Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8A5A99F2AF5211EF8F622F8A762E951A.roa
File: 8A5A99F2AF5211EF8F622F8A762E951A.roa (raw, json)
Hash identifier: UpNpxZVKbkMIyey3NPRuYe3urDHM1kepKFqdRfnrIAo=
Subject key identifier: 74:65:DD:CB:00:9C:D7:1D:46:F5:0F:30:CF:E6:00:AA:F3:CD:BE:90
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 191B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8A5A99F2AF5211EF8F622F8A762E951A.roa
Signing time: Sat 30 Nov 2024 19:37:32 +0000
ROA not before: Sat 30 Nov 2024 19:37:28 +0000
ROA not after: Mon 30 Nov 2026 19:37:28 +0000
asID: 150519
IP address blocks: 154.16.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6427 (0x191b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Nov 30 19:37:28 2024 GMT
Not After : Nov 30 19:37:28 2026 GMT
Subject: CN=674b697b-c212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ee:0e:36:a3:47:14:89:f5:1b:0f:69:ba:95:
5d:dd:88:57:da:86:ed:4e:7f:3d:e2:c4:a1:5b:fe:
5b:fe:6d:98:07:04:ef:57:0b:7d:fb:9e:e3:d5:5d:
72:33:9c:76:06:56:b8:5d:35:05:28:37:63:a6:fc:
b4:42:62:af:e7:c1:54:24:85:96:59:7f:cb:57:19:
2c:1d:a8:59:77:6e:18:a3:e6:19:d3:66:5b:11:37:
6e:9f:21:d3:11:23:37:5c:c8:58:72:44:72:14:6a:
b1:93:9b:66:e1:d7:4e:f3:a8:5a:f8:45:06:9e:7f:
6a:5f:8f:dd:6f:79:9b:a8:a3:0b:69:91:e5:63:59:
43:cd:b1:47:e4:2d:96:c0:ac:38:74:35:14:de:e8:
6d:28:1d:16:af:f7:a8:50:6b:bb:83:40:ce:f5:d4:
70:c0:b6:4c:e3:6f:a0:2a:fb:d8:72:1e:8d:c7:fa:
ed:44:43:30:d9:33:44:97:b4:bc:ac:9d:b4:b4:f8:
9f:90:c4:43:cb:52:ac:18:b5:d8:32:8e:1a:a1:17:
69:b3:2a:03:08:49:0f:5b:36:0a:27:12:9c:be:d7:
d7:eb:62:2b:d4:a0:37:68:7b:62:99:13:cb:e4:86:
15:a9:82:87:08:b7:37:22:7f:30:54:97:a6:ac:b7:
46:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:65:DD:CB:00:9C:D7:1D:46:F5:0F:30:CF:E6:00:AA:F3:CD:BE:90
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8A5A99F2AF5211EF8F622F8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.242.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:5d:5d:75:66:bc:b7:a8:d6:3e:6b:27:3d:1b:99:32:86:af:
be:6b:5b:ee:e4:25:d0:dc:77:e4:5a:82:c7:19:fb:1c:07:cf:
4a:5a:0c:53:48:18:70:e2:d6:6c:f1:33:b7:58:b7:9f:99:a3:
11:90:65:65:ed:78:74:6f:9f:dc:d4:02:36:eb:35:91:a4:ec:
57:54:a4:1b:74:02:3c:78:33:f1:f7:73:67:e1:b6:f1:de:27:
ce:7f:55:57:80:1d:b4:4a:b0:fb:8c:d7:86:76:b8:84:14:33:
fb:39:3f:a5:67:dc:37:b6:bd:06:e6:96:bc:e0:4d:5d:f8:8d:
15:b2:4a:0e:b7:7f:9e:c4:10:3b:2b:72:bb:f7:12:33:15:d0:
57:d6:0d:bb:a1:db:20:5a:ad:6c:28:f2:ce:d0:02:c5:2e:fc:
e1:c7:1d:0b:f3:2b:ed:b6:47:64:2c:dc:a6:8a:5e:0d:2b:97:
c9:ad:f2:d2:b8:60:9c:9b:bf:b6:03:33:87:e3:36:12:22:20:
5f:76:23:6e:f3:a7:74:74:38:db:09:ea:94:b2:d2:4d:c0:d5:
0c:d6:60:f2:f4:f6:00:ae:9e:f5:2a:f3:fb:6a:5c:31:5f:de:
86:4d:ea:c9:a2:b9:5c:ba:cb:e5:c8:b6:3d:26:f2:91:2a:8a:
9d:ab:da:49
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGRswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDExMzAxOTM3MjhaFw0yNjExMzAxOTM3MjhaMBgxFjAU
BgNVBAMTDTY3NGI2OTdiLWMyMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDb7g42o0cUifUbD2m6lV3diFfahu1Ofz3ixKFb/lv+bZgHBO9XC337nuPV
XXIznHYGVrhdNQUoN2Om/LRCYq/nwVQkhZZZf8tXGSwdqFl3bhij5hnTZlsRN26f
IdMRIzdcyFhyRHIUarGTm2bh107zqFr4RQaef2pfj91veZuoowtpkeVjWUPNsUfk
LZbArDh0NRTe6G0oHRav96hQa7uDQM711HDAtkzjb6Aq+9hyHo3H+u1EQzDZM0SX
tLysnbS0+J+QxEPLUqwYtdgyjhqhF2mzKgMISQ9bNgonEpy+19frYivUoDdoe2KZ
E8vkhhWpgocItzcifzBUl6ast0axAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdGXd
ywCc1x1G9Q8wz+YAqvPNvpAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzhBNUE5OUYyQUY1MjExRUY4RjYyMkY4QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPIwDQYJKoZIhvcNAQEL
BQADggEBALZdXXVmvLeo1j5rJz0bmTKGr75rW+7kJdDcd+RagscZ+xwHz0paDFNI
GHDi1mzxM7dYt5+ZoxGQZWXteHRvn9zUAjbrNZGk7FdUpBt0Ajx4M/H3c2fhtvHe
J85/VVeAHbRKsPuM14Z2uIQUM/s5P6Vn3De2vQbmlrzgTV34jRWySg63f57EEDsr
crv3EjMV0FfWDbuh2yBarWwo8s7QAsUu/OHHHQvzK+22R2Qs3KaKXg0rl8mt8tK4
YJybv7YDM4fjNhIiIF92I27zp3R0ONsJ6pSy0k3A1QzWYPL09gCunvUq8/tqXDFf
3oZN6smiuVy6y+XItj0m8pEqip2r2kk=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:59:29 2025 by rpki-client