Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9321AA64BD511EE882059884AD9E6FC.roa
File: C9321AA64BD511EE882059884AD9E6FC.roa (raw, json)
Hash identifier: LJfSO877HISD3UFtnld3h1338LKfO14XLUnG2bBsG0A=
Subject key identifier: E8:68:57:16:8D:E9:DE:03:10:9B:5C:17:AC:F0:F4:71:D2:A4:F6:2F
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 11F6
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9321AA64BD511EE882059884AD9E6FC.roa
Signing time: Tue 05 Sep 2023 10:20:07 +0000
ROA not before: Tue 05 Sep 2023 10:20:04 +0000
ROA not after: Fri 05 Sep 2025 10:20:04 +0000
asID: 141158
IP address blocks: 154.16.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4598 (0x11f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Sep 5 10:20:04 2023 GMT
Not After : Sep 5 10:20:04 2025 GMT
Subject: CN=64f700d7-6df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:61:d1:8a:f5:7d:db:73:8f:39:46:ea:e9:a0:
f6:f1:04:c7:19:f5:a0:bd:b2:4b:f8:7a:c2:60:6d:
6b:d1:6a:22:e2:c6:21:6f:7a:54:c7:a1:cb:84:a4:
13:31:7d:54:54:74:89:b4:8c:05:36:4a:6b:62:31:
13:6f:8d:97:96:0e:b4:e4:cf:53:02:6a:7e:dc:49:
b2:56:34:51:4b:50:3b:49:9b:be:3f:41:a4:b7:a2:
61:36:6c:17:e7:79:3d:aa:c2:b9:11:6b:3e:e5:b1:
e2:7e:4b:db:2d:29:99:03:87:1c:6c:dd:0a:49:d7:
6f:2d:ac:bc:20:65:ec:6d:b1:f5:13:da:6c:78:12:
ea:82:09:cf:5e:cb:f4:53:ed:85:11:75:f3:96:09:
31:6d:84:7e:19:3d:96:66:ed:6f:0a:b1:ee:ec:43:
87:e5:9c:51:91:04:1e:08:72:b3:37:a8:31:bc:c3:
53:19:71:75:1f:f5:17:8f:7b:ef:18:67:2d:d0:92:
76:aa:d1:f9:55:75:1f:b5:04:91:4d:ac:eb:8a:b4:
8c:bb:b3:b0:f9:d4:45:28:0f:01:c4:f4:dd:40:ef:
b8:bb:f1:3c:7d:47:ec:e8:b7:04:d7:10:8a:e7:64:
b6:43:be:77:fb:7c:19:18:52:14:b6:14:9f:08:63:
fa:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:68:57:16:8D:E9:DE:03:10:9B:5C:17:AC:F0:F4:71:D2:A4:F6:2F
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9321AA64BD511EE882059884AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.136.0/24
Signature Algorithm: sha256WithRSAEncryption
14:6c:e5:fa:73:bd:08:1e:82:ca:ee:c4:64:44:38:80:92:81:
e6:3a:4b:28:7c:81:66:e0:bb:e0:41:5a:cc:c8:7f:92:35:61:
01:49:38:57:e2:34:67:6d:c4:67:8d:6c:b5:ca:a7:d9:99:cb:
7e:7f:61:03:78:4b:cc:99:99:b2:9f:a6:05:74:26:cc:84:33:
26:74:8b:43:35:0e:4e:fa:cb:e0:69:3f:da:9f:50:1d:a7:fe:
c4:c7:b3:f3:f8:ed:da:bd:8f:31:cd:6c:62:8f:f3:3e:7f:8a:
d0:21:b9:56:6b:26:11:4e:f1:28:53:db:34:53:94:29:df:89:
dc:49:73:64:0d:13:cf:3a:b5:75:c0:ef:b6:66:cd:09:e4:6c:
49:f8:3c:6e:f4:fd:da:ed:38:a4:74:1c:71:25:36:d7:38:18:
5f:4c:98:f8:a2:da:98:68:de:74:8a:41:e8:0b:54:78:1d:f1:
ac:47:de:f0:ff:01:4f:f4:a7:90:8f:aa:3a:2c:e4:4d:06:0f:
8f:92:c2:1f:09:a8:d5:a6:67:b4:94:04:dc:a5:88:5e:55:09:
4e:dc:aa:60:48:8f:ce:86:f8:1f:27:73:e5:8c:4f:39:19:b2:
31:42:75:ef:31:88:74:0c:9f:63:00:05:87:da:16:80:25:59:
f0:4b:6f:4c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICEfYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzA5MDUxMDIwMDRaFw0yNTA5MDUxMDIwMDRaMBgxFjAU
BgNVBAMTDTY0ZjcwMGQ3LTZkZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFYdGK9X3bc485RurpoPbxBMcZ9aC9skv4esJgbWvRaiLixiFvelTHocuE
pBMxfVRUdIm0jAU2SmtiMRNvjZeWDrTkz1MCan7cSbJWNFFLUDtJm74/QaS3omE2
bBfneT2qwrkRaz7lseJ+S9stKZkDhxxs3QpJ128trLwgZextsfUT2mx4EuqCCc9e
y/RT7YURdfOWCTFthH4ZPZZm7W8Kse7sQ4flnFGRBB4IcrM3qDG8w1MZcXUf9ReP
e+8YZy3Qknaq0flVdR+1BJFNrOuKtIy7s7D51EUoDwHE9N1A77i78Tx9R+zotwTX
EIrnZLZDvnf7fBkYUhS2FJ8IY/plAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU6GhX
Fo3p3gMQm1wXrPD0cdKk9i8wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0M5MzIxQUE2NEJENTExRUU4ODIwNTk4ODRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEIgwDQYJKoZIhvcNAQEL
BQADggEBABRs5fpzvQgegsruxGREOICSgeY6Syh8gWbgu+BBWszIf5I1YQFJOFfi
NGdtxGeNbLXKp9mZy35/YQN4S8yZmbKfpgV0JsyEMyZ0i0M1Dk76y+BpP9qfUB2n
/sTHs/P47dq9jzHNbGKP8z5/itAhuVZrJhFO8ShT2zRTlCnfidxJc2QNE886tXXA
77ZmzQnkbEn4PG70/drtOKR0HHElNtc4GF9MmPii2pho3nSKQegLVHgd8axH3vD/
AU/0p5CPqjos5E0GD4+Swh8JqNWmZ7SUBNyliF5VCU7cqmBIj86G+B8nc+WMTzkZ
sjFCde8xiHQMn2MABYfaFoAlWfBLb0w=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:24 2025 by rpki-client