Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/65F47058A7EE11EF9C00538A762E951A.roa
File: 65F47058A7EE11EF9C00538A762E951A.roa (raw, json)
Hash identifier: ifSRp8Fzd2rudOJtr+3vm19HESDAhBFe9VyZXT7NkTQ=
Subject key identifier: 00:05:14:0D:EF:10:87:82:52:AC:E4:03:C1:9E:87:C0:BB:66:0F:86
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 18FB
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/65F47058A7EE11EF9C00538A762E951A.roa
Signing time: Thu 21 Nov 2024 09:53:03 +0000
ROA not before: Thu 21 Nov 2024 09:52:59 +0000
ROA not after: Sat 21 Nov 2026 09:52:59 +0000
asID: 62240
IP address blocks: 154.16.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6395 (0x18fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Nov 21 09:52:59 2024 GMT
Not After : Nov 21 09:52:59 2026 GMT
Subject: CN=673f02ff-de5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ea:e6:5f:22:16:45:b9:31:12:84:ca:0b:c8:
87:d7:ab:f0:89:07:36:a2:8d:cf:73:d1:ec:a9:64:
64:bf:d1:30:12:88:b6:d4:c0:f6:aa:60:ff:6a:32:
7f:23:99:12:ed:17:3e:a3:bb:b7:a9:6d:2e:7b:0a:
bd:df:5d:46:57:e6:f6:61:71:21:58:67:c7:1e:21:
b4:1e:1a:4f:53:9a:26:0f:e4:93:e3:cd:30:86:85:
98:c8:b0:65:06:52:76:f3:c4:07:fe:5a:13:4b:6e:
a0:06:1d:d4:69:ce:d8:b0:bb:b4:a5:ed:09:ed:84:
80:3f:eb:26:1d:de:53:7f:5d:11:7e:2d:77:f0:0b:
0f:b8:61:c4:e2:17:da:68:a2:b5:3a:3f:11:31:3e:
c1:31:23:52:09:f6:d9:16:2e:1f:75:2b:fc:1f:31:
12:ec:7e:6b:2b:3f:60:79:51:33:44:d6:d5:af:4e:
d6:a1:79:5b:86:83:47:0b:a9:fb:89:94:89:ab:b8:
e8:9a:42:a6:26:f1:12:b8:49:0d:b0:8f:6d:a1:20:
e0:25:4e:65:65:25:bb:a1:5c:dd:68:1a:82:67:f9:
b9:2c:4c:0e:f6:66:de:40:38:42:61:2e:67:75:9e:
a0:27:18:2e:bd:73:c7:4e:01:cb:b8:eb:7f:5e:33:
a5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:05:14:0D:EF:10:87:82:52:AC:E4:03:C1:9E:87:C0:BB:66:0F:86
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/65F47058A7EE11EF9C00538A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.141.0/24
Signature Algorithm: sha256WithRSAEncryption
28:de:ae:16:06:27:56:e1:e0:ca:33:ec:ba:55:cb:c4:7c:39:
8f:21:3b:2f:f9:f5:c4:d1:3d:29:8f:d1:45:8c:ab:1d:fd:54:
c0:34:50:eb:43:71:ea:38:b7:38:ea:a4:0b:ed:ff:f7:47:9b:
82:1d:c9:3f:e2:2e:23:2f:66:10:0f:25:45:54:ee:95:90:64:
3c:09:71:5b:de:a6:ff:7d:37:f2:e4:a5:ea:8c:4d:bb:53:8d:
dd:d7:0d:f8:c5:a8:b9:8d:45:4d:31:88:ac:e2:cc:4a:56:e4:
41:0e:87:77:32:82:e4:d5:00:b7:3c:39:7a:aa:c6:a5:b0:00:
bc:80:92:d3:bc:eb:9f:61:2f:92:d0:85:c7:55:cf:e7:c1:4e:
70:64:c4:ed:66:07:99:b9:0f:12:55:a5:b1:de:f2:0c:e3:d9:
75:84:63:87:3f:31:b0:ee:20:60:04:3a:ea:ea:34:58:19:b9:
df:18:6d:e7:9c:12:fa:f0:63:59:50:93:2e:ac:8c:31:5b:25:
f7:42:8c:90:f9:ea:86:a4:8e:7d:c6:b6:e6:aa:43:5c:5c:f1:
29:e2:88:40:48:83:44:6f:ea:62:3f:c4:9b:21:a6:d1:a5:01:
7e:d2:20:87:41:84:ce:1c:65:8e:bf:65:dd:4f:4c:52:88:e0:
ec:5a:57:50
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGPswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDExMjEwOTUyNTlaFw0yNjExMjEwOTUyNTlaMBgxFjAU
BgNVBAMTDTY3M2YwMmZmLWRlNWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC06uZfIhZFuTEShMoLyIfXq/CJBzaijc9z0eypZGS/0TASiLbUwPaqYP9q
Mn8jmRLtFz6ju7epbS57Cr3fXUZX5vZhcSFYZ8ceIbQeGk9TmiYP5JPjzTCGhZjI
sGUGUnbzxAf+WhNLbqAGHdRpztiwu7Sl7QnthIA/6yYd3lN/XRF+LXfwCw+4YcTi
F9poorU6PxExPsExI1IJ9tkWLh91K/wfMRLsfmsrP2B5UTNE1tWvTtaheVuGg0cL
qfuJlImruOiaQqYm8RK4SQ2wj22hIOAlTmVlJbuhXN1oGoJn+bksTA72Zt5AOEJh
Lmd1nqAnGC69c8dOAcu4639eM6XzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUAAUU
De8Qh4JSrOQDwZ6HwLtmD4YwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzY1RjQ3MDU4QTdFRTExRUY5QzAwNTM4QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEI0wDQYJKoZIhvcNAQEL
BQADggEBACjerhYGJ1bh4Moz7LpVy8R8OY8hOy/59cTRPSmP0UWMqx39VMA0UOtD
ceo4tzjqpAvt//dHm4IdyT/iLiMvZhAPJUVU7pWQZDwJcVvepv99N/LkpeqMTbtT
jd3XDfjFqLmNRU0xiKzizEpW5EEOh3cyguTVALc8OXqqxqWwALyAktO8659hL5LQ
hcdVz+fBTnBkxO1mB5m5DxJVpbHe8gzj2XWEY4c/MbDuIGAEOurqNFgZud8Ybeec
EvrwY1lQky6sjDFbJfdCjJD56oakjn3GtuaqQ1xc8SniiEBIg0Rv6mI/xJshptGl
AX7SIIdBhM4cZY6/Zd1PTFKI4OxaV1A=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:43 2025 by rpki-client