Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9E8F5B8AA7EE11EFA7D77F8A762E951A.roa
File: 9E8F5B8AA7EE11EFA7D77F8A762E951A.roa (raw, json)
Hash identifier: zuLvII1PpKjhZj8pRDV/VPcKji7sYF4PMQOcsKxQoUY=
Subject key identifier: 35:DB:20:5D:01:C4:18:18:BD:56:14:DA:C4:D4:9F:65:1E:44:B5:7B
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 18FD
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9E8F5B8AA7EE11EFA7D77F8A762E951A.roa
Signing time: Thu 21 Nov 2024 09:54:38 +0000
ROA not before: Thu 21 Nov 2024 09:54:34 +0000
ROA not after: Sat 21 Nov 2026 09:54:34 +0000
asID: 62240
IP address blocks: 154.16.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6397 (0x18fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Nov 21 09:54:34 2024 GMT
Not After : Nov 21 09:54:34 2026 GMT
Subject: CN=673f035d-917a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e6:10:cc:26:06:33:c7:9d:28:44:b6:8e:59:
13:a0:2c:74:0d:50:7a:88:20:cc:91:26:bd:1e:c7:
12:5e:d8:72:66:60:87:55:d7:3d:05:e1:db:e5:9b:
53:57:8b:81:5a:9a:2a:b5:51:ed:03:40:64:00:01:
09:72:70:38:21:9e:c3:1e:86:fd:3c:39:cc:f8:39:
8c:89:e1:11:19:c5:68:98:3d:ea:ec:9a:a3:ca:26:
75:30:58:1f:f9:f4:6b:35:a1:59:00:90:d0:e2:50:
20:dd:7c:1d:0f:78:ba:49:40:6e:0e:2d:43:9b:60:
6c:d9:77:92:61:3f:20:61:8f:cc:af:62:27:fa:0b:
4d:c9:58:b9:90:8e:91:03:68:52:af:c1:fd:fc:ed:
42:34:ae:8c:72:ec:d6:fa:ea:00:be:1b:7f:34:5b:
9e:a8:0a:69:d4:c7:68:5f:5a:1a:5e:16:ad:84:7f:
19:89:25:cc:80:b2:63:d2:ea:c9:11:6e:03:a3:f8:
d1:60:69:57:83:0d:62:5e:b5:eb:36:db:cd:cc:30:
30:d1:56:60:4b:aa:73:90:8e:d4:de:19:bc:a3:53:
3d:6f:63:4d:37:c7:a7:5c:30:a2:f5:3a:6d:07:9e:
f6:82:5b:ab:cb:55:2c:b3:32:e3:63:fc:5a:5e:21:
a2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DB:20:5D:01:C4:18:18:BD:56:14:DA:C4:D4:9F:65:1E:44:B5:7B
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9E8F5B8AA7EE11EFA7D77F8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.161.0/24
Signature Algorithm: sha256WithRSAEncryption
98:4e:3d:ef:a5:a0:9d:24:20:98:95:32:a8:1a:87:3c:58:9a:
6d:7d:d0:d6:47:1a:84:5b:e3:3b:36:a8:60:86:19:57:3b:d8:
09:8d:ce:ef:45:df:92:f6:6a:cf:d5:02:4a:9d:06:af:d2:72:
c5:d8:aa:31:fd:1e:66:ea:45:d8:6e:28:0e:3f:96:f2:90:d2:
37:bb:db:1e:d7:dc:1b:17:f4:a8:69:b1:e8:e7:c0:3f:46:ae:
dc:c9:da:06:38:20:76:61:4d:9b:67:70:3b:d0:96:e9:a0:b9:
89:83:8a:6c:d3:4b:8b:3a:c4:30:2d:d4:e0:5e:b7:f6:96:89:
8f:33:34:b9:9c:3a:1b:8a:b8:51:df:99:0c:8e:0f:19:dc:69:
5c:38:f3:1e:1b:f2:22:7d:5f:1d:a6:c7:98:4a:f3:70:91:12:
b4:a9:d8:75:ca:d1:9c:e3:ee:1e:c4:70:d0:22:e2:30:73:8e:
4b:7e:e7:5f:1f:de:49:b3:c3:c0:22:7c:0c:d5:76:dd:37:8f:
4d:11:ef:c6:f3:18:e2:37:20:e1:5f:97:e6:2a:34:7c:96:90:
43:d0:5a:fb:6a:79:fd:29:f8:bd:76:05:99:76:21:f2:7d:92:
5c:e4:97:aa:96:49:ac:99:6a:73:d9:63:a3:44:da:46:60:0d:
8b:95:ce:3f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGP0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDExMjEwOTU0MzRaFw0yNjExMjEwOTU0MzRaMBgxFjAU
BgNVBAMTDTY3M2YwMzVkLTkxN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDr5hDMJgYzx50oRLaOWROgLHQNUHqIIMyRJr0exxJe2HJmYIdV1z0F4dvl
m1NXi4Famiq1Ue0DQGQAAQlycDghnsMehv08Ocz4OYyJ4REZxWiYPersmqPKJnUw
WB/59Gs1oVkAkNDiUCDdfB0PeLpJQG4OLUObYGzZd5JhPyBhj8yvYif6C03JWLmQ
jpEDaFKvwf387UI0roxy7Nb66gC+G380W56oCmnUx2hfWhpeFq2EfxmJJcyAsmPS
6skRbgOj+NFgaVeDDWJetes2283MMDDRVmBLqnOQjtTeGbyjUz1vY003x6dcMKL1
Om0HnvaCW6vLVSyzMuNj/FpeIaIZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNdsg
XQHEGBi9VhTaxNSfZR5EtXswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzlFOEY1QjhBQTdFRTExRUZBN0Q3N0Y4QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEKEwDQYJKoZIhvcNAQEL
BQADggEBAJhOPe+loJ0kIJiVMqgahzxYmm190NZHGoRb4zs2qGCGGVc72AmNzu9F
35L2as/VAkqdBq/ScsXYqjH9HmbqRdhuKA4/lvKQ0je72x7X3BsX9KhpsejnwD9G
rtzJ2gY4IHZhTZtncDvQlumguYmDimzTS4s6xDAt1OBet/aWiY8zNLmcOhuKuFHf
mQyODxncaVw48x4b8iJ9Xx2mx5hK83CRErSp2HXK0Zzj7h7EcNAi4jBzjkt+518f
3kmzw8AifAzVdt03j00R78bzGOI3IOFfl+YqNHyWkEPQWvtqef0p+L12BZl2IfJ9
klzkl6qWSayZanPZY6NE2kZgDYuVzj8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:26 2025 by rpki-client