Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5E59D900C44A11EF98AFA355762E951A.roa
File: 5E59D900C44A11EF98AFA355762E951A.roa (raw, json)
Hash identifier: Xp3361Gwy9YhOMbSLuL/nEa+pBZysmd7udRCPAw/yJc=
Subject key identifier: 75:7F:94:A3:87:9A:A5:DC:16:5A:30:1F:3D:C6:8B:1B:31:F8:8D:0B
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1971
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5E59D900C44A11EF98AFA355762E951A.roa
Signing time: Fri 27 Dec 2024 12:01:56 +0000
ROA not before: Fri 27 Dec 2024 12:01:52 +0000
ROA not after: Sun 27 Dec 2026 12:01:52 +0000
asID: 400040
IP address blocks: 154.16.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6513 (0x1971)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 27 12:01:52 2024 GMT
Not After : Dec 27 12:01:52 2026 GMT
Subject: CN=676e9734-d09a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:42:81:e1:4d:a3:d6:c1:e8:39:87:14:63:76:
dc:7f:9e:fb:52:e0:df:40:c6:b8:02:ae:2a:7f:82:
c0:c4:f7:98:60:34:43:7a:16:10:15:cd:51:55:fe:
d6:1e:ac:2c:73:eb:d2:3f:ea:04:b9:6d:cb:96:7b:
43:6a:8c:3a:e9:fa:9e:c2:6d:4a:e1:e5:a0:08:ed:
a3:cb:2e:04:35:19:3e:a3:7c:04:be:39:aa:c0:e7:
61:ca:e1:68:13:99:74:f0:0d:af:c9:00:8f:f2:e8:
c1:0b:82:30:18:ef:e4:f1:ae:46:21:00:ff:52:79:
88:85:4c:2e:6f:4f:77:0e:08:83:b5:09:6f:27:49:
14:a4:53:1a:fe:62:ec:83:61:76:f3:01:ba:ee:63:
a0:ad:52:61:0d:3b:f0:c7:52:d8:bc:66:5b:4e:c0:
2d:35:de:4c:95:e4:5f:58:16:e0:04:36:9e:20:53:
12:ac:28:da:e3:3e:bb:ec:83:d3:11:2c:69:5c:54:
56:c1:1c:0b:31:79:66:16:8e:70:58:18:01:a5:a6:
7a:c6:d8:54:45:24:b7:7e:52:d0:3d:3b:16:89:70:
86:39:7f:8e:2e:8f:79:1f:8f:f8:e5:03:c8:e9:7b:
3c:77:5c:8f:dc:57:c2:be:64:34:36:66:15:b7:15:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:7F:94:A3:87:9A:A5:DC:16:5A:30:1F:3D:C6:8B:1B:31:F8:8D:0B
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5E59D900C44A11EF98AFA355762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.184.0/24
Signature Algorithm: sha256WithRSAEncryption
45:72:32:b3:7f:9a:46:18:1a:e3:3a:04:bc:83:25:7b:6c:a0:
55:d5:07:26:88:fc:16:91:5f:bd:ab:c4:4e:29:7a:b4:49:15:
d7:b7:f8:3b:9f:64:0c:c8:e9:55:cd:b1:3e:05:65:46:79:7e:
6e:93:6f:57:43:39:67:29:e1:4f:91:51:27:a3:b3:e8:4f:47:
8c:8e:59:b9:35:93:fe:31:21:75:ca:4f:67:55:27:a0:de:54:
67:57:ae:a4:f9:2a:e4:05:18:df:ae:ce:7a:c0:f1:2d:93:dd:
8b:e4:79:bb:73:f2:4e:3d:4b:f8:d2:25:8e:4a:a1:4f:9f:83:
4b:2c:60:0c:59:48:4e:0b:cd:d5:47:38:c8:a5:e2:70:2a:6e:
ba:98:e7:ec:07:0d:02:90:6c:d7:b8:60:9e:43:71:45:eb:09:
b1:dc:36:70:66:6e:e7:2d:eb:19:46:d5:44:65:7b:fa:62:63:
d4:06:fa:e4:e0:a3:94:57:f4:59:69:82:9d:61:91:05:44:3f:
a8:1e:25:5c:46:56:d3:9a:d3:5e:ec:42:10:93:c3:9d:b5:1b:
b5:e4:18:a1:d1:b6:38:04:74:fe:f6:bf:ed:37:77:d7:12:d4:
94:1f:b3:15:88:a9:80:eb:4d:f7:75:42:27:e6:8c:91:bb:c2:
e8:9c:9d:bc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGXEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjcxMjAxNTJaFw0yNjEyMjcxMjAxNTJaMBgxFjAU
BgNVBAMTDTY3NmU5NzM0LWQwOWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCmQoHhTaPWweg5hxRjdtx/nvtS4N9AxrgCrip/gsDE95hgNEN6FhAVzVFV
/tYerCxz69I/6gS5bcuWe0NqjDrp+p7CbUrh5aAI7aPLLgQ1GT6jfAS+OarA52HK
4WgTmXTwDa/JAI/y6MELgjAY7+TxrkYhAP9SeYiFTC5vT3cOCIO1CW8nSRSkUxr+
YuyDYXbzAbruY6CtUmENO/DHUti8ZltOwC013kyV5F9YFuAENp4gUxKsKNrjPrvs
g9MRLGlcVFbBHAsxeWYWjnBYGAGlpnrG2FRFJLd+UtA9OxaJcIY5f44uj3kfj/jl
A8jpezx3XI/cV8K+ZDQ2ZhW3FefBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdX+U
o4eapdwWWjAfPcaLGzH4jQswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzVFNTlEOTAwQzQ0QTExRUY5OEFGQTM1NTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaELgwDQYJKoZIhvcNAQEL
BQADggEBAEVyMrN/mkYYGuM6BLyDJXtsoFXVByaI/BaRX72rxE4perRJFde3+Duf
ZAzI6VXNsT4FZUZ5fm6Tb1dDOWcp4U+RUSejs+hPR4yOWbk1k/4xIXXKT2dVJ6De
VGdXrqT5KuQFGN+uznrA8S2T3Yvkebtz8k49S/jSJY5KoU+fg0ssYAxZSE4LzdVH
OMil4nAqbrqY5+wHDQKQbNe4YJ5DcUXrCbHcNnBmbuct6xlG1URle/piY9QG+uTg
o5RX9Flpgp1hkQVEP6geJVxGVtOa017sQhCTw521G7XkGKHRtjgEdP72v+03d9cS
1JQfsxWIqYDrTfd1QifmjJG7wuicnbw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:54:43 2025 by rpki-client