Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C1CD64E6EE0E11EFA6AFEB6F762E951A.roa
File: C1CD64E6EE0E11EFA6AFEB6F762E951A.roa (raw, json)
Hash identifier: 221/hV1YGUYhKkbjsSOD2w5bDK+U3uq4q2RY1Cwc8Gk=
Subject key identifier: 1B:C3:74:63:2F:83:B4:C4:7B:E1:36:8F:21:CE:09:77:18:C8:8D:7F
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 19E5
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C1CD64E6EE0E11EFA6AFEB6F762E951A.roa
Signing time: Tue 18 Feb 2025 15:41:02 +0000
ROA not before: Tue 18 Feb 2025 15:40:58 +0000
ROA not after: Sat 20 Feb 2027 15:40:58 +0000
asID: 61317
IP address blocks: 154.16.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6629 (0x19e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 18 15:40:58 2025 GMT
Not After : Feb 20 15:40:58 2027 GMT
Subject: CN=67b4aa0e-5b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4a:33:d0:af:d3:51:80:b8:75:b9:ac:b2:b0:
57:86:c5:18:33:ea:b9:f6:29:41:92:5d:50:12:d7:
79:5a:ee:8a:81:1c:9c:2c:82:7a:37:8a:0c:9d:24:
19:37:56:92:9d:ef:c1:98:30:ee:87:86:c3:be:3d:
4f:c8:68:ac:31:f8:b8:6b:cb:b9:a8:ff:5c:a0:d9:
ea:39:5d:54:fb:be:39:b7:fa:38:e4:43:4e:08:90:
3f:16:37:97:e9:44:3f:57:2f:fa:d2:33:aa:8f:9d:
12:c1:38:29:91:9e:28:ac:d6:b0:b5:08:78:6d:e2:
af:86:bd:77:9e:78:95:ac:9b:bb:6a:29:cf:33:1d:
89:36:d1:c6:08:c1:f1:c5:54:a0:f3:f7:56:57:0f:
7e:87:4f:9f:b9:77:3c:8b:15:d8:87:18:91:c7:87:
3a:0c:d2:89:e9:32:dc:8a:b9:ba:f6:b6:8e:93:f7:
ec:4a:cf:ed:ff:1e:6e:3a:ac:03:c8:1d:b9:52:c8:
0e:00:0b:7b:89:54:e1:52:79:7c:9d:15:4d:4f:dc:
4d:15:5d:79:f9:78:b3:f8:92:f7:39:89:98:b7:0e:
95:f5:29:1f:94:6f:f7:1b:1a:0c:1d:c6:9d:79:d8:
7e:4d:ed:28:b8:40:62:e1:7b:30:9c:2c:7b:f7:7b:
19:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C3:74:63:2F:83:B4:C4:7B:E1:36:8F:21:CE:09:77:18:C8:8D:7F
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C1CD64E6EE0E11EFA6AFEB6F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.108.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:aa:27:60:89:1c:7d:11:29:76:53:50:e9:42:69:aa:66:c7:
3f:54:89:68:f8:aa:e1:cb:f4:db:41:70:84:5a:29:59:06:cc:
25:f6:e5:e6:0c:53:02:66:eb:67:31:97:e9:d2:ec:d4:11:b8:
a8:17:94:72:ff:52:9b:f7:5b:4f:99:e9:06:89:0b:dc:07:1c:
f1:ae:48:50:c9:a0:ad:63:fd:e4:8d:50:71:e9:4a:69:b0:b6:
99:6a:fe:16:57:76:95:ce:48:30:75:e4:4f:df:03:66:4f:88:
bb:03:4a:bb:24:17:eb:a5:ba:f4:d5:42:a6:00:8b:47:cd:77:
a8:23:ef:a1:d3:70:46:a9:a8:0e:6b:8e:78:8e:e8:06:6c:52:
52:3c:c6:ae:93:6b:92:6a:49:2c:fa:eb:65:a3:cf:26:82:b0:
84:44:a2:11:80:89:14:01:bd:73:60:69:30:27:58:fe:02:d6:
ab:6c:bc:c8:60:95:68:b4:c5:46:e2:dd:8f:b3:01:ae:de:58:
69:1e:30:ad:51:a3:32:2f:97:57:59:fa:ee:3f:3f:3c:61:7c:
92:24:b4:5d:fb:81:d2:fa:d6:14:57:cb:22:90:56:a8:74:d9:
32:d6:d9:c7:be:9e:d8:19:55:fb:cf:e8:07:f5:c2:ae:c2:67:
98:b8:d7:dd
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGeUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMTgxNTQwNThaFw0yNzAyMjAxNTQwNThaMBgxFjAU
BgNVBAMTDTY3YjRhYTBlLTViMWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvSjPQr9NRgLh1uayysFeGxRgz6rn2KUGSXVAS13la7oqBHJwsgno3igyd
JBk3VpKd78GYMO6HhsO+PU/IaKwx+Lhry7mo/1yg2eo5XVT7vjm3+jjkQ04IkD8W
N5fpRD9XL/rSM6qPnRLBOCmRniis1rC1CHht4q+GvXeeeJWsm7tqKc8zHYk20cYI
wfHFVKDz91ZXD36HT5+5dzyLFdiHGJHHhzoM0onpMtyKubr2to6T9+xKz+3/Hm46
rAPIHblSyA4AC3uJVOFSeXydFU1P3E0VXXn5eLP4kvc5iZi3DpX1KR+Ub/cbGgwd
xp152H5N7Si4QGLhezCcLHv3exkbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUG8N0
Yy+DtMR74TaPIc4JdxjIjX8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0MxQ0Q2NEU2RUUwRTExRUZBNkFGRUI2Rjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEGwwDQYJKoZIhvcNAQEL
BQADggEBALGqJ2CJHH0RKXZTUOlCaapmxz9UiWj4quHL9NtBcIRaKVkGzCX25eYM
UwJm62cxl+nS7NQRuKgXlHL/Upv3W0+Z6QaJC9wHHPGuSFDJoK1j/eSNUHHpSmmw
tplq/hZXdpXOSDB15E/fA2ZPiLsDSrskF+uluvTVQqYAi0fNd6gj76HTcEapqA5r
jniO6AZsUlI8xq6Ta5JqSSz662WjzyaCsIREohGAiRQBvXNgaTAnWP4C1qtsvMhg
lWi0xUbi3Y+zAa7eWGkeMK1RozIvl1dZ+u4/PzxhfJIktF37gdL61hRXyyKQVqh0
2TLW2ce+ntgZVfvP6Af1wq7CZ5i4190=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:33:49 2025 by rpki-client