Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CB8138A8EE1511EFB3250F9E762E951A.roa
File: CB8138A8EE1511EFB3250F9E762E951A.roa (raw, json)
Hash identifier: mIAnD2mRHbWzixjSiEeMMoi3HL64iL0vYUbmi5akojQ=
Subject key identifier: 2C:E8:A6:F1:4E:BE:05:F0:7F:05:81:BD:0E:5A:60:45:18:16:9E:F0
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 19EF
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CB8138A8EE1511EFB3250F9E762E951A.roa
Signing time: Tue 18 Feb 2025 16:31:25 +0000
ROA not before: Tue 18 Feb 2025 16:31:21 +0000
ROA not after: Sat 20 Feb 2027 16:31:21 +0000
asID: 61317
IP address blocks: 154.16.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6639 (0x19ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 18 16:31:21 2025 GMT
Not After : Feb 20 16:31:21 2027 GMT
Subject: CN=67b4b5dd-4a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ad:e6:11:fd:0a:56:79:a2:63:5d:38:09:77:
28:76:27:d3:b7:a4:8c:4e:76:56:bb:33:b3:11:05:
4c:c8:ff:f8:12:c0:8f:7a:f8:41:29:57:3b:c1:f2:
69:c9:66:3a:d3:e1:3a:ec:41:26:c9:9a:c7:19:b2:
3c:f9:82:49:a9:02:c6:72:b1:bf:4d:fd:b5:e3:f7:
a5:12:a7:bb:ff:67:2f:63:fe:c1:bf:7e:47:7c:77:
73:c3:46:d2:d9:6a:f0:6d:87:80:16:f2:f4:e2:e9:
f9:f6:95:2e:22:f6:aa:99:9d:f9:93:76:49:6f:d7:
76:de:76:ff:1a:03:05:3a:9f:04:d6:41:f8:6b:c0:
8e:40:64:48:64:53:84:dc:2e:60:2e:26:69:bb:a2:
0c:e9:97:8a:e0:b2:03:44:f3:cf:a3:af:ba:29:d7:
86:3c:cc:4f:05:5e:10:3c:5a:2a:9b:11:39:5a:5c:
a2:4c:c1:d3:47:a6:c0:64:3a:ab:ca:d0:21:6e:4b:
2a:38:f1:b2:9c:9e:cb:1f:a0:59:34:b2:87:41:90:
01:4f:36:8d:e1:fb:5b:25:25:4b:aa:c0:bc:88:47:
e2:2d:b5:c6:6e:c8:68:4b:26:99:ad:3c:ea:4c:14:
e7:ca:40:90:d1:65:fa:ef:4f:e7:4d:8c:ec:50:85:
23:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E8:A6:F1:4E:BE:05:F0:7F:05:81:BD:0E:5A:60:45:18:16:9E:F0
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CB8138A8EE1511EFB3250F9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.206.0/24
Signature Algorithm: sha256WithRSAEncryption
be:6e:d7:39:ff:9b:a0:d5:7d:f1:22:e4:e0:63:7f:6f:78:47:
4c:ee:18:52:fa:bb:72:c5:1c:41:3e:85:f4:7e:98:e0:2d:d1:
1f:4a:0e:49:16:5e:92:e0:8b:4c:09:d5:f3:5f:be:57:6d:06:
ee:88:27:39:fd:42:ce:be:6c:0e:e0:0d:2a:be:b3:85:07:e2:
e3:88:8e:cd:43:1b:1e:fa:42:0b:dd:e7:4c:a6:07:bb:6d:ea:
d7:97:c2:77:88:ba:73:03:18:37:3a:f7:b8:99:5a:26:ac:61:
6d:b8:f4:8c:3f:ce:f5:93:f4:8c:92:e5:93:3f:ef:9a:63:28:
45:5a:88:aa:73:22:23:2f:a3:43:53:ce:49:c2:a8:99:63:c4:
63:4d:c3:89:ea:5f:e8:3b:4c:02:72:91:2e:d8:5b:25:0d:76:
c9:16:93:ae:78:47:fb:38:93:33:7e:6e:20:a1:44:63:47:f1:
c8:df:6a:39:40:7d:06:c8:e1:ae:06:a7:99:bc:c8:03:d9:59:
67:58:20:14:1d:ee:83:69:91:8d:f9:7d:d1:b4:c8:f4:57:79:
df:b2:7c:82:57:a4:ff:a3:43:81:be:16:aa:86:93:bc:f9:58:
56:17:70:eb:d8:a9:ea:fa:51:04:86:a3:ce:c3:c5:74:d3:fa:
01:8d:63:04
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGe8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMTgxNjMxMjFaFw0yNzAyMjAxNjMxMjFaMBgxFjAU
BgNVBAMTDTY3YjRiNWRkLTRhNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDnreYR/QpWeaJjXTgJdyh2J9O3pIxOdla7M7MRBUzI//gSwI96+EEpVzvB
8mnJZjrT4TrsQSbJmscZsjz5gkmpAsZysb9N/bXj96USp7v/Zy9j/sG/fkd8d3PD
RtLZavBth4AW8vTi6fn2lS4i9qqZnfmTdklv13bedv8aAwU6nwTWQfhrwI5AZEhk
U4TcLmAuJmm7ogzpl4rgsgNE88+jr7op14Y8zE8FXhA8WiqbETlaXKJMwdNHpsBk
OqvK0CFuSyo48bKcnssfoFk0sodBkAFPNo3h+1slJUuqwLyIR+IttcZuyGhLJpmt
POpMFOfKQJDRZfrvT+dNjOxQhSOFAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQULOim
8U6+BfB/BYG9DlpgRRgWnvAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0NCODEzOEE4RUUxNTExRUZCMzI1MEY5RTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEM4wDQYJKoZIhvcNAQEL
BQADggEBAL5u1zn/m6DVffEi5OBjf294R0zuGFL6u3LFHEE+hfR+mOAt0R9KDkkW
XpLgi0wJ1fNfvldtBu6IJzn9Qs6+bA7gDSq+s4UH4uOIjs1DGx76Qgvd50ymB7tt
6teXwneIunMDGDc697iZWiasYW249Iw/zvWT9IyS5ZM/75pjKEVaiKpzIiMvo0NT
zknCqJljxGNNw4nqX+g7TAJykS7YWyUNdskWk654R/s4kzN+biChRGNH8cjfajlA
fQbI4a4Gp5m8yAPZWWdYIBQd7oNpkY35fdG0yPRXed+yfIJXpP+jQ4G+FqqGk7z5
WFYXcOvYqer6UQSGo87DxXTT+gGNYwQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:00 2025 by rpki-client