Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C2A57D82EF5211EF875EACB5762E951A.roa
File: C2A57D82EF5211EF875EACB5762E951A.roa (raw, json)
Hash identifier: tBVh5U8LMSQQc74Ks5AoKxuV+nHIDuSFWFj3HrRS8aI=
Subject key identifier: 37:4B:85:69:76:5C:86:4C:24:B5:42:05:6F:7B:B3:6F:52:79:62:46
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A0D
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C2A57D82EF5211EF875EACB5762E951A.roa
Signing time: Thu 20 Feb 2025 06:20:21 +0000
ROA not before: Thu 20 Feb 2025 06:20:17 +0000
ROA not after: Sat 20 Feb 2027 06:20:17 +0000
asID: 834
IP address blocks: 154.16.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6669 (0x1a0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 20 06:20:17 2025 GMT
Not After : Feb 20 06:20:17 2027 GMT
Subject: CN=67b6c9a4-a464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8f:de:92:ba:fa:b7:f1:da:0d:37:85:0d:2e:
ff:72:22:05:80:81:25:75:93:c4:ca:83:3a:64:ca:
c2:2e:e2:6f:b4:b0:50:00:70:06:03:78:82:f4:d8:
66:a8:03:71:2b:cc:fc:57:42:8b:b7:10:fa:28:56:
f2:d6:0a:83:29:e7:c6:c1:39:f6:22:da:69:0c:a4:
66:db:e6:fd:e8:e0:93:3c:16:98:a1:b1:db:12:90:
fd:42:55:da:b6:c3:a2:28:6e:c9:29:38:c1:a3:0c:
bd:d3:1f:1e:41:8c:4f:20:b6:8e:23:d9:6b:4d:06:
39:2b:b9:c7:bd:0d:f2:d4:b9:d1:8c:5d:5e:a6:3f:
c3:b5:3b:58:f2:79:fe:ce:08:66:4f:05:bc:83:a9:
c8:32:33:f7:f5:e5:29:a4:68:84:30:6e:3b:71:de:
ec:18:3a:d3:18:bf:a8:60:52:ac:8a:29:35:99:71:
4d:f8:cb:ff:e2:0a:e7:81:91:3b:cc:3d:55:26:b6:
1e:e4:ee:35:d0:7e:29:ac:1a:05:d3:42:18:91:4c:
c0:6a:cd:5e:4e:dc:71:83:b1:42:81:d5:54:89:a2:
53:c0:77:be:61:97:cd:5c:c9:d7:60:bc:f2:c9:7b:
f8:ba:38:e9:28:29:39:39:fc:06:e1:9c:3c:03:1f:
c8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:4B:85:69:76:5C:86:4C:24:B5:42:05:6F:7B:B3:6F:52:79:62:46
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C2A57D82EF5211EF875EACB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.186.0/24
Signature Algorithm: sha256WithRSAEncryption
13:93:ed:05:ce:c6:b9:f5:9b:91:05:a2:00:a5:2e:09:ab:f9:
99:c7:8d:7e:0f:19:93:13:5e:c5:dc:fe:a4:36:74:39:b6:4f:
76:8b:ea:0f:39:86:c0:17:e0:2b:ba:fe:36:67:de:6d:b1:b9:
c1:16:84:de:ba:68:a8:e7:48:ba:3e:f4:a1:22:a9:52:84:69:
ea:62:de:0f:18:17:10:93:63:4e:5b:cb:15:6e:80:ee:4c:ce:
42:da:4b:33:64:58:a4:ad:4a:e0:22:4e:8e:28:4e:71:b5:85:
c1:90:86:63:1e:d0:bf:17:47:51:58:06:15:ae:a6:59:df:ec:
e5:37:64:a0:a7:85:1d:28:3b:04:87:11:bd:e9:a7:63:b3:ec:
19:df:ff:d9:c4:52:f3:1f:e0:a7:47:45:d3:64:7d:f7:b8:66:
32:09:bd:0a:2b:74:69:06:bc:bf:aa:19:47:83:73:00:6d:75:
76:0b:f6:66:71:df:e7:58:39:a1:37:c1:31:4b:d1:67:b3:a2:
67:27:a3:ef:b1:1b:28:20:00:ba:5d:40:ad:f5:2c:c2:7d:83:
06:c1:e7:4a:2f:f2:a6:c3:69:f5:ea:11:52:eb:14:2f:24:96:
9b:6b:81:ae:f3:d5:6e:40:71:ed:47:21:bb:5e:f5:39:97:da:
e0:8c:b1:26
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGg0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMjAwNjIwMTdaFw0yNzAyMjAwNjIwMTdaMBgxFjAU
BgNVBAMTDTY3YjZjOWE0LWE0NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvj96Suvq38doNN4UNLv9yIgWAgSV1k8TKgzpkysIu4m+0sFAAcAYDeIL0
2GaoA3ErzPxXQou3EPooVvLWCoMp58bBOfYi2mkMpGbb5v3o4JM8FpihsdsSkP1C
Vdq2w6IobskpOMGjDL3THx5BjE8gto4j2WtNBjkruce9DfLUudGMXV6mP8O1O1jy
ef7OCGZPBbyDqcgyM/f15SmkaIQwbjtx3uwYOtMYv6hgUqyKKTWZcU34y//iCueB
kTvMPVUmth7k7jXQfimsGgXTQhiRTMBqzV5O3HGDsUKB1VSJolPAd75hl81cyddg
vPLJe/i6OOkoKTk5/AbhnDwDH8jVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUN0uF
aXZchkwktUIFb3uzb1J5YkYwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0MyQTU3RDgyRUY1MjExRUY4NzVFQUNCNTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaELowDQYJKoZIhvcNAQEL
BQADggEBABOT7QXOxrn1m5EFogClLgmr+ZnHjX4PGZMTXsXc/qQ2dDm2T3aL6g85
hsAX4Cu6/jZn3m2xucEWhN66aKjnSLo+9KEiqVKEaepi3g8YFxCTY05byxVugO5M
zkLaSzNkWKStSuAiTo4oTnG1hcGQhmMe0L8XR1FYBhWuplnf7OU3ZKCnhR0oOwSH
Eb3pp2Oz7Bnf/9nEUvMf4KdHRdNkffe4ZjIJvQordGkGvL+qGUeDcwBtdXYL9mZx
3+dYOaE3wTFL0Wezomcno++xGyggALpdQK31LMJ9gwbB50ov8qbDafXqEVLrFC8k
lptrga7z1W5Ace1HIbte9TmX2uCMsSY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:12 2025 by rpki-client