Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D2AA4D16AB0A11EFB92159A2762E951A.roa
File: D2AA4D16AB0A11EFB92159A2762E951A.roa (raw, json)
Hash identifier: PetWESfkCJjTA3mqCGehwFIub7EyuvmVpMAqUOCDYwY=
Subject key identifier: EB:D7:68:EF:1C:44:04:16:37:7E:0C:D7:A9:F3:98:B1:BF:E5:99:BC
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 190B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D2AA4D16AB0A11EFB92159A2762E951A.roa
Signing time: Mon 25 Nov 2024 08:54:04 +0000
ROA not before: Mon 25 Nov 2024 08:54:01 +0000
ROA not after: Wed 25 Nov 2026 08:54:01 +0000
asID: 16509
IP address blocks: 154.16.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6411 (0x190b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Nov 25 08:54:01 2024 GMT
Not After : Nov 25 08:54:01 2026 GMT
Subject: CN=67443b2c-d3fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d2:fa:cb:3d:3d:80:33:bb:a9:01:9b:3c:c7:
6b:b7:b6:44:35:1d:f9:fb:39:b4:e5:4d:f4:ac:70:
39:a6:ee:f0:00:28:60:17:cf:0b:bd:1d:f6:d6:b4:
3b:7c:4a:37:24:c3:af:7c:18:c1:0c:f2:cc:60:8d:
bd:ba:9b:7a:9e:bb:fb:4f:ed:59:1c:b6:b0:c7:eb:
e8:1e:bb:c7:ec:7f:d1:98:ab:57:55:75:a3:f6:ea:
4d:fd:ed:f8:77:54:56:41:5b:19:86:4d:40:2d:18:
05:86:bd:45:de:96:60:3c:8a:cf:6c:75:3b:a0:eb:
a3:a7:1c:7f:05:bf:ef:20:b8:8c:a7:de:58:be:e0:
5d:7a:c5:be:73:be:8c:83:38:ef:19:a0:65:d7:fc:
50:63:a9:a4:91:89:86:5f:22:17:4c:30:5c:cb:73:
7a:bf:8e:f9:32:59:6f:a2:f7:d6:f7:28:1f:50:d3:
00:02:a0:5e:62:27:e6:eb:f1:94:83:37:27:4a:27:
55:61:9e:4d:41:a5:f6:dd:8b:8d:6f:64:f0:e1:32:
c8:52:f7:3d:ff:58:d3:5c:be:93:fb:65:28:88:37:
c1:11:4e:a2:84:c6:c5:ae:b0:3a:a9:43:f0:0e:71:
6d:dc:a1:fa:e4:a6:9a:04:21:d9:f0:80:be:04:01:
f6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D7:68:EF:1C:44:04:16:37:7E:0C:D7:A9:F3:98:B1:BF:E5:99:BC
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D2AA4D16AB0A11EFB92159A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.56.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:74:5b:f5:9c:36:7d:3e:4a:14:c6:38:82:26:13:86:a1:b9:
c1:21:a4:07:d2:cd:ea:df:00:a5:01:f7:0f:ef:0f:69:0a:94:
4a:72:3d:5d:5d:54:44:d7:55:a3:f0:5b:27:e6:1a:c5:05:c0:
fa:ed:23:cb:14:41:62:7c:5d:39:47:f3:77:b1:f7:5f:23:db:
a6:88:c6:01:d7:ad:76:af:d9:3a:2a:6e:f4:2a:1c:a4:ce:70:
cb:66:9b:e1:bf:25:50:6f:a6:20:0d:3b:35:bb:57:9e:35:d5:
27:3b:d6:7a:07:63:21:67:ef:7d:85:51:33:9c:9f:18:23:97:
1e:30:a4:09:b1:7a:14:eb:92:6e:17:1c:08:7b:b6:36:8b:fb:
90:27:95:17:e3:f3:ea:2b:45:95:f5:1e:88:1a:e8:6e:0d:88:
47:e6:c1:e5:20:bf:2d:70:07:3b:14:4f:fc:29:dd:51:56:be:
ac:53:11:62:5e:84:56:b2:44:ce:26:b6:be:60:d3:61:a6:e1:
30:d0:d0:b4:d1:3e:4f:27:f3:ba:1a:a4:51:f6:8b:1d:60:8d:
e8:69:b5:c3:cf:03:6b:99:b7:37:69:2d:0f:ec:50:7f:c2:51:
5d:7a:f5:37:ab:df:90:93:b7:ac:e7:5c:71:53:37:25:5a:66:
f1:d6:40:0a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGQswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDExMjUwODU0MDFaFw0yNjExMjUwODU0MDFaMBgxFjAU
BgNVBAMTDTY3NDQzYjJjLWQzZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/0vrLPT2AM7upAZs8x2u3tkQ1Hfn7ObTlTfSscDmm7vAAKGAXzwu9HfbW
tDt8Sjckw698GMEM8sxgjb26m3qeu/tP7VkctrDH6+geu8fsf9GYq1dVdaP26k39
7fh3VFZBWxmGTUAtGAWGvUXelmA8is9sdTug66OnHH8Fv+8guIyn3li+4F16xb5z
voyDOO8ZoGXX/FBjqaSRiYZfIhdMMFzLc3q/jvkyWW+i99b3KB9Q0wACoF5iJ+br
8ZSDNydKJ1Vhnk1Bpfbdi41vZPDhMshS9z3/WNNcvpP7ZSiIN8ERTqKExsWusDqp
Q/AOcW3cofrkppoEIdnwgL4EAfZzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU69do
7xxEBBY3fgzXqfOYsb/lmbwwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0QyQUE0RDE2QUIwQTExRUZCOTIxNTlBMjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDgwDQYJKoZIhvcNAQEL
BQADggEBAG10W/WcNn0+ShTGOIImE4ahucEhpAfSzerfAKUB9w/vD2kKlEpyPV1d
VETXVaPwWyfmGsUFwPrtI8sUQWJ8XTlH83ex918j26aIxgHXrXav2ToqbvQqHKTO
cMtmm+G/JVBvpiANOzW7V5411Sc71noHYyFn732FUTOcnxgjlx4wpAmxehTrkm4X
HAh7tjaL+5AnlRfj8+orRZX1Hoga6G4NiEfmweUgvy1wBzsUT/wp3VFWvqxTEWJe
hFayRM4mtr5g02Gm4TDQ0LTRPk8n87oapFH2ix1gjehptcPPA2uZtzdpLQ/sUH/C
UV169Ter35CTt6znXHFTNyVaZvHWQAo=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:46:59 2025 by rpki-client