Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5F13B40ABEA111EFA5546F75762E951A.roa
File: 5F13B40ABEA111EFA5546F75762E951A.roa (raw, json)
Hash identifier: T3vevylB4V2VCHMBQvgT2kuatSy0qo32m5ztssBlVDw=
Subject key identifier: 7A:6A:2C:27:89:24:99:74:76:38:96:1E:17:A0:DC:01:A4:F1:A2:69
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1949
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5F13B40ABEA111EFA5546F75762E951A.roa
Signing time: Fri 20 Dec 2024 07:09:37 +0000
ROA not before: Fri 20 Dec 2024 07:09:33 +0000
ROA not after: Sun 20 Dec 2026 07:09:33 +0000
asID: 834
IP address blocks: 154.16.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6473 (0x1949)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 20 07:09:33 2024 GMT
Not After : Dec 20 07:09:33 2026 GMT
Subject: CN=67651831-d7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5c:d4:fa:30:b1:21:63:fb:1a:53:bb:eb:f5:
84:ee:52:ce:5a:bc:62:55:ff:6c:37:22:73:aa:c9:
f1:92:0b:91:a8:e0:c6:ae:37:f9:ac:c8:19:04:7b:
2f:2a:7f:e0:ba:bd:e9:21:2e:e1:fa:f1:1a:7f:8f:
00:f5:5f:67:61:bb:6e:58:e6:74:f1:b8:bb:11:e1:
ec:2e:c1:65:c3:30:72:32:df:38:e5:50:e1:4f:c6:
36:e1:08:76:9a:d3:d5:ce:12:25:7e:18:4d:1b:4b:
21:a6:f3:0d:de:2a:5f:ee:4b:1f:86:ea:a5:07:da:
7f:37:7f:9e:1c:fb:52:a1:5c:96:8b:4a:0a:13:8c:
e3:42:4c:6c:a9:61:4f:23:3e:15:bb:7e:c9:01:9c:
f2:d7:13:52:11:71:5a:5a:9a:50:f2:a5:7b:a0:7d:
82:7b:b7:26:3a:74:4e:6f:e0:58:4f:54:a5:8c:52:
70:9d:73:14:80:60:20:b3:e7:6a:e6:18:55:4f:aa:
c0:ef:ed:b3:51:9d:8d:59:4a:33:61:be:d1:f5:af:
cc:98:f4:1d:82:b2:3a:86:29:4f:af:95:f5:aa:97:
82:8e:9f:02:ac:60:7a:06:3a:e1:67:cf:29:4b:9e:
e5:6d:bd:5c:8c:35:59:63:97:42:71:49:25:66:32:
f1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:6A:2C:27:89:24:99:74:76:38:96:1E:17:A0:DC:01:A4:F1:A2:69
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5F13B40ABEA111EFA5546F75762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.132.0/24
Signature Algorithm: sha256WithRSAEncryption
17:b0:40:77:bc:e1:dd:6f:89:77:f6:4b:ff:ea:d6:79:eb:64:
76:c2:3b:08:b8:a0:70:48:7a:49:9a:c2:83:dc:4a:92:c9:47:
90:ea:f1:f8:6e:a4:44:5c:e9:28:fb:44:c1:b6:3b:ef:a5:f1:
1c:ef:4b:e7:a7:64:c3:69:be:3e:2e:95:0e:ea:af:0c:05:72:
6b:11:40:70:29:1b:48:c2:2f:91:a6:0b:3c:43:05:3e:0a:58:
45:8b:dd:c0:b2:62:ea:7f:85:16:79:d9:c6:1d:67:ea:e3:6f:
16:4f:ac:be:8d:5b:0d:f3:c8:8f:40:4b:bd:cd:29:7c:50:bd:
d4:97:7e:ce:6a:81:23:1a:7c:c4:5b:0e:14:20:31:1a:46:17:
17:5e:53:55:7d:45:e0:ec:78:8b:62:56:48:79:74:fe:65:c5:
02:be:c1:46:1e:66:f7:e5:21:78:24:95:dd:e5:f8:33:a8:6a:
25:73:df:c2:f0:77:c5:93:2f:f3:f3:e9:0f:27:95:a4:c0:46:
78:6b:2d:c0:91:37:3b:33:78:d2:81:e0:c4:a6:77:13:14:3c:
60:fc:b4:45:e7:6f:a2:01:fd:6e:08:66:4e:b6:51:56:bd:8f:
52:f0:1d:77:ee:9f:cd:dd:3f:c0:89:02:0f:9a:48:f9:8a:60:
c8:ba:c4:2c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGUkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjAwNzA5MzNaFw0yNjEyMjAwNzA5MzNaMBgxFjAU
BgNVBAMTDTY3NjUxODMxLWQ3Y2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGXNT6MLEhY/saU7vr9YTuUs5avGJV/2w3InOqyfGSC5Go4MauN/msyBkE
ey8qf+C6vekhLuH68Rp/jwD1X2dhu25Y5nTxuLsR4ewuwWXDMHIy3zjlUOFPxjbh
CHaa09XOEiV+GE0bSyGm8w3eKl/uSx+G6qUH2n83f54c+1KhXJaLSgoTjONCTGyp
YU8jPhW7fskBnPLXE1IRcVpamlDypXugfYJ7tyY6dE5v4FhPVKWMUnCdcxSAYCCz
52rmGFVPqsDv7bNRnY1ZSjNhvtH1r8yY9B2CsjqGKU+vlfWql4KOnwKsYHoGOuFn
zylLnuVtvVyMNVljl0JxSSVmMvFvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUemos
J4kkmXR2OJYeF6DcAaTxomkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzVGMTNCNDBBQkVBMTExRUZBNTU0NkY3NTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIQwDQYJKoZIhvcNAQEL
BQADggEBABewQHe84d1viXf2S//q1nnrZHbCOwi4oHBIekmawoPcSpLJR5Dq8fhu
pERc6Sj7RMG2O++l8RzvS+enZMNpvj4ulQ7qrwwFcmsRQHApG0jCL5GmCzxDBT4K
WEWL3cCyYup/hRZ52cYdZ+rjbxZPrL6NWw3zyI9AS73NKXxQvdSXfs5qgSMafMRb
DhQgMRpGFxdeU1V9ReDseItiVkh5dP5lxQK+wUYeZvflIXgkld3l+DOoaiVz38Lw
d8WTL/Pz6Q8nlaTARnhrLcCRNzszeNKB4MSmdxMUPGD8tEXnb6IB/W4IZk62UVa9
j1LwHXfun83dP8CJAg+aSPmKYMi6xCw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:02:45 2025 by rpki-client