Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B495D622BBD811EF9C8EA069762E951A.roa
File: B495D622BBD811EF9C8EA069762E951A.roa (raw, json)
Hash identifier: nfGqqWCRDQa1wlDB8aS3d01NerXKXi2mlpkE+qpAm2o=
Subject key identifier: CD:D2:7B:BF:C1:08:E5:19:64:51:8F:E1:E8:3D:CF:80:EA:6C:3C:B1
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1941
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B495D622BBD811EF9C8EA069762E951A.roa
Signing time: Mon 16 Dec 2024 18:08:09 +0000
ROA not before: Mon 16 Dec 2024 18:08:05 +0000
ROA not after: Tue 16 Dec 2025 18:08:05 +0000
asID: 60602
IP address blocks: 154.16.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6465 (0x1941)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 16 18:08:05 2024 GMT
Not After : Dec 16 18:08:05 2025 GMT
Subject: CN=67606c89-7264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:df:1f:50:c4:3e:93:a2:72:76:e2:a7:f1:bc:
b5:d9:54:12:a6:32:d1:8a:ba:b4:c9:1a:bd:87:6b:
2c:c1:55:b3:88:fc:34:fa:39:12:2f:0f:60:3b:d5:
b2:c8:db:73:58:a8:51:31:e2:97:fd:45:0c:93:f2:
db:89:91:4e:e8:fd:7e:33:b8:82:9d:cb:99:1d:88:
aa:92:4d:55:da:eb:fa:36:91:b5:c1:68:36:96:d0:
1c:b0:dc:7c:c5:22:86:f2:05:87:72:65:44:b3:d0:
8a:c0:0a:84:ce:9f:e8:30:ae:7e:23:0f:1b:4a:ec:
ea:43:10:8d:97:66:ac:06:d4:f4:7f:18:e0:d8:d7:
f1:81:23:2f:a3:6d:0a:1d:9a:5e:ab:6e:26:f4:ed:
e4:fc:47:72:ec:cb:82:4a:57:7b:4b:34:20:67:3f:
2c:32:8b:dd:0c:16:42:54:fc:00:fb:95:4b:cb:0b:
11:bc:22:bc:7c:3e:96:30:9b:21:4b:ff:36:6d:c5:
a8:50:05:00:c0:3a:af:9a:1f:cf:c2:2b:b5:55:ae:
d9:96:87:75:d9:f7:4a:ba:d3:03:59:66:6d:c1:91:
32:a9:10:d0:ac:1c:89:aa:be:c0:6c:24:44:72:71:
22:f9:d0:75:0c:28:95:42:57:9f:74:3f:5c:3a:9a:
38:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D2:7B:BF:C1:08:E5:19:64:51:8F:E1:E8:3D:CF:80:EA:6C:3C:B1
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/B495D622BBD811EF9C8EA069762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.177.0/24
Signature Algorithm: sha256WithRSAEncryption
23:47:f0:cd:26:f8:f2:46:3b:46:20:4e:82:0b:90:35:e4:67:
1e:fd:99:37:29:16:7b:75:4b:27:92:c8:db:62:47:b9:6c:85:
02:2f:24:c9:1d:66:a7:83:df:6b:6b:99:70:5f:6c:25:c5:37:
1e:70:08:ee:3d:3c:8c:39:97:f7:6b:09:ff:62:3c:a7:53:c5:
e8:8c:27:32:e8:61:10:af:84:65:18:56:1d:67:1a:35:83:19:
8c:0e:c7:eb:3a:27:37:e9:0f:57:1d:c1:79:91:2f:f5:32:4a:
cf:c0:19:d9:e0:1d:30:fe:b1:57:9a:20:bf:1c:9e:7a:2c:fd:
9d:71:47:08:87:58:b6:90:19:be:91:0b:78:6f:0d:f7:8f:08:
fb:7a:50:aa:bb:43:41:81:ef:dc:97:cd:ea:8f:5e:29:2b:3b:
d6:bc:a8:83:66:34:31:82:d0:cb:da:44:50:45:08:be:cd:2c:
72:e6:fd:24:6c:d3:b3:49:46:65:06:17:57:c8:8d:00:57:1f:
2a:2d:bc:fe:cb:aa:cb:6d:94:65:7c:3c:85:de:29:a4:f3:6f:
b0:22:e1:63:16:69:05:e9:74:8b:61:88:aa:8b:bf:5f:7f:b2:
2e:5d:c3:ca:fe:b4:3e:12:e2:58:0d:79:f4:f0:e2:4d:95:27:
90:60:83:95
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGUEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMTYxODA4MDVaFw0yNTEyMTYxODA4MDVaMBgxFjAU
BgNVBAMTDTY3NjA2Yzg5LTcyNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDY3x9QxD6TonJ24qfxvLXZVBKmMtGKurTJGr2HayzBVbOI/DT6ORIvD2A7
1bLI23NYqFEx4pf9RQyT8tuJkU7o/X4zuIKdy5kdiKqSTVXa6/o2kbXBaDaW0Byw
3HzFIobyBYdyZUSz0IrACoTOn+gwrn4jDxtK7OpDEI2XZqwG1PR/GODY1/GBIy+j
bQodml6rbib07eT8R3Lsy4JKV3tLNCBnPywyi90MFkJU/AD7lUvLCxG8Irx8PpYw
myFL/zZtxahQBQDAOq+aH8/CK7VVrtmWh3XZ90q60wNZZm3BkTKpENCsHImqvsBs
JERycSL50HUMKJVCV590P1w6mjitAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzdJ7
v8EI5RlkUY/h6D3PgOpsPLEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0I0OTVENjIyQkJEODExRUY5QzhFQTA2OTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaELEwDQYJKoZIhvcNAQEL
BQADggEBACNH8M0m+PJGO0YgToILkDXkZx79mTcpFnt1SyeSyNtiR7lshQIvJMkd
ZqeD32trmXBfbCXFNx5wCO49PIw5l/drCf9iPKdTxeiMJzLoYRCvhGUYVh1nGjWD
GYwOx+s6JzfpD1cdwXmRL/UySs/AGdngHTD+sVeaIL8cnnos/Z1xRwiHWLaQGb6R
C3hvDfePCPt6UKq7Q0GB79yXzeqPXikrO9a8qINmNDGC0MvaRFBFCL7NLHLm/SRs
07NJRmUGF1fIjQBXHyotvP7LqsttlGV8PIXeKaTzb7Ai4WMWaQXpdIthiKqLv19/
si5dw8r+tD4S4lgNefTw4k2VJ5Bgg5U=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:56:07 2025 by rpki-client