Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A8B3F56A016911F09DA5408A762E951A.roa
File: A8B3F56A016911F09DA5408A762E951A.roa (raw, json)
Hash identifier: PWz14IA1s8I4V0PUxHXEeWDEqOS9vd7ieVSLAspcm/Y=
Subject key identifier: 95:D9:78:3F:22:E9:32:DD:70:5C:CD:A3:16:22:0E:0F:A3:57:D8:47
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A52
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A8B3F56A016911F09DA5408A762E951A.roa
Signing time: Sat 15 Mar 2025 06:49:36 +0000
ROA not before: Sat 15 Mar 2025 06:49:32 +0000
ROA not after: Mon 15 Mar 2027 06:49:32 +0000
asID: 834
IP address blocks: 154.16.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6738 (0x1a52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 15 06:49:32 2025 GMT
Not After : Mar 15 06:49:32 2027 GMT
Subject: CN=67d52300-d9f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a6:68:04:79:55:03:9f:24:2a:76:2d:42:70:
03:2f:88:71:ba:b4:09:6e:d5:e8:e1:02:76:48:84:
3e:27:8d:13:b2:eb:cd:65:9d:a0:08:76:68:19:2d:
24:5d:5f:30:3f:94:7a:cb:bb:ed:8f:3f:3c:38:1e:
5e:19:ea:07:3f:a6:2a:88:86:3a:84:28:b9:79:18:
23:66:c2:18:3d:d2:57:3c:be:21:5f:92:fd:51:9f:
19:6c:d0:1c:47:36:b0:b8:22:31:65:65:d3:2a:d1:
d0:c1:93:3e:7e:52:f1:a3:73:71:2c:a1:14:ca:a6:
31:e1:2f:b1:b0:55:c2:56:80:bb:97:4f:1e:24:f2:
90:bb:e4:d0:e4:94:9e:4b:21:7e:d4:1b:a4:a1:38:
e2:cf:ec:86:ab:3a:53:a4:e6:22:3a:46:f9:b4:eb:
95:0d:50:c6:61:c7:1d:6a:ca:ee:f1:6c:4a:23:25:
c7:57:a9:ab:18:44:7d:dc:eb:e8:ca:1e:54:66:56:
92:c3:f1:9a:27:59:bb:97:01:f9:36:5d:13:a2:a4:
cb:c0:17:c1:9d:58:82:79:75:56:d0:07:1d:81:67:
c6:41:55:bd:21:f6:1d:79:fc:3d:d2:d8:b1:40:0f:
af:a4:de:ef:52:27:49:c0:db:4a:17:e1:80:31:97:
29:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D9:78:3F:22:E9:32:DD:70:5C:CD:A3:16:22:0E:0F:A3:57:D8:47
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/A8B3F56A016911F09DA5408A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.98.0/24
Signature Algorithm: sha256WithRSAEncryption
78:fd:5d:33:15:0d:29:a3:5c:b4:45:b8:8a:3e:d9:54:50:2e:
cf:1c:57:4d:2c:d1:a4:52:a8:a9:9b:ce:f2:0c:20:de:d6:f6:
1d:d7:d7:e8:99:4a:52:2d:81:82:12:cd:0e:6a:cb:7e:93:75:
af:32:5f:d0:9f:3d:a6:37:c6:5a:2b:66:4b:81:5b:e1:ec:a8:
0b:3a:5b:86:f8:c5:cc:2a:0c:d8:3a:82:0a:9e:2d:4f:56:5b:
1b:64:a7:e4:b1:fc:cd:f0:08:91:2e:b9:3c:62:68:30:0f:d9:
72:c0:4c:f2:64:55:04:81:d3:7f:b5:d2:7c:3b:19:ec:e6:4a:
f6:50:22:a1:cb:37:eb:4c:c7:c9:23:c9:f8:e5:1d:cc:94:35:
c5:26:49:a0:d5:d7:4a:1b:8a:9c:94:e2:4c:da:37:c6:86:3d:
73:19:09:0d:0b:de:ef:49:70:6b:26:3e:ec:61:99:a5:31:46:
80:6a:1e:bc:8d:da:ec:78:62:3c:c9:c7:ae:bf:23:8d:30:1c:
de:c0:68:9b:d5:81:57:f4:97:1c:e2:f8:14:ef:f5:a6:39:ec:
c5:9f:c5:4b:70:25:ce:d9:fb:33:50:bc:2f:57:6c:9b:a0:60:
51:66:b7:06:61:2d:52:78:ea:d0:cc:62:24:3d:dd:91:13:42:
45:6a:a5:f2
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGlIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAzMTUwNjQ5MzJaFw0yNzAzMTUwNjQ5MzJaMBgxFjAU
BgNVBAMTDTY3ZDUyMzAwLWQ5ZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDapmgEeVUDnyQqdi1CcAMviHG6tAlu1ejhAnZIhD4njROy681lnaAIdmgZ
LSRdXzA/lHrLu+2PPzw4Hl4Z6gc/piqIhjqEKLl5GCNmwhg90lc8viFfkv1Rnxls
0BxHNrC4IjFlZdMq0dDBkz5+UvGjc3EsoRTKpjHhL7GwVcJWgLuXTx4k8pC75NDk
lJ5LIX7UG6ShOOLP7IarOlOk5iI6Rvm065UNUMZhxx1qyu7xbEojJcdXqasYRH3c
6+jKHlRmVpLD8ZonWbuXAfk2XROipMvAF8GdWIJ5dVbQBx2BZ8ZBVb0h9h15/D3S
2LFAD6+k3u9SJ0nA20oX4YAxlykjAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUldl4
PyLpMt1wXM2jFiIOD6NX2EcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0E4QjNGNTZBMDE2OTExRjA5REE1NDA4QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGIwDQYJKoZIhvcNAQEL
BQADggEBAHj9XTMVDSmjXLRFuIo+2VRQLs8cV00s0aRSqKmbzvIMIN7W9h3X1+iZ
SlItgYISzQ5qy36Tda8yX9CfPaY3xlorZkuBW+HsqAs6W4b4xcwqDNg6ggqeLU9W
Wxtkp+Sx/M3wCJEuuTxiaDAP2XLATPJkVQSB03+10nw7GezmSvZQIqHLN+tMx8kj
yfjlHcyUNcUmSaDV10obipyU4kzaN8aGPXMZCQ0L3u9JcGsmPuxhmaUxRoBqHryN
2ux4YjzJx66/I40wHN7AaJvVgVf0lxzi+BTv9aY57MWfxUtwJc7Z+zNQvC9XbJug
YFFmtwZhLVJ46tDMYiQ93ZETQkVqpfI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:23:06 2025 by rpki-client