Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/93F5CCCCE86811EEA106EF9E775412E6.roa
File: 93F5CCCCE86811EEA106EF9E775412E6.roa (raw, json)
Hash identifier: 6g1emVbW3LcupcrQnsQ8adyrjwSMb5T26i8/gZ/lk8U=
Subject key identifier: 17:E9:D0:CB:5B:E1:D2:59:7E:BB:4A:8F:8E:D5:C5:68:69:D6:5A:AD
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 156B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/93F5CCCCE86811EEA106EF9E775412E6.roa
Signing time: Fri 22 Mar 2024 16:23:55 +0000
ROA not before: Fri 22 Mar 2024 16:23:52 +0000
ROA not after: Sun 22 Mar 2026 16:23:52 +0000
asID: 29802
IP address blocks: 154.16.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5483 (0x156b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 22 16:23:52 2024 GMT
Not After : Mar 22 16:23:52 2026 GMT
Subject: CN=65fdb09b-9613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5c:f1:7d:d0:d0:3f:fc:55:f8:af:ca:1c:72:
35:9b:9a:ee:53:d1:9a:db:e6:58:37:73:f3:b1:57:
c4:54:39:4e:df:4a:59:22:f4:0e:a1:02:e1:59:f0:
64:4c:2a:6a:5f:66:bd:3e:42:3d:d4:1c:69:a1:1e:
ad:ba:34:1c:41:f6:b6:7b:3e:23:f1:08:a1:8c:ef:
81:71:2e:f1:dd:2f:df:05:55:3b:35:4f:48:81:58:
21:0a:11:06:4f:5d:67:ad:c8:7e:fa:4a:cb:be:72:
5e:2b:cf:31:fc:5f:26:9f:b4:6c:fc:35:fc:69:af:
c4:0a:a7:1c:b6:de:99:a1:d3:14:0b:ec:41:80:2b:
af:9e:0d:e5:64:72:de:0e:92:1a:74:a6:f6:94:72:
f2:41:fe:1f:80:15:57:f5:5c:39:55:5d:17:0a:a1:
32:54:b6:fa:be:95:48:25:12:76:81:63:be:ff:5b:
33:8b:0e:56:84:1a:40:0d:e4:50:c2:26:f1:01:a9:
3d:4e:0c:2e:21:08:a5:8e:6b:7f:23:82:2e:bc:5e:
18:a7:5e:05:72:de:2f:45:cd:c5:9b:c7:55:fd:5f:
4e:e5:e1:6b:61:8f:2a:a0:98:e2:d3:c7:68:e6:89:
1f:95:13:be:70:44:33:af:1e:e5:19:06:6e:e7:75:
b0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E9:D0:CB:5B:E1:D2:59:7E:BB:4A:8F:8E:D5:C5:68:69:D6:5A:AD
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/93F5CCCCE86811EEA106EF9E775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.126.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:fc:61:50:52:59:63:c9:c8:15:69:0c:65:9b:b1:08:ed:dd:
66:c9:59:16:ff:c6:57:2a:1c:82:a7:eb:bf:01:1b:d7:ec:77:
91:51:b7:48:6f:98:14:85:3c:a1:72:7f:78:ff:d5:99:f4:3a:
4a:7d:76:61:a2:12:e9:ed:35:60:34:7d:e7:74:a6:3d:0a:5d:
68:79:d0:6f:38:b8:cf:70:7f:e7:4d:fe:0a:fb:f4:a9:90:e5:
7a:4d:06:77:1a:59:b8:b0:70:45:0e:8d:e7:ee:cb:32:9e:6f:
96:d6:c6:74:3e:36:e7:eb:68:49:54:40:6b:7d:6a:c3:f7:52:
72:42:af:15:03:02:0e:03:27:e7:d3:36:2b:bc:8c:ff:b0:b2:
80:06:e0:4a:47:76:f2:b2:7a:d7:1c:30:93:2f:d3:bc:9d:0b:
f2:7a:51:d9:16:e8:c0:d3:52:e9:2d:d0:e3:93:31:68:aa:df:
c4:92:6f:93:d2:e0:db:55:7b:f5:e8:40:e5:b8:6d:eb:33:e4:
8f:9d:1b:2e:37:b2:8f:57:7e:52:be:a6:57:02:32:d1:b0:63:
a7:57:56:7f:c7:7a:7e:6a:8f:db:9f:6a:20:0e:6e:1d:dd:6e:
98:8f:0f:49:30:84:64:4d:f7:d8:b5:6f:16:44:50:21:df:89:
87:4a:04:08
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFWswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMjIxNjIzNTJaFw0yNjAzMjIxNjIzNTJaMBgxFjAU
BgNVBAMTDTY1ZmRiMDliLTk2MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDvXPF90NA//FX4r8occjWbmu5T0Zrb5lg3c/OxV8RUOU7fSlki9A6hAuFZ
8GRMKmpfZr0+Qj3UHGmhHq26NBxB9rZ7PiPxCKGM74FxLvHdL98FVTs1T0iBWCEK
EQZPXWetyH76Ssu+cl4rzzH8XyaftGz8Nfxpr8QKpxy23pmh0xQL7EGAK6+eDeVk
ct4Okhp0pvaUcvJB/h+AFVf1XDlVXRcKoTJUtvq+lUglEnaBY77/WzOLDlaEGkAN
5FDCJvEBqT1ODC4hCKWOa38jgi68XhinXgVy3i9FzcWbx1X9X07l4WthjyqgmOLT
x2jmiR+VE75wRDOvHuUZBm7ndbCzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUF+nQ
y1vh0ll+u0qPjtXFaGnWWq0wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzkzRjVDQ0NDRTg2ODExRUVBMTA2RUY5RTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEH4wDQYJKoZIhvcNAQEL
BQADggEBAB/8YVBSWWPJyBVpDGWbsQjt3WbJWRb/xlcqHIKn678BG9fsd5FRt0hv
mBSFPKFyf3j/1Zn0Okp9dmGiEuntNWA0fed0pj0KXWh50G84uM9wf+dN/gr79KmQ
5XpNBncaWbiwcEUOjefuyzKeb5bWxnQ+NufraElUQGt9asP3UnJCrxUDAg4DJ+fT
Niu8jP+wsoAG4EpHdvKyetccMJMv07ydC/J6UdkW6MDTUukt0OOTMWiq38SSb5PS
4NtVe/XoQOW4besz5I+dGy43so9XflK+plcCMtGwY6dXVn/Hen5qj9ufaiAObh3d
bpiPD0kwhGRN99i1bxZEUCHfiYdKBAg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:17 2025 by rpki-client