Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9544158E85A11EFA323605B762E951A.roa
File: C9544158E85A11EFA323605B762E951A.roa (raw, json)
Hash identifier: PQmOcjXcXlSu2h7na9OAZkDsjyLpmoMPr0w030Is9gU=
Subject key identifier: 07:01:96:FF:9C:60:13:93:2D:5F:B1:B1:DA:19:4E:9A:4D:D6:F8:CE
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 19D2
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9544158E85A11EFA323605B762E951A.roa
Signing time: Tue 11 Feb 2025 09:30:09 +0000
ROA not before: Tue 11 Feb 2025 09:30:06 +0000
ROA not after: Sat 13 Feb 2027 09:30:06 +0000
asID: 61317
IP address blocks: 154.16.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6610 (0x19d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 11 09:30:06 2025 GMT
Not After : Feb 13 09:30:06 2027 GMT
Subject: CN=67ab18a1-90e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:30:16:b0:a5:ab:98:a6:de:10:b0:9f:86:3f:
d9:a1:a2:81:af:86:3e:35:ef:62:2f:84:2c:62:a8:
86:48:ed:5a:b0:f8:bf:23:0a:f9:28:65:6d:ab:a7:
29:fd:d8:e4:fc:60:6c:c8:38:5a:02:87:1d:00:32:
bb:4e:be:0d:4a:d8:81:5d:de:dc:2f:91:62:ee:dc:
c0:e1:3a:1b:b4:29:94:19:fc:0e:9e:3d:70:d4:bf:
01:98:4d:28:91:a3:62:b8:73:51:e6:c6:50:af:89:
7f:95:77:10:99:3e:00:2a:e2:0a:b9:e9:13:72:38:
09:e2:30:94:9e:1d:76:e8:c6:30:bf:36:28:c0:cb:
78:0e:e4:36:ee:a4:f9:c5:39:67:03:97:7e:c1:2e:
9b:8e:65:a1:94:7f:04:25:df:95:11:b6:5e:4c:18:
1b:6c:ea:dc:6f:90:58:aa:38:8a:fa:d5:a1:ab:9c:
b5:6b:3b:11:54:59:03:0c:d8:da:aa:bb:71:f6:45:
5f:2f:70:b5:13:89:df:72:98:0b:ce:ee:4f:28:da:
ea:86:2d:6a:2d:0b:37:09:79:f3:0d:c2:44:1a:6a:
74:00:ff:d3:67:0e:ff:04:0d:af:df:3e:08:5d:ec:
a3:92:73:7b:33:91:b5:50:ab:6c:b9:48:cf:60:9e:
6c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:01:96:FF:9C:60:13:93:2D:5F:B1:B1:DA:19:4E:9A:4D:D6:F8:CE
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9544158E85A11EFA323605B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.126.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:4c:3b:f4:53:4d:d6:17:b1:40:67:04:03:af:a8:48:b3:e3:
69:d7:33:88:c7:e4:72:45:12:81:86:49:be:e1:0d:7b:76:ed:
d2:dd:e0:3e:a0:ea:5f:54:11:ff:67:d9:37:12:5a:08:b9:a1:
4a:4b:4f:6d:b2:f8:f9:59:5b:2f:62:e4:2b:3f:45:15:c5:9d:
9b:23:3d:c6:60:03:2b:13:87:44:e5:00:23:3d:c3:ce:b5:1b:
36:32:a2:da:0d:2f:98:5f:c5:fc:32:f0:d4:e4:67:08:16:d8:
57:dc:26:7b:02:de:fa:bf:cc:3c:18:c7:97:df:17:03:f6:ef:
bc:38:8a:fa:98:d5:c0:0c:76:63:a5:54:80:83:55:df:28:1a:
21:eb:fc:9b:11:9c:40:12:e6:98:da:8e:6c:2c:07:2e:61:31:
e0:31:f1:14:20:a0:c2:38:ea:4a:dd:86:77:6f:d2:cd:21:dc:
e0:a3:ae:eb:c1:95:6f:4a:f4:3a:df:1f:cb:1b:b7:1c:db:f7:
85:d7:aa:00:6c:1a:e8:d1:c1:49:a8:ac:6a:6a:93:d0:83:86:
c3:0e:de:6d:74:28:ff:58:7d:c5:b4:77:a6:2a:ec:e7:54:1b:
82:05:39:cc:38:e2:f1:45:ce:e3:fb:fc:dd:1e:59:a9:42:ec:
11:eb:f8:fc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGdIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMTEwOTMwMDZaFw0yNzAyMTMwOTMwMDZaMBgxFjAU
BgNVBAMTDTY3YWIxOGExLTkwZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQMBawpauYpt4QsJ+GP9mhooGvhj4172IvhCxiqIZI7Vqw+L8jCvkoZW2r
pyn92OT8YGzIOFoChx0AMrtOvg1K2IFd3twvkWLu3MDhOhu0KZQZ/A6ePXDUvwGY
TSiRo2K4c1HmxlCviX+VdxCZPgAq4gq56RNyOAniMJSeHXboxjC/NijAy3gO5Dbu
pPnFOWcDl37BLpuOZaGUfwQl35URtl5MGBts6txvkFiqOIr61aGrnLVrOxFUWQMM
2Nqqu3H2RV8vcLUTid9ymAvO7k8o2uqGLWotCzcJefMNwkQaanQA/9NnDv8EDa/f
Pghd7KOSc3szkbVQq2y5SM9gnmyBAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBwGW
/5xgE5MtX7Gx2hlOmk3W+M4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0M5NTQ0MTU4RTg1QTExRUZBMzIzNjA1Qjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGaEH4wDQYJKoZIhvcNAQEL
BQADggEBAHxMO/RTTdYXsUBnBAOvqEiz42nXM4jH5HJFEoGGSb7hDXt27dLd4D6g
6l9UEf9n2TcSWgi5oUpLT22y+PlZWy9i5Cs/RRXFnZsjPcZgAysTh0TlACM9w861
GzYyotoNL5hfxfwy8NTkZwgW2FfcJnsC3vq/zDwYx5ffFwP277w4ivqY1cAMdmOl
VICDVd8oGiHr/JsRnEAS5pjajmwsBy5hMeAx8RQgoMI46krdhndv0s0h3OCjruvB
lW9K9DrfH8sbtxzb94XXqgBsGujRwUmorGpqk9CDhsMO3m10KP9YfcW0d6Yq7OdU
G4IFOcw44vFFzuP7/N0eWalC7BHr+Pw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:22 2025 by rpki-client