee:ba:db:18:54:66:f0:
26:43:27:87:53:02:c3:3c:bf:e0:d9:1f:5c:42:40:
f1:58:51:40:0d:c7:32:f0:3e:55:45:dd:15:c0:9b:
ec:c2:fb:ed:21:81:24:fa:5e:1b:ac:22:3d:87:69:
2d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:DE:E0:46:AD:20:30:2F:50:97:2B:54:AA:AA:87:12:5F:7D:7A:CC
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/567F7EA8EE1411EFB3E0B292762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.138.0/24
Signature Algorithm: sha256WithRSAEncryption
94:aa:21:51:c7:5c:9d:50:60:29:85:8b:27:1a:67:6a:7a:32:
1e:30:bf:ec:ff:8c:1f:2d:c6:02:2e:47:9e:d0:ce:52:cb:58:
12:83:7c:d9:8d:4c:fe:18:e2:5c:9e:f4:88:9a:4e:41:ba:8c:
55:e1:5e:68:01:1d:43:10:4e:ad:11:58:92:92:0b:43:02:3e:
1a:c8:71:bd:f3:b0:39:41:6c:85:50:bb:a5:f5:19:8e:4b:01:
4a:e0:92:9c:da:d8:7e:7b:c5:96:6b:bc:3b:f7:ef:5f:97:59:
2b:1e:3b:21:d0:d9:78:a9:2d:70:d9:1c:1f:43:ae:d3:cd:a2:
e0:e2:e2:bd:f3:a0:36:a5:2f:41:ec:c7:bc:fa:21:8b:16:21:
b2:86:46:cf:a3:a1:64:31:50:00:cb:f9:f5:57:af:4f:1e:00:
e2:2e:3d:f3:c5:2c:f3:fb:26:00:2a:68:56:1b:18:6d:df:8e:
83:21:d7:61:41:24:a2:56:af:66:8c:62:25:fb:7f:6c:56:d8:
45:d2:f1:01:09:97:be:56:26:75:31:c7:1f:8c:f5:d8:31:58:
fa:a4:d5:73:f3:ca:ee:e2:ea:9c:f6:d8:0b:db:6d:99:32:35:
09:9a:0c:fa:54:ce:f4:3f:31:04:4e:79:08:e6:a0:76:33:7b:
25:ca:cb:b4
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGeswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMTgxNjIwNTVaFw0yNzAyMjAxNjIwNTVaMBgxFjAU
BgNVBAMTDTY3YjRiMzZiLTZmNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD3+fozVtqqgX+qbtR2XNM7XYSKRt4tjlaNayTNnZZr6lZM+W62pU35PdWF
7+kY/Ib9Ds7H27mmMyTBvdFvGtUzMMmJhNe/JDvY73lvfozsDx2GSlXfvZMNJXWN
XzKJI+QGGJR7rwjVnK8s+uXFo2vFi+uU1J2Q6eMVAAkNQTcamWUq7BOjXCjeU8rY
2oHG3of3zOJQUi89XMS3HEtw9lDQe+PqHqqlUmordxk+6diDSNfghtsbe2HSYeUR
JsbEQ0SWN84ycF+lVAlk7rrbGFRm8CZDJ4dTAsM8v+DZH1xCQPFYUUANxzLwPlVF
3RXAm+zC++0hgST6XhusIj2HaS1jAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUpd7g
Rq0gMC9QlytUqqqHEl99eswwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzU2N0Y3RUE4RUUxNDExRUZCM0UwQjI5Mjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIowDQYJKoZIhvcNAQEL
BQADggEBAJSqIVHHXJ1QYCmFiycaZ2p6Mh4wv+z/jB8txgIuR57QzlLLWBKDfNmN
TP4Y4lye9IiaTkG6jFXhXmgBHUMQTq0RWJKSC0MCPhrIcb3zsDlBbIVQu6X1GY5L
AUrgkpza2H57xZZrvDv371+XWSseOyHQ2XipLXDZHB9DrtPNouDi4r3zoDalL0Hs
x7z6IYsWIbKGRs+joWQxUADL+fVXr08eAOIuPfPFLPP7JgAqaFYbGG3fjoMh12FB
JKJWr2aMYiX7f2xW2EXS8QEJl75WJnUxxx+M9dgxWPqk1XPzyu7i6pz22AvbbZky
NQmaDPpUzvQ/MQROeQjmoHYzeyXKy7Q=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:51 2025 by rpki-client