Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5F8B4C36016811F083648983762E951A.roa
File: 5F8B4C36016811F083648983762E951A.roa (raw, json)
Hash identifier: aksZ4rqns6pbqS/Gem6FPq6ZVLqQaSXiR9OD2g29+WU=
Subject key identifier: EE:31:CF:BA:60:B5:06:56:51:10:E3:2C:A5:EE:73:78:5D:90:A9:ED
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A4C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5F8B4C36016811F083648983762E951A.roa
Signing time: Sat 15 Mar 2025 06:40:24 +0000
ROA not before: Sat 15 Mar 2025 06:40:20 +0000
ROA not after: Mon 15 Mar 2027 06:40:20 +0000
asID: 834
IP address blocks: 154.16.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6732 (0x1a4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 15 06:40:20 2025 GMT
Not After : Mar 15 06:40:20 2027 GMT
Subject: CN=67d520d8-9731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f9:44:c9:4a:b8:9d:75:6a:5e:be:1e:79:a9:
b0:94:b0:39:9b:18:94:f4:9c:51:25:68:4e:41:89:
23:07:fa:ea:6c:5a:06:e0:30:53:78:d6:cc:c2:d5:
1b:b3:21:ee:a8:57:fc:2b:8b:f0:5a:d4:dc:46:59:
82:98:f3:49:15:32:48:79:6e:02:9e:ac:fd:cf:60:
01:dd:a2:14:53:c9:f1:3a:5e:c7:fa:c9:37:7f:21:
c8:e6:88:69:99:4e:9b:75:f6:e9:44:79:6d:3f:a2:
61:aa:4e:3e:55:e2:06:7d:9b:48:1b:55:33:19:fb:
fc:40:d8:ee:91:b6:e3:24:46:be:c9:61:af:94:c4:
3b:da:4f:5d:bd:71:20:34:4c:c6:2d:0e:a2:fe:ce:
c2:ca:ef:48:85:94:f1:81:4b:06:0d:6c:4e:5c:20:
68:f3:a0:7c:18:c4:c8:6d:30:ff:cb:ab:29:4c:54:
50:85:22:68:a3:c0:1a:0c:6d:32:fa:0c:f5:7b:f8:
17:61:93:a6:78:a9:ed:0d:94:fb:cc:57:f2:d0:de:
08:94:d6:6c:ec:d3:a3:2c:3a:cf:cd:50:61:63:82:
ac:fa:51:8f:c3:94:02:79:8f:76:aa:61:6f:e9:40:
46:0d:15:40:e8:f6:4b:a6:50:ef:12:2a:fc:5b:50:
38:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:31:CF:BA:60:B5:06:56:51:10:E3:2C:A5:EE:73:78:5D:90:A9:ED
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5F8B4C36016811F083648983762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.254.0/24
Signature Algorithm: sha256WithRSAEncryption
98:8f:95:7b:e4:7d:12:2a:de:54:ca:0f:8f:c9:25:0d:5a:3f:
b2:78:7c:09:6a:23:56:55:e8:9f:59:22:01:00:36:98:3d:6c:
02:c9:4b:bc:c0:23:37:fb:46:53:d1:ee:af:fb:68:07:ad:87:
33:50:94:e9:f0:f3:c7:5c:16:c2:58:c4:ed:b6:ea:f8:7f:82:
cf:1c:b6:4e:80:33:0f:c8:6e:c4:10:1c:d9:3c:04:5a:54:9b:
69:7f:d1:8d:ec:c1:f2:53:f6:06:13:15:3f:be:dc:86:fb:28:
e0:52:c2:9a:be:14:2f:7c:c5:a4:29:83:b4:d7:53:5d:b7:25:
22:01:ee:f2:67:61:c1:80:d3:ea:11:0d:51:f9:38:0e:6f:07:
19:b2:16:8a:44:b6:96:00:ae:65:37:d6:e8:74:1b:cc:e4:e8:
e9:88:99:3b:ff:7f:e6:8c:76:6e:5a:a0:29:e8:80:8c:2f:d4:
a0:5c:57:36:64:8b:3a:6e:87:bc:59:68:3a:91:1c:f0:8c:be:
1c:c4:27:30:31:f3:2b:8a:76:74:1c:03:64:8a:00:a4:30:b3:
82:d5:db:42:e5:4b:f3:ea:bf:21:df:83:9f:82:91:2c:68:53:
56:f1:4b:fb:5f:6b:4e:45:ed:9d:07:a9:ba:64:59:5f:a5:29:
cd:ba:a5:d8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGkwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAzMTUwNjQwMjBaFw0yNzAzMTUwNjQwMjBaMBgxFjAU
BgNVBAMTDTY3ZDUyMGQ4LTk3MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDK+UTJSriddWpevh55qbCUsDmbGJT0nFElaE5BiSMH+upsWgbgMFN41szC
1RuzIe6oV/wri/Ba1NxGWYKY80kVMkh5bgKerP3PYAHdohRTyfE6Xsf6yTd/Icjm
iGmZTpt19ulEeW0/omGqTj5V4gZ9m0gbVTMZ+/xA2O6RtuMkRr7JYa+UxDvaT129
cSA0TMYtDqL+zsLK70iFlPGBSwYNbE5cIGjzoHwYxMhtMP/LqylMVFCFImijwBoM
bTL6DPV7+Bdhk6Z4qe0NlPvMV/LQ3giU1mzs06MsOs/NUGFjgqz6UY/DlAJ5j3aq
YW/pQEYNFUDo9kumUO8SKvxbUDjRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU7jHP
umC1BlZREOMspe5zeF2Qqe0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzVGOEI0QzM2MDE2ODExRjA4MzY0ODk4Mzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEP4wDQYJKoZIhvcNAQEL
BQADggEBAJiPlXvkfRIq3lTKD4/JJQ1aP7J4fAlqI1ZV6J9ZIgEANpg9bALJS7zA
Izf7RlPR7q/7aAethzNQlOnw88dcFsJYxO226vh/gs8ctk6AMw/IbsQQHNk8BFpU
m2l/0Y3swfJT9gYTFT++3Ib7KOBSwpq+FC98xaQpg7TXU123JSIB7vJnYcGA0+oR
DVH5OA5vBxmyFopEtpYArmU31uh0G8zk6OmImTv/f+aMdm5aoCnogIwv1KBcVzZk
izpuh7xZaDqRHPCMvhzEJzAx8yuKdnQcA2SKAKQws4LV20LlS/PqvyHfg5+CkSxo
U1bxS/tfa05F7Z0HqbpkWV+lKc26pdg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:04 2025 by rpki-client