Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/78C6D0B8D27311EFB52EB244762E951A.roa
File: 78C6D0B8D27311EFB52EB244762E951A.roa (raw, json)
Hash identifier: 6TY88m+lSvTlzxZLxt8Y6EULgqKK0dBdl8kQcsaNs6A=
Subject key identifier: CB:D6:24:00:0C:DC:AB:36:96:D5:A2:D7:89:A1:C4:98:0A:71:0D:7C
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 199C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/78C6D0B8D27311EFB52EB244762E951A.roa
Signing time: Tue 14 Jan 2025 12:31:26 +0000
ROA not before: Tue 14 Jan 2025 12:31:22 +0000
ROA not after: Thu 14 Jan 2027 12:31:22 +0000
asID: 212238
IP address blocks: 154.16.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6556 (0x199c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Jan 14 12:31:22 2025 GMT
Not After : Jan 14 12:31:22 2027 GMT
Subject: CN=6786591e-5843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:33:36:11:02:0f:8a:10:33:a8:0b:b7:8a:21:
3b:a4:d7:07:50:ef:7b:d6:08:df:38:7b:87:25:d9:
ae:37:29:f4:9d:74:1a:6c:66:11:55:dd:53:3d:6b:
29:02:2f:45:e9:63:e0:ba:c8:ae:1f:74:26:24:bd:
4b:2b:8e:3a:15:61:41:0a:34:2c:ee:20:f3:e6:2d:
43:42:37:5b:ba:78:f1:0a:40:fe:fb:cf:b1:c0:1e:
14:23:4c:9b:b5:3c:c3:23:b2:93:12:bd:85:3b:30:
42:77:b4:19:10:1b:38:a3:fb:26:6a:cf:71:2d:f6:
7c:36:b7:7f:76:c0:49:95:82:71:3b:30:1f:3c:27:
82:b9:5c:54:e0:53:56:21:9c:00:22:a8:21:e0:46:
c0:da:2a:56:cb:93:93:c5:5e:89:66:a8:01:bd:ca:
2d:02:93:1c:82:72:de:99:ca:f7:da:f6:c9:37:4c:
4b:14:78:f8:c9:23:3d:fa:20:34:f4:d0:7b:6f:0c:
1a:ce:e8:4f:7a:c8:4b:19:22:8d:e4:49:93:3a:50:
48:59:3c:c0:01:f9:72:7b:b3:e4:8d:84:8f:d8:f8:
25:67:66:84:71:23:88:3a:06:35:4f:8c:18:b7:c0:
e9:dd:65:51:c6:d4:61:cc:5b:3c:6f:90:68:05:3b:
e6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D6:24:00:0C:DC:AB:36:96:D5:A2:D7:89:A1:C4:98:0A:71:0D:7C
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/78C6D0B8D27311EFB52EB244762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.163.0/24
Signature Algorithm: sha256WithRSAEncryption
93:d7:65:1b:62:d2:9f:7f:ed:b0:f6:5a:4b:ab:5c:15:5a:62:
db:17:45:0f:70:6d:92:ac:25:c1:cf:80:49:a5:fb:92:03:cc:
64:72:7a:e2:21:5e:ae:ec:ac:a1:7d:82:3f:9e:54:9f:be:37:
69:5f:0e:b3:72:f4:91:7b:bc:45:d7:d4:f6:69:4c:14:86:67:
9d:89:a8:ad:65:3a:d0:81:1f:18:34:bc:da:06:f3:67:22:25:
07:d3:b0:1a:36:e8:2b:90:df:50:52:ce:2c:0f:25:3e:b9:c3:
41:69:4d:a4:dc:e1:bf:dd:05:ea:c8:eb:e6:40:3d:85:40:9a:
f2:d8:00:2e:61:1b:ea:2c:68:d5:00:eb:a3:11:85:c8:9e:5a:
df:38:63:57:26:0a:9d:02:2f:94:c8:c8:d9:e2:82:8f:97:23:
d3:12:4b:4f:0c:18:c6:60:ec:50:fc:bf:0c:e7:dc:98:59:65:
65:a1:60:83:92:6a:44:c9:9a:18:dc:5a:f1:69:3f:3f:1a:5a:
f7:16:76:df:37:cc:96:ac:50:e5:87:ee:58:bd:7a:22:05:f7:
4a:29:5b:7f:80:95:e6:66:41:78:0a:87:55:5b:07:d7:60:0c:
41:3b:4c:db:c4:c7:76:fe:87:8a:99:e6:f8:a3:64:a9:d2:27:
dc:25:fd:41
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGZwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAxMTQxMjMxMjJaFw0yNzAxMTQxMjMxMjJaMBgxFjAU
BgNVBAMTDTY3ODY1OTFlLTU4NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCiMzYRAg+KEDOoC7eKITuk1wdQ73vWCN84e4cl2a43KfSddBpsZhFV3VM9
aykCL0XpY+C6yK4fdCYkvUsrjjoVYUEKNCzuIPPmLUNCN1u6ePEKQP77z7HAHhQj
TJu1PMMjspMSvYU7MEJ3tBkQGzij+yZqz3Et9nw2t392wEmVgnE7MB88J4K5XFTg
U1YhnAAiqCHgRsDaKlbLk5PFXolmqAG9yi0CkxyCct6Zyvfa9sk3TEsUePjJIz36
IDT00HtvDBrO6E96yEsZIo3kSZM6UEhZPMAB+XJ7s+SNhI/Y+CVnZoRxI4g6BjVP
jBi3wOndZVHG1GHMWzxvkGgFO+ZnAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUy9Yk
AAzcqzaW1aLXiaHEmApxDXwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzc4QzZEMEI4RDI3MzExRUZCNTJFQjI0NDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEKMwDQYJKoZIhvcNAQEL
BQADggEBAJPXZRti0p9/7bD2WkurXBVaYtsXRQ9wbZKsJcHPgEml+5IDzGRyeuIh
Xq7srKF9gj+eVJ++N2lfDrNy9JF7vEXX1PZpTBSGZ52JqK1lOtCBHxg0vNoG82ci
JQfTsBo26CuQ31BSziwPJT65w0FpTaTc4b/dBerI6+ZAPYVAmvLYAC5hG+osaNUA
66MRhcieWt84Y1cmCp0CL5TIyNnigo+XI9MSS08MGMZg7FD8vwzn3JhZZWWhYIOS
akTJmhjcWvFpPz8aWvcWdt83zJasUOWH7li9eiIF90opW3+AleZmQXgKh1VbB9dg
DEE7TNvEx3b+h4qZ5vijZKnSJ9wl/UE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:44:27 2025 by rpki-client