Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/970459868E8311EEA2EDFDDD7D84E21B.roa
File: 970459868E8311EEA2EDFDDD7D84E21B.roa (raw, json)
Hash identifier: Y1FS7fDx/JLz9ehRaJzBCyBR8Rs++suKmEu03vUHMwg=
Subject key identifier: 87:F6:17:7D:1D:71:79:4E:D7:3F:AC:5F:D2:5E:9E:CB:77:31:56:45
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 13A8
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/970459868E8311EEA2EDFDDD7D84E21B.roa
Signing time: Wed 29 Nov 2023 06:50:32 +0000
ROA not before: Wed 29 Nov 2023 06:50:29 +0000
ROA not after: Sat 29 Nov 2025 06:50:29 +0000
asID: 3356
IP address blocks: 154.16.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 28 Apr 2024 00:51:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5032 (0x13a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Nov 29 06:50:29 2023 GMT
Not After : Nov 29 06:50:29 2025 GMT
Subject: CN=6566df38-5cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b2:84:10:72:73:cd:7b:ba:3d:f0:27:0d:54:
3d:e3:f9:f5:f6:d0:55:4c:87:f2:a9:55:07:26:41:
58:9f:85:d4:f7:f7:15:75:69:8d:8d:f7:04:c9:71:
f2:00:4a:f7:db:3f:32:c8:12:09:fb:13:1b:8d:7c:
7f:31:dd:fe:e6:49:23:67:1a:3d:12:df:cf:fd:f3:
75:29:c2:82:9c:14:b9:fc:80:e4:92:64:b9:87:3e:
a0:d4:42:8e:b2:e9:63:94:e1:68:4a:41:6a:7a:3f:
35:8a:12:85:10:03:58:db:6b:70:4c:68:64:9d:a5:
ff:1e:0b:6c:1b:f1:ac:04:e0:86:d1:16:77:1f:40:
46:06:ab:be:0a:4f:8c:c8:f1:4f:d8:a1:81:1f:80:
2a:09:0d:7a:28:f4:a9:f5:4a:3b:3c:0b:18:fd:f2:
8c:23:e8:f2:a2:ba:31:91:ae:ce:a2:80:96:40:88:
a0:54:a5:24:43:ca:b7:bc:a9:63:61:8e:79:c0:e0:
e9:98:30:8b:b7:2e:7e:59:08:23:76:84:01:c4:1b:
99:b9:f2:68:8c:9f:62:ed:2f:a6:85:80:b3:8b:f2:
a6:f1:7c:85:31:8a:0e:96:43:34:15:24:36:54:26:
15:50:1b:28:6f:ef:15:a6:a0:70:eb:83:45:00:d3:
88:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F6:17:7D:1D:71:79:4E:D7:3F:AC:5F:D2:5E:9E:CB:77:31:56:45
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/970459868E8311EEA2EDFDDD7D84E21B.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.160.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:4c:9b:e2:e2:a9:75:79:a2:09:e0:54:5b:00:5e:24:07:b0:
c4:03:b6:71:30:69:d7:33:00:ca:4c:3f:05:98:41:08:fe:53:
10:7b:63:56:3e:4f:45:8c:cb:cc:9c:9b:84:71:9c:57:be:1b:
a7:a2:3f:b5:d3:f6:00:18:3c:7b:b9:03:b5:70:54:12:4d:8f:
d6:09:93:cd:c7:83:52:39:1a:51:21:b6:0c:5b:02:fd:e0:41:
de:f1:a5:ea:f8:b2:0b:fb:39:77:70:f7:d3:53:a9:5d:43:5e:
14:66:a5:66:ff:70:36:88:33:76:43:df:87:18:41:cf:00:6a:
87:38:b7:e4:fa:e1:b5:a9:6c:f6:b2:0e:8a:ee:6b:6b:24:c5:
60:80:e4:a5:29:dd:72:3d:61:00:68:12:a0:ab:d1:73:5e:ea:
18:99:af:ce:b0:90:bc:99:13:bf:28:bf:c4:f2:f3:8d:55:6d:
2e:90:3c:53:94:49:bd:9e:8c:43:3f:e6:6a:f3:c9:ab:8b:60:
52:ff:d8:2a:ae:b2:2f:20:8c:b8:66:8d:72:21:39:a5:8d:41:
a4:72:e7:09:fc:f8:51:55:dc:76:78:c0:9c:17:50:14:b5:c2:
64:f8:72:56:c1:97:8b:90:49:96:75:e0:20:7a:f1:8e:d7:e7:
72:97:b7:7b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE6gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjkwNjUwMjlaFw0yNTExMjkwNjUwMjlaMBgxFjAU
BgNVBAMTDTY1NjZkZjM4LTVjZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCasoQQcnPNe7o98CcNVD3j+fX20FVMh/KpVQcmQVifhdT39xV1aY2N9wTJ
cfIASvfbPzLIEgn7ExuNfH8x3f7mSSNnGj0S38/983UpwoKcFLn8gOSSZLmHPqDU
Qo6y6WOU4WhKQWp6PzWKEoUQA1jba3BMaGSdpf8eC2wb8awE4IbRFncfQEYGq74K
T4zI8U/YoYEfgCoJDXoo9Kn1Sjs8Cxj98owj6PKiujGRrs6igJZAiKBUpSRDyre8
qWNhjnnA4OmYMIu3Ln5ZCCN2hAHEG5m58miMn2LtL6aFgLOL8qbxfIUxig6WQzQV
JDZUJhVQGyhv7xWmoHDrg0UA04gZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUh/YX
fR1xeU7XP6xf0l6ey3cxVkUwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4Lzk3MDQ1OTg2OEU4MzExRUVBMkVERkRERDdEODRFMjFCLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEKAwDQYJKoZIhvcNAQEL
BQADggEBAG9Mm+LiqXV5ogngVFsAXiQHsMQDtnEwadczAMpMPwWYQQj+UxB7Y1Y+
T0WMy8ycm4RxnFe+G6eiP7XT9gAYPHu5A7VwVBJNj9YJk83Hg1I5GlEhtgxbAv3g
Qd7xper4sgv7OXdw99NTqV1DXhRmpWb/cDaIM3ZD34cYQc8Aaoc4t+T64bWpbPay
Dorua2skxWCA5KUp3XI9YQBoEqCr0XNe6hiZr86wkLyZE78ov8Ty841VbS6QPFOU
Sb2ejEM/5mrzyauLYFL/2Cqusi8gjLhmjXIhOaWNQaRy5wn8+FFV3HZ4wJwXUBS1
wmT4clbBl4uQSZZ14CB68Y7X53KXt3s=
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:12 2024 by rpki-client on console-ams.rpki-client.org