Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CE82476AEE0E11EFA9FFF56F762E951A.roa
File: CE82476AEE0E11EFA9FFF56F762E951A.roa (raw, json)
Hash identifier: IQR9ZE628I0GQgBKY+J1/4ivmudCkM4KTDvQAYjS63A=
Subject key identifier: 3C:CB:BA:A6:EA:A4:FE:01:8C:DC:6A:EE:87:AD:DC:3B:75:D7:1C:37
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 19E7
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CE82476AEE0E11EFA9FFF56F762E951A.roa
Signing time: Tue 18 Feb 2025 15:41:23 +0000
ROA not before: Tue 18 Feb 2025 15:41:20 +0000
ROA not after: Sat 20 Feb 2027 15:41:20 +0000
asID: 61317
IP address blocks: 154.16.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6631 (0x19e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 18 15:41:20 2025 GMT
Not After : Feb 20 15:41:20 2027 GMT
Subject: CN=67b4aa23-da5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:95:4b:43:44:2e:68:84:9a:6c:1b:8d:0f:09:
6d:53:3d:37:b7:2d:2a:ec:9f:d7:8b:d5:3d:49:db:
86:92:77:dc:20:cf:c9:da:91:22:6a:3e:e6:d4:4d:
48:e4:36:13:5d:f6:4a:03:d3:7f:cb:8a:23:a5:85:
9c:6d:60:7b:e9:7c:7d:ba:1a:1f:2a:c2:9a:35:b4:
8e:fa:d7:d2:00:51:21:8d:2a:55:65:7e:82:34:b1:
6a:5f:05:fc:f2:7d:b7:d6:c6:be:f4:97:f0:68:3c:
02:dd:f4:ae:7a:0f:49:16:ca:c5:73:b4:a0:ac:0c:
d3:d7:60:bb:fa:e7:b0:f4:54:81:60:88:ba:27:ba:
2d:8c:7a:af:9f:b3:8f:d0:15:e6:79:84:8f:4d:74:
11:ac:c5:25:47:56:48:a8:b5:74:a2:b6:8f:17:0b:
bb:47:c9:67:8b:71:5d:cd:ae:5e:af:c2:39:52:42:
5b:95:28:b7:3c:d0:d3:3d:0f:a9:68:71:23:2b:66:
45:89:a4:56:2c:6f:80:0e:d9:bd:09:df:e0:05:b4:
19:d0:f3:71:cc:ed:28:fe:6d:30:2f:84:c3:df:42:
97:7b:ad:c6:21:aa:96:ae:ff:6a:d2:0f:46:d1:bb:
f2:cc:01:2b:cc:6c:2d:02:ea:b0:fd:eb:d3:9c:4c:
83:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CB:BA:A6:EA:A4:FE:01:8C:DC:6A:EE:87:AD:DC:3B:75:D7:1C:37
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CE82476AEE0E11EFA9FFF56F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.111.0/24
Signature Algorithm: sha256WithRSAEncryption
53:ed:ae:2d:21:ae:f6:ad:50:f2:bf:51:43:88:34:f8:0c:26:
65:97:b8:99:0c:76:e1:f8:4b:b0:0f:1a:ec:b0:ef:6a:01:aa:
20:19:43:f6:e0:33:fe:60:26:b6:b5:60:79:53:e3:3a:5f:74:
86:ff:23:f1:58:fa:9e:c4:12:31:bd:78:f4:af:b7:c8:0b:3d:
c0:26:11:63:57:b0:e7:65:74:f1:81:63:ae:e6:3c:a9:d2:7a:
31:57:de:39:0e:0a:e6:77:fd:00:7b:ab:73:40:18:eb:dd:5f:
a9:4d:da:03:02:26:0e:ff:94:d1:9f:2f:7b:af:91:e1:27:9d:
3e:f4:29:1b:9e:f9:5a:a2:b4:c1:b6:99:0d:9a:e7:11:6a:b1:
1f:30:05:48:cb:d0:65:a3:35:1a:b7:b7:cc:63:a6:b7:b2:0a:
94:3d:04:0c:2f:ac:33:87:b0:1d:eb:55:81:97:66:b8:ba:b3:
8c:7a:f2:73:31:e9:a8:49:60:57:2d:b9:78:f9:c7:41:bc:56:
e3:f0:2c:e5:57:93:71:5d:82:08:a4:a5:b3:1b:aa:1f:fe:e4:
3f:ed:f2:a2:f7:d2:cf:a7:b6:04:e5:b7:63:68:7e:fc:7c:9b:
5b:1d:2c:c6:60:89:b1:99:b0:b5:53:68:dd:83:ac:a9:f0:fa:
74:b8:67:f8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGecwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMTgxNTQxMjBaFw0yNzAyMjAxNTQxMjBaMBgxFjAU
BgNVBAMTDTY3YjRhYTIzLWRhNWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDMlUtDRC5ohJpsG40PCW1TPTe3LSrsn9eL1T1J24aSd9wgz8nakSJqPubU
TUjkNhNd9koD03/LiiOlhZxtYHvpfH26Gh8qwpo1tI7619IAUSGNKlVlfoI0sWpf
BfzyfbfWxr70l/BoPALd9K56D0kWysVztKCsDNPXYLv657D0VIFgiLonui2Meq+f
s4/QFeZ5hI9NdBGsxSVHVkiotXSito8XC7tHyWeLcV3Nrl6vwjlSQluVKLc80NM9
D6locSMrZkWJpFYsb4AO2b0J3+AFtBnQ83HM7Sj+bTAvhMPfQpd7rcYhqpau/2rS
D0bRu/LMASvMbC0C6rD969OcTINZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPMu6
puqk/gGM3Gruh63cO3XXHDcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0NFODI0NzZBRUUwRTExRUZBOUZGRjU2Rjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEG8wDQYJKoZIhvcNAQEL
BQADggEBAFPtri0hrvatUPK/UUOINPgMJmWXuJkMduH4S7APGuyw72oBqiAZQ/bg
M/5gJra1YHlT4zpfdIb/I/FY+p7EEjG9ePSvt8gLPcAmEWNXsOdldPGBY67mPKnS
ejFX3jkOCuZ3/QB7q3NAGOvdX6lN2gMCJg7/lNGfL3uvkeEnnT70KRue+VqitMG2
mQ2a5xFqsR8wBUjL0GWjNRq3t8xjpreyCpQ9BAwvrDOHsB3rVYGXZri6s4x68nMx
6ahJYFctuXj5x0G8VuPwLOVXk3FdggikpbMbqh/+5D/t8qL30s+ntgTlt2Nofvx8
m1sdLMZgibGZsLVTaN2DrKnw+nS4Z/g=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:59:00 2025 by rpki-client