Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C48F668EB8FA11ED9E66D07DF1222468.roa
File: C48F668EB8FA11ED9E66D07DF1222468.roa (raw, json)
Hash identifier: SLkfPgEsWM7ZERIHnVyZpyTQAscTt5kzphBoGEjosSM=
Subject key identifier: 88:56:1B:F7:10:2E:26:EB:B5:D2:06:2D:34:5D:AD:44:A3:05:50:80
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 0CCF
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C48F668EB8FA11ED9E66D07DF1222468.roa
Signing time: Thu 02 Mar 2023 13:04:30 +0000
ROA not before: Thu 02 Mar 2023 13:04:26 +0000
ROA not after: Sat 01 Mar 2025 13:04:26 +0000
asID: 61317
IP address blocks: 154.16.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Apr 2024 00:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3279 (0xccf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Mar 2 13:04:26 2023 GMT
Not After : Mar 1 13:04:26 2025 GMT
Subject: CN=64009ede-41cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:77:74:a0:d7:91:7d:4c:0c:2c:6d:03:79:17:
22:3e:58:75:42:1f:83:03:c4:c8:2e:d6:93:8a:f6:
40:d4:16:53:4d:32:d5:9b:71:b2:f9:20:dc:c3:61:
86:c1:4a:5b:23:f0:79:ed:01:97:1e:42:cb:8d:9b:
5e:47:ea:ab:61:3c:f7:f6:fc:12:f1:cb:e3:b7:97:
b5:19:c2:d8:17:b6:50:15:87:87:bc:d3:2f:cd:8a:
85:d2:71:92:eb:c2:00:cd:32:37:e0:e1:8e:8e:66:
06:37:bf:f6:96:e4:99:c8:16:7b:39:2d:90:b9:03:
a8:c0:84:82:a1:db:fb:ab:77:a5:d0:20:a1:30:bd:
24:ec:47:8f:73:62:1c:40:b2:46:94:fe:c3:ba:4b:
8e:65:68:69:51:41:b7:08:98:4c:66:c3:db:5c:1e:
25:4f:6b:af:d7:3d:14:2e:f7:24:57:61:78:8e:90:
3e:79:18:f3:52:93:2e:1d:6e:0e:9a:77:86:72:78:
5b:bf:47:2b:4e:15:47:99:e0:b0:63:e9:a0:4d:da:
81:2a:f4:02:27:89:53:32:7a:39:99:6c:4b:b8:14:
33:41:c9:78:89:41:f1:9e:52:c1:1b:12:86:b7:be:
56:a0:80:1a:bf:00:02:34:2b:01:bf:d2:25:1c:8e:
b6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:56:1B:F7:10:2E:26:EB:B5:D2:06:2D:34:5D:AD:44:A3:05:50:80
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C48F668EB8FA11ED9E66D07DF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.255.0/24
Signature Algorithm: sha256WithRSAEncryption
91:7f:26:c9:4e:ec:24:38:d0:bb:0d:d7:63:ba:cb:56:43:dd:
2a:a9:a8:08:a7:ff:22:8d:90:3e:41:5a:73:d4:3b:cd:ec:2e:
8d:20:bc:95:08:1d:55:ca:d5:2c:61:02:bc:a9:41:18:fd:66:
db:af:d4:bb:e2:ec:24:66:a5:02:ce:ef:e9:fc:f8:f7:21:3e:
b4:66:bb:db:2c:6f:b7:a9:cf:50:e7:40:34:fa:e6:66:9d:6c:
27:08:5b:5d:25:d0:a6:3b:07:48:b2:36:4f:78:d7:68:ef:d2:
f2:af:00:91:60:d8:87:b3:79:c5:b0:6b:dc:60:f9:a6:2e:9d:
98:7a:a8:0e:f9:de:58:e0:e4:14:b6:0b:71:b9:2f:26:89:85:
c0:1d:ea:1f:6d:74:1f:c6:86:28:a5:bb:da:a6:9a:da:37:6e:
62:48:78:c9:d4:83:62:25:01:38:ab:f5:b3:5e:0f:52:ec:55:
bc:3b:d7:9d:0c:93:5a:1f:83:7c:18:b7:af:10:1e:93:7f:97:
3b:6c:6d:c4:1d:f6:bc:71:0d:69:27:49:9c:e8:be:97:4b:4a:
12:b0:ff:f0:8d:a7:d4:64:bb:da:18:fe:94:87:62:4e:f5:15:
dc:22:e3:aa:34:37:60:61:f8:6d:b3:58:5b:5c:03:f1:2b:ba:
ab:24:b3:1e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDM8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzAzMDIxMzA0MjZaFw0yNTAzMDExMzA0MjZaMBgxFjAU
BgNVBAMMDTY0MDA5ZWRlLTQxY2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFd3Sg15F9TAwsbQN5FyI+WHVCH4MDxMgu1pOK9kDUFlNNMtWbcbL5INzD
YYbBSlsj8HntAZceQsuNm15H6qthPPf2/BLxy+O3l7UZwtgXtlAVh4e80y/NioXS
cZLrwgDNMjfg4Y6OZgY3v/aW5JnIFns5LZC5A6jAhIKh2/urd6XQIKEwvSTsR49z
YhxAskaU/sO6S45laGlRQbcImExmw9tcHiVPa6/XPRQu9yRXYXiOkD55GPNSky4d
bg6ad4ZyeFu/RytOFUeZ4LBj6aBN2oEq9AIniVMyejmZbEu4FDNByXiJQfGeUsEb
Eoa3vlaggBq/AAI0KwG/0iUcjrbJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUiFYb
9xAuJuu10gYtNF2tRKMFUIAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0M0OEY2NjhFQjhGQTExRUQ5RTY2RDA3REYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEP8wDQYJKoZIhvcNAQEL
BQADggEBAJF/JslO7CQ40LsN12O6y1ZD3SqpqAin/yKNkD5BWnPUO83sLo0gvJUI
HVXK1SxhArypQRj9Ztuv1Lvi7CRmpQLO7+n8+PchPrRmu9ssb7epz1DnQDT65mad
bCcIW10l0KY7B0iyNk9412jv0vKvAJFg2IezecWwa9xg+aYunZh6qA753ljg5BS2
C3G5LyaJhcAd6h9tdB/Ghiilu9qmmto3bmJIeMnUg2IlATir9bNeD1LsVbw7150M
k1ofg3wYt68QHpN/lztsbcQd9rxxDWknSZzovpdLShKw//CNp9Rku9oY/pSHYk71
Fdwi46o0N2Bh+G2zWFtcA/Eruqsksx4=
-----END CERTIFICATE-----
Generated at Thu Apr 18 14:07:27 2024 by rpki-client on console-fra.rpki-client.org