Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6C401604C44C11EFA3855862762E951A.roa
File: 6C401604C44C11EFA3855862762E951A.roa (raw, json)
Hash identifier: p37YWatY46xfyY6WPgSkrFmPknYzgORzC+/CF636+1g=
Subject key identifier: 3D:35:A7:FA:E1:4C:EE:28:B8:D6:B8:CD:39:D3:C9:02:19:1E:11:DF
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 197A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6C401604C44C11EFA3855862762E951A.roa
Signing time: Fri 27 Dec 2024 12:16:38 +0000
ROA not before: Fri 27 Dec 2024 12:16:35 +0000
ROA not after: Sun 27 Dec 2026 12:16:35 +0000
asID: 20454
IP address blocks: 154.16.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6522 (0x197a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 27 12:16:35 2024 GMT
Not After : Dec 27 12:16:35 2026 GMT
Subject: CN=676e9aa6-f05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4d:b7:9c:58:d9:14:21:f2:d2:f2:a0:62:7c:
75:69:4b:a2:89:86:92:4a:13:81:a3:26:d0:95:2a:
3e:dd:50:df:ad:f1:d8:81:fe:d2:05:dd:e1:06:8f:
5f:44:c5:d3:9d:a2:c4:0e:93:90:2a:f0:e2:57:c6:
e8:8b:07:ab:50:59:be:ea:c2:92:da:15:6f:4b:c1:
7a:82:f3:57:65:35:ad:5f:77:e7:17:3d:36:7e:79:
37:08:84:2c:45:26:b8:4a:5a:42:62:dd:dc:ab:7e:
45:76:84:0e:de:c4:7c:98:b4:80:b1:08:87:53:59:
da:eb:d2:54:ab:fa:0d:47:69:79:10:cf:5d:95:47:
29:e9:72:cc:2c:e7:e9:7d:c5:5f:f2:db:af:79:10:
ec:c8:0b:2c:99:12:98:cb:76:32:94:e1:51:49:29:
92:fe:0c:05:a8:d7:5b:30:a2:f2:97:76:9e:21:92:
fe:2b:b9:3c:15:a0:25:f6:b4:13:e7:0c:b2:32:98:
b7:12:97:06:f7:73:25:99:28:02:ec:44:a3:79:8f:
e6:d8:b8:22:77:8c:7f:28:8a:66:dc:8c:87:05:01:
f4:0f:57:a5:5f:53:3e:89:89:98:71:ec:66:0e:83:
5b:c6:e6:94:f2:40:e3:68:e2:34:92:37:2c:65:e2:
67:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:35:A7:FA:E1:4C:EE:28:B8:D6:B8:CD:39:D3:C9:02:19:1E:11:DF
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/6C401604C44C11EFA3855862762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.244.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a1:51:18:65:7c:57:f6:5c:d7:5a:62:de:b0:01:24:2c:5b:
de:45:1a:f9:d8:b7:55:55:b5:36:c0:9f:b9:7b:dc:e1:93:77:
f4:49:f6:91:00:64:b8:67:7f:6d:24:6a:52:6b:97:96:f0:67:
63:46:28:aa:34:be:75:20:ad:ac:94:19:ef:58:12:9e:9c:5f:
47:c0:ff:1f:17:78:8e:72:c1:6a:a0:8c:12:fb:78:8b:ed:6c:
90:ed:cc:14:f1:2c:a8:55:71:ff:68:51:32:8a:96:d1:25:f8:
75:7c:8f:29:d4:e7:3f:09:9f:1d:a0:cc:a9:d0:92:34:16:1f:
a9:93:32:f9:c3:c6:da:21:68:85:ae:f9:b4:75:ef:41:90:3e:
cb:3a:84:30:e8:74:b5:b6:57:65:bf:5a:99:b0:5c:b0:83:0b:
39:a5:fe:e5:ba:96:b4:e6:43:ad:8c:b4:63:6f:bd:7a:cc:9e:
8f:8e:40:7f:00:48:3b:5e:10:5a:10:66:db:8f:6e:8f:c6:d6:
88:3c:89:d5:5d:b2:ad:9c:bf:f3:31:4e:61:33:58:e2:7e:30:
1d:de:6b:0f:ae:a8:11:3a:50:cb:7b:9e:f5:ae:d5:5b:d7:59:
82:9c:d3:95:75:4e:b8:e7:2a:0c:be:f7:c4:00:90:d1:7a:ce:
6d:4c:59:da
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGXowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjcxMjE2MzVaFw0yNjEyMjcxMjE2MzVaMBgxFjAU
BgNVBAMTDTY3NmU5YWE2LWYwNWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDuTbecWNkUIfLS8qBifHVpS6KJhpJKE4GjJtCVKj7dUN+t8diB/tIF3eEG
j19ExdOdosQOk5Aq8OJXxuiLB6tQWb7qwpLaFW9LwXqC81dlNa1fd+cXPTZ+eTcI
hCxFJrhKWkJi3dyrfkV2hA7exHyYtICxCIdTWdrr0lSr+g1HaXkQz12VRynpcsws
5+l9xV/y2695EOzICyyZEpjLdjKU4VFJKZL+DAWo11swovKXdp4hkv4ruTwVoCX2
tBPnDLIymLcSlwb3cyWZKALsRKN5j+bYuCJ3jH8oimbcjIcFAfQPV6VfUz6JiZhx
7GYOg1vG5pTyQONo4jSSNyxl4mfzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPTWn
+uFM7ii41rjNOdPJAhkeEd8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzZDNDAxNjA0QzQ0QzExRUZBMzg1NTg2Mjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPQwDQYJKoZIhvcNAQEL
BQADggEBAJ+hURhlfFf2XNdaYt6wASQsW95FGvnYt1VVtTbAn7l73OGTd/RJ9pEA
ZLhnf20kalJrl5bwZ2NGKKo0vnUgrayUGe9YEp6cX0fA/x8XeI5ywWqgjBL7eIvt
bJDtzBTxLKhVcf9oUTKKltEl+HV8jynU5z8Jnx2gzKnQkjQWH6mTMvnDxtohaIWu
+bR170GQPss6hDDodLW2V2W/WpmwXLCDCzml/uW6lrTmQ62MtGNvvXrMno+OQH8A
SDteEFoQZtuPbo/G1og8idVdsq2cv/MxTmEzWOJ+MB3eaw+uqBE6UMt7nvWu1VvX
WYKc05V1TrjnKgy+98QAkNF6zm1MWdo=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:56:07 2025 by rpki-client