Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8E9D1D16B43911ED88411B9FF1222468.roa
File: 8E9D1D16B43911ED88411B9FF1222468.roa (raw, json)
Hash identifier: qwWkeMG4kPfmrc+T1FE601SToJFTav+aCz180ReTwc8=
Subject key identifier: F1:DC:D4:79:9C:8F:6D:35:BE:E8:93:3C:24:64:DE:92:83:D4:99:07
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0BF1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8E9D1D16B43911ED88411B9FF1222468.roa
Signing time: Fri 24 Feb 2023 11:51:22 +0000
ROA not before: Fri 24 Feb 2023 11:51:18 +0000
ROA not after: Sat 22 Feb 2025 11:51:18 +0000
asID: 61317
IP address blocks: 154.16.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3057 (0xbf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 24 11:51:18 2023 GMT
Not After : Feb 22 11:51:18 2025 GMT
Subject: CN=63f8a4ba-e762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c1:03:d2:a6:5e:13:2f:57:45:ed:1a:01:1a:
81:dd:f2:b1:25:62:75:22:2d:ef:a2:e5:8b:1b:b4:
75:c2:2f:e3:ed:1f:ec:a5:05:0b:02:ed:cf:76:91:
00:ab:f8:8d:29:3e:ea:6e:05:2b:78:ac:34:c4:3b:
10:72:cd:9f:94:ca:42:bf:9b:f0:f3:fa:3c:36:fd:
77:9e:53:ad:4e:99:34:50:f2:c6:69:0f:a8:7b:21:
02:c7:9f:09:af:7e:83:b7:cc:d0:40:b2:2a:f4:57:
ff:75:38:00:70:a8:f3:3f:2d:bc:71:83:97:7a:60:
b7:6c:bf:0b:fe:04:6c:79:4c:4c:b9:15:82:2b:f4:
70:b9:b7:5e:98:dc:c9:da:1b:a9:f7:6a:d2:f5:10:
59:e1:58:16:25:c1:85:7d:62:df:00:c8:b6:27:36:
0c:5a:9f:76:e1:a1:c8:14:76:3b:54:e3:c1:6f:a4:
10:e5:89:f2:4c:cd:79:87:f7:06:e7:45:0b:4d:ad:
70:44:8c:d1:f7:e3:3c:fc:68:65:ca:58:b0:e5:1b:
18:2c:11:80:3a:21:01:bc:9f:fd:3b:fd:95:d7:dc:
da:17:63:ff:1f:55:6e:ba:10:a8:09:68:5f:7b:9c:
ce:70:e8:c3:54:2a:51:b9:bb:35:0f:df:28:e8:3a:
9a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DC:D4:79:9C:8F:6D:35:BE:E8:93:3C:24:64:DE:92:83:D4:99:07
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/8E9D1D16B43911ED88411B9FF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.20.0/24
Signature Algorithm: sha256WithRSAEncryption
32:11:d8:7a:8b:f4:f5:26:45:78:f1:e0:f1:5f:c9:71:d2:5e:
eb:4b:a6:dd:e3:6f:29:9e:2a:c7:41:03:10:04:78:e4:49:1d:
42:0e:fa:7c:6e:ec:34:1b:e6:84:60:2b:aa:e4:f4:ce:6f:80:
a3:1f:ce:99:3c:cd:e0:f9:33:30:5e:8b:ea:d1:20:ef:d5:52:
4d:27:60:73:3e:f3:e3:39:8d:cd:c6:24:f1:32:21:53:ae:1a:
fe:7d:1b:cc:d4:c3:c1:8c:9d:34:95:42:20:cc:ce:47:20:0d:
ed:3d:88:ba:3d:ab:c3:06:25:ed:12:8e:9a:b7:e9:5b:32:65:
39:6a:53:db:a5:47:fd:23:3c:8d:88:11:69:b4:e2:46:6f:dd:
f4:f5:b3:e0:28:90:2b:8c:f4:f8:e5:9c:54:2c:c7:c3:76:e7:
c4:9a:be:75:12:e7:ad:51:fe:27:76:92:5e:59:70:b1:07:b1:
92:32:cb:71:6b:b4:7e:3f:9d:6b:1d:e1:ef:4c:97:91:7a:28:
8f:11:76:58:10:2e:79:3a:7f:73:43:23:00:e3:16:c5:ae:ff:
e0:54:a3:2b:85:6b:a9:70:0f:a2:3f:05:fd:30:34:d0:a0:ce:
f1:bf:db:82:55:15:7d:82:78:9f:b6:e1:97:c0:6f:b5:4e:90:
9a:a5:97:02
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICC/EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAyMjQxMTUxMThaFw0yNTAyMjIxMTUxMThaMBgxFjAU
BgNVBAMMDTYzZjhhNGJhLWU3NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9wQPSpl4TL1dF7RoBGoHd8rElYnUiLe+i5YsbtHXCL+PtH+ylBQsC7c92
kQCr+I0pPupuBSt4rDTEOxByzZ+UykK/m/Dz+jw2/XeeU61OmTRQ8sZpD6h7IQLH
nwmvfoO3zNBAsir0V/91OABwqPM/Lbxxg5d6YLdsvwv+BGx5TEy5FYIr9HC5t16Y
3MnaG6n3atL1EFnhWBYlwYV9Yt8AyLYnNgxan3bhocgUdjtU48FvpBDlifJMzXmH
9wbnRQtNrXBEjNH34zz8aGXKWLDlGxgsEYA6IQG8n/07/ZXX3NoXY/8fVW66EKgJ
aF97nM5w6MNUKlG5uzUP3yjoOprlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8dzU
eZyPbTW+6JM8JGTekoPUmQcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzhFOUQxRDE2QjQzOTExRUQ4ODQxMUI5RkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBQwDQYJKoZIhvcNAQEL
BQADggEBADIR2HqL9PUmRXjx4PFfyXHSXutLpt3jbymeKsdBAxAEeORJHUIO+nxu
7DQb5oRgK6rk9M5vgKMfzpk8zeD5MzBei+rRIO/VUk0nYHM+8+M5jc3GJPEyIVOu
Gv59G8zUw8GMnTSVQiDMzkcgDe09iLo9q8MGJe0Sjpq36VsyZTlqU9ulR/0jPI2I
EWm04kZv3fT1s+AokCuM9PjlnFQsx8N258SavnUS561R/id2kl5ZcLEHsZIyy3Fr
tH4/nWsd4e9Ml5F6KI8RdlgQLnk6f3NDIwDjFsWu/+BUoyuFa6lwD6I/Bf0wNNCg
zvG/24JVFX2CeJ+24ZfAb7VOkJqllwI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:25 2025 by rpki-client