Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/66A998C0D9BE11ED8615BE06306D8C1D.roa
File: 66A998C0D9BE11ED8615BE06306D8C1D.roa (raw, json)
Hash identifier: j6POp4fV0bfSgNPUn6Xk+P8KPcKaltNtEvUTim3Yf4U=
Subject key identifier: D4:DD:3D:07:3A:8E:DE:FF:1D:09:45:29:E3:2C:51:9D:EC:67:FD:91
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0D4F
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/66A998C0D9BE11ED8615BE06306D8C1D.roa
Signing time: Thu 13 Apr 2023 05:45:31 +0000
ROA not before: Thu 13 Apr 2023 05:45:27 +0000
ROA not after: Wed 16 Apr 2025 05:45:27 +0000
asID: 206505
IP address blocks: 154.16.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Apr 2024 17:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3407 (0xd4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Apr 13 05:45:27 2023 GMT
Not After : Apr 16 05:45:27 2025 GMT
Subject: CN=643796fb-691d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:98:88:13:2b:62:7c:16:76:90:62:09:17:78:
0f:02:99:4d:4b:80:60:1b:b7:b4:dd:95:6b:55:3a:
8d:42:1d:a4:bd:01:01:04:a4:f5:54:83:f3:43:e1:
cb:ed:e7:9f:b4:c7:58:28:f5:b4:bd:19:70:48:2e:
a8:1b:40:ab:11:a8:28:28:8c:eb:f6:66:e6:91:80:
1b:fb:f3:f5:49:55:e1:e0:8b:03:42:ac:33:d3:de:
eb:7f:eb:e2:75:4b:cf:9a:fe:27:8f:30:88:42:ad:
ff:e8:83:af:22:f3:a6:34:6b:5b:c4:b2:2f:a2:a3:
09:f8:4d:0e:dd:ee:3a:62:c7:47:3b:36:d0:80:a9:
58:d7:b9:b3:7e:22:24:b4:bf:81:fe:02:74:0e:aa:
4e:da:0f:25:ee:84:4f:0f:d5:d8:5e:2f:41:fe:46:
32:f9:33:4c:c5:e4:93:86:9a:42:94:fe:b2:f6:99:
d0:b5:32:90:24:47:89:f5:06:9f:c3:5a:ab:8e:1c:
41:d6:0a:f9:fe:0e:95:2b:3e:ac:d9:38:0c:f5:83:
68:4a:74:1f:da:9e:80:6f:9c:15:5d:66:dc:b4:2f:
df:d3:31:e5:f7:71:6b:8c:f2:45:fb:d0:57:7e:db:
bb:fc:21:92:50:45:b2:87:c1:83:08:3a:d5:cf:56:
88:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DD:3D:07:3A:8E:DE:FF:1D:09:45:29:E3:2C:51:9D:EC:67:FD:91
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/66A998C0D9BE11ED8615BE06306D8C1D.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.228.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:90:cd:f1:bd:83:0e:7e:6e:c8:c7:b8:6e:bd:ec:6a:20:74:
cc:b0:73:e0:47:17:90:5d:12:b6:af:11:6a:bc:fe:44:f2:cc:
4b:cb:06:c7:9d:04:0c:02:7e:45:dd:21:bb:3d:6a:94:95:48:
d7:a0:b6:f4:f1:ce:9e:86:31:a3:d6:7e:33:f3:ff:66:be:58:
8b:12:b3:5d:ce:c6:6d:51:d3:37:69:72:1f:5c:18:23:b5:cb:
64:5a:2d:9d:76:80:b8:8e:c8:c7:67:6f:1a:dc:08:9d:86:cf:
40:cd:9f:a7:41:10:8c:ae:83:c3:2b:45:2f:9c:db:76:1e:fd:
05:ae:29:09:7e:ef:15:12:7e:a4:ff:52:35:47:f9:53:a8:71:
3c:65:d3:fa:8b:0b:9a:29:55:59:6b:aa:7a:e3:a3:1b:e8:c1:
3d:4b:e7:f1:ad:aa:87:2b:d8:b5:74:b7:12:08:0f:79:5b:4f:
7d:f3:e0:68:74:1b:24:21:a1:e8:92:eb:a2:28:df:79:12:14:
fc:3b:7f:9d:6d:d2:b9:18:14:54:52:18:80:3b:bc:99:99:a3:
a5:74:29:44:58:ab:ff:c6:6d:95:68:ea:9c:c6:bd:0e:6b:5d:
e9:2b:92:23:39:34:dd:92:85:db:f5:64:6f:ad:07:10:b6:ad:
1c:9e:a2:26
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDU8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA0MTMwNTQ1MjdaFw0yNTA0MTYwNTQ1MjdaMBgxFjAU
BgNVBAMMDTY0Mzc5NmZiLTY5MWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEmIgTK2J8FnaQYgkXeA8CmU1LgGAbt7TdlWtVOo1CHaS9AQEEpPVUg/ND
4cvt55+0x1go9bS9GXBILqgbQKsRqCgojOv2ZuaRgBv78/VJVeHgiwNCrDPT3ut/
6+J1S8+a/iePMIhCrf/og68i86Y0a1vEsi+iown4TQ7d7jpix0c7NtCAqVjXubN+
IiS0v4H+AnQOqk7aDyXuhE8P1dheL0H+RjL5M0zF5JOGmkKU/rL2mdC1MpAkR4n1
Bp/DWquOHEHWCvn+DpUrPqzZOAz1g2hKdB/anoBvnBVdZty0L9/TMeX3cWuM8kX7
0Fd+27v8IZJQRbKHwYMIOtXPVojDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU1N09
BzqO3v8dCUUp4yxRnexn/ZEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzY2QTk5OEMwRDlCRTExRUQ4NjE1QkUwNjMwNkQ4QzFELnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOQwDQYJKoZIhvcNAQEL
BQADggEBANKQzfG9gw5+bsjHuG697GogdMywc+BHF5BdEravEWq8/kTyzEvLBsed
BAwCfkXdIbs9apSVSNegtvTxzp6GMaPWfjPz/2a+WIsSs13Oxm1R0zdpch9cGCO1
y2RaLZ12gLiOyMdnbxrcCJ2Gz0DNn6dBEIyug8MrRS+c23Ye/QWuKQl+7xUSfqT/
UjVH+VOocTxl0/qLC5opVVlrqnrjoxvowT1L5/Gtqocr2LV0txIID3lbT33z4Gh0
GyQhoeiS66Io33kSFPw7f51t0rkYFFRSGIA7vJmZo6V0KURYq//GbZVo6pzGvQ5r
XekrkiM5NN2Shdv1ZG+tBxC2rRyeoiY=
-----END CERTIFICATE-----
Generated at Thu Apr 18 18:15:59 2024 by rpki-client on console-fra.rpki-client.org