Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D40FAD8CC0FE11EE9314D186775412E6.roa
File: D40FAD8CC0FE11EE9314D186775412E6.roa (raw, json)
Hash identifier: RJJF33k9OKCNQjr/Pkzws3N5VGqSYPxZ4TpiIgdoQp4=
Subject key identifier: 49:EC:77:7D:25:88:E8:13:29:96:4F:51:5D:1B:C2:0E:FE:58:01:D7
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 148B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D40FAD8CC0FE11EE9314D186775412E6.roa
Signing time: Thu 01 Feb 2024 12:38:41 +0000
ROA not before: Thu 01 Feb 2024 12:38:37 +0000
ROA not after: Sat 07 Feb 2026 12:38:37 +0000
asID: 273162
IP address blocks: 154.16.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 28 Apr 2024 00:51:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5259 (0x148b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Feb 1 12:38:37 2024 GMT
Not After : Feb 7 12:38:37 2026 GMT
Subject: CN=65bb90d1-d8ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8b:a0:49:7b:93:8d:db:43:29:32:7c:09:2b:
e7:a3:75:8a:88:60:99:f0:3a:20:9f:23:aa:ae:46:
c4:de:1e:b9:07:c2:35:e7:ca:af:75:44:35:bc:ad:
c3:6a:90:24:92:91:2a:d8:f4:03:81:2c:f8:29:14:
5e:b2:1a:7a:c1:53:35:82:0e:d3:e6:14:7b:b3:f6:
81:1c:81:83:cc:c1:f2:10:a5:f1:b1:26:cf:d7:03:
3b:6c:4b:bf:f3:ec:f6:d5:bb:05:d8:94:1c:cb:2f:
de:0d:4a:bd:69:ba:e9:c6:d3:c6:ad:0d:19:34:86:
6e:d2:24:8b:ec:af:7b:62:4d:bf:9d:59:04:87:59:
77:f5:c7:d4:13:8a:37:49:1a:f2:12:7d:16:f4:22:
23:b7:d7:5b:50:c7:b9:e2:5f:36:aa:1d:8f:12:ef:
0a:d9:c3:1e:83:37:20:c9:ad:13:fa:be:9a:27:a0:
18:5c:1d:f7:36:f6:25:6b:8b:16:b6:91:e9:7f:09:
b3:5b:18:1a:f5:e4:34:14:88:27:5e:50:95:fc:80:
a5:5c:6a:eb:bf:0d:e5:fa:0f:fa:5b:f2:26:f8:49:
0b:a6:38:de:86:ca:79:c5:60:ac:99:bd:9b:01:3a:
6f:6d:6b:a2:dc:b0:d4:c2:a5:7b:f7:d6:8b:0f:30:
b9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:EC:77:7D:25:88:E8:13:29:96:4F:51:5D:1B:C2:0E:FE:58:01:D7
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D40FAD8CC0FE11EE9314D186775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.91.0/24
Signature Algorithm: sha256WithRSAEncryption
80:7a:e1:cc:fa:82:50:48:be:e4:ad:05:67:99:bb:c7:f5:a8:
2b:0f:c0:a8:1e:f4:9c:03:dc:60:1d:b9:b6:8b:0b:86:53:bc:
9f:70:9d:57:e8:ff:35:e3:d8:4a:03:d9:8d:c8:99:e2:d8:e1:
03:20:ce:41:1d:60:f2:1f:75:c7:80:7d:d1:fd:50:ed:39:2b:
52:b4:11:1b:e7:f8:72:0d:82:6e:89:60:ed:68:7d:d5:14:38:
55:9d:92:97:46:7f:a7:05:ea:29:fc:5a:f3:4b:78:62:60:77:
3e:79:1a:a8:16:88:5e:e1:40:f2:29:37:4a:9d:57:a9:7d:07:
df:e7:bc:d5:59:da:d0:ba:e7:53:9d:30:1b:b2:0a:3b:8d:32:
84:b1:52:42:62:0c:b1:be:6e:be:20:59:23:a1:89:0a:4d:ae:
7c:6b:fa:18:b9:28:99:e7:8a:20:b9:7a:62:7a:07:13:50:56:
1a:43:8f:6c:22:1d:ad:05:64:34:6c:15:59:d9:c2:de:83:9d:
a7:6d:5e:c9:a0:46:09:47:5f:0e:13:33:b7:aa:af:8a:79:93:
50:75:fc:f4:65:fc:23:12:0c:3e:05:53:14:b9:3c:f2:93:41:
a8:e1:7e:55:bc:e5:9f:cc:bd:f2:24:2f:af:e1:ae:72:89:b1:
6f:ba:2b:3b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFIswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAyMDExMjM4MzdaFw0yNjAyMDcxMjM4MzdaMBgxFjAU
BgNVBAMTDTY1YmI5MGQxLWQ4YWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCoi6BJe5ON20MpMnwJK+ejdYqIYJnwOiCfI6quRsTeHrkHwjXnyq91RDW8
rcNqkCSSkSrY9AOBLPgpFF6yGnrBUzWCDtPmFHuz9oEcgYPMwfIQpfGxJs/XAzts
S7/z7PbVuwXYlBzLL94NSr1puunG08atDRk0hm7SJIvsr3tiTb+dWQSHWXf1x9QT
ijdJGvISfRb0IiO311tQx7niXzaqHY8S7wrZwx6DNyDJrRP6vponoBhcHfc29iVr
ixa2kel/CbNbGBr15DQUiCdeUJX8gKVcauu/DeX6D/pb8ib4SQumON6GynnFYKyZ
vZsBOm9ta6LcsNTCpXv31osPMLlzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUSex3
fSWI6BMplk9RXRvCDv5YAdcwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q0MEZBRDhDQzBGRTExRUU5MzE0RDE4Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFswDQYJKoZIhvcNAQEL
BQADggEBAIB64cz6glBIvuStBWeZu8f1qCsPwKge9JwD3GAdubaLC4ZTvJ9wnVfo
/zXj2EoD2Y3ImeLY4QMgzkEdYPIfdceAfdH9UO05K1K0ERvn+HINgm6JYO1ofdUU
OFWdkpdGf6cF6in8WvNLeGJgdz55GqgWiF7hQPIpN0qdV6l9B9/nvNVZ2tC651Od
MBuyCjuNMoSxUkJiDLG+br4gWSOhiQpNrnxr+hi5KJnniiC5emJ6BxNQVhpDj2wi
Ha0FZDRsFVnZwt6DnadtXsmgRglHXw4TM7eqr4p5k1B1/PRl/CMSDD4FUxS5PPKT
QajhflW85Z/MvfIkL6/hrnKJsW+6Kzs=
-----END CERTIFICATE-----
Generated at Fri Apr 26 13:36:12 2024 by rpki-client on console-ams.rpki-client.org