Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D4EADF4EEE1411EF926EA696762E951A.roa
File: D4EADF4EEE1411EF926EA696762E951A.roa (raw, json)
Hash identifier: grDcD+0SnyHLUg247wq0ufdO2TBkF6vaeqncRZoRRco=
Subject key identifier: C5:2D:60:7B:97:8B:77:A2:31:5A:AE:C4:C5:2B:1C:81:78:D1:0E:62
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 19ED
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D4EADF4EEE1411EF926EA696762E951A.roa
Signing time: Tue 18 Feb 2025 16:24:31 +0000
ROA not before: Tue 18 Feb 2025 16:24:27 +0000
ROA not after: Sat 20 Feb 2027 16:24:27 +0000
asID: 61317
IP address blocks: 154.16.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6637 (0x19ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 18 16:24:27 2025 GMT
Not After : Feb 20 16:24:27 2027 GMT
Subject: CN=67b4b43f-1d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1c:64:a9:1f:56:6b:09:c4:a0:17:ed:31:16:
de:ca:fa:58:f6:88:8d:3e:04:38:90:6d:70:76:5e:
04:f6:ac:f2:5c:05:68:eb:c1:28:1e:4f:7b:74:94:
44:df:9a:b9:9d:42:67:ac:f0:a1:f5:0a:d0:fb:b1:
92:c3:51:33:bd:3f:e7:be:e5:59:c5:55:97:69:c6:
bf:d9:89:cc:48:da:03:42:49:42:1a:00:31:98:76:
0e:90:b3:85:89:c3:88:b0:16:e9:45:1a:99:17:35:
e3:63:21:c9:f2:58:46:14:55:a9:31:e5:50:af:2c:
ee:bc:4f:ef:22:91:6f:fa:fd:7a:88:b5:aa:48:94:
d8:37:03:f2:93:12:7a:41:45:11:21:a3:84:f7:5d:
98:39:6d:52:6a:56:4b:34:e2:d8:9d:c7:9b:04:07:
62:8a:e2:ac:fc:22:49:78:ff:0e:e7:9d:77:b9:c3:
da:16:b6:03:97:b1:f6:aa:7f:22:5c:01:55:d6:6f:
fd:05:bb:67:bd:79:61:4f:00:b3:75:5b:85:33:68:
22:7f:97:29:62:07:36:ff:eb:8e:45:54:44:58:23:
24:1c:d9:be:03:a0:c8:45:8f:fb:d9:c3:bd:ef:0b:
c5:77:9f:e2:c3:23:1a:3d:e9:65:32:26:da:80:4b:
b9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:2D:60:7B:97:8B:77:A2:31:5A:AE:C4:C5:2B:1C:81:78:D1:0E:62
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D4EADF4EEE1411EF926EA696762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.202.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:dd:58:b9:7f:9f:6e:6f:ea:91:04:64:35:9f:40:00:6a:bf:
1c:5d:ae:fe:6d:11:08:dd:ac:45:07:d7:9c:34:90:4a:0d:e4:
8f:3c:9f:f8:e1:ac:db:db:38:65:98:ca:70:ac:68:3a:f4:87:
be:f2:d2:af:4a:c5:6e:4a:e9:14:0d:f0:f4:c5:b6:75:4b:4f:
cd:f4:81:d6:3b:9b:bd:72:22:05:93:a9:f7:c4:3a:36:44:46:
41:16:b3:c0:84:75:f2:69:50:0e:b7:9b:e6:b3:0b:e6:f6:bc:
ee:fc:36:e2:83:23:bf:1d:9f:85:99:e5:53:1c:7a:5e:b6:76:
d0:de:ab:89:34:ce:7f:5e:7d:04:20:2c:16:00:75:eb:a4:46:
c5:2a:33:02:e7:b9:b1:e9:36:a8:c5:a1:c8:07:e5:9a:4b:23:
e0:92:40:55:0c:68:1b:8e:aa:92:53:f7:7f:8e:68:03:60:d7:
51:72:5d:1d:88:57:c9:02:1a:94:a5:2c:b3:f3:10:9c:51:65:
6a:c0:a3:33:2f:2b:17:87:be:4c:8a:76:53:93:a4:31:c4:0c:
0d:24:ca:8a:cf:f3:b2:5f:3b:38:81:3b:0e:81:95:22:57:99:
b5:19:b3:0d:e1:9a:5e:ad:c8:cc:c6:ed:a3:82:8b:1f:cf:09:
e9:67:98:ac
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGe0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMTgxNjI0MjdaFw0yNzAyMjAxNjI0MjdaMBgxFjAU
BgNVBAMTDTY3YjRiNDNmLTFkOGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIHGSpH1ZrCcSgF+0xFt7K+lj2iI0+BDiQbXB2XgT2rPJcBWjrwSgeT3t0
lETfmrmdQmes8KH1CtD7sZLDUTO9P+e+5VnFVZdpxr/ZicxI2gNCSUIaADGYdg6Q
s4WJw4iwFulFGpkXNeNjIcnyWEYUVakx5VCvLO68T+8ikW/6/XqItapIlNg3A/KT
EnpBRREho4T3XZg5bVJqVks04tidx5sEB2KK4qz8Ikl4/w7nnXe5w9oWtgOXsfaq
fyJcAVXWb/0Fu2e9eWFPALN1W4UzaCJ/lyliBzb/645FVERYIyQc2b4DoMhFj/vZ
w73vC8V3n+LDIxo96WUyJtqAS7m3AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxS1g
e5eLd6IxWq7ExSscgXjRDmIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q0RUFERjRFRUUxNDExRUY5MjZFQTY5Njc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMowDQYJKoZIhvcNAQEL
BQADggEBAKbdWLl/n25v6pEEZDWfQABqvxxdrv5tEQjdrEUH15w0kEoN5I88n/jh
rNvbOGWYynCsaDr0h77y0q9KxW5K6RQN8PTFtnVLT830gdY7m71yIgWTqffEOjZE
RkEWs8CEdfJpUA63m+azC+b2vO78NuKDI78dn4WZ5VMcel62dtDeq4k0zn9efQQg
LBYAdeukRsUqMwLnubHpNqjFocgH5ZpLI+CSQFUMaBuOqpJT93+OaANg11FyXR2I
V8kCGpSlLLPzEJxRZWrAozMvKxeHvkyKdlOTpDHEDA0kyorP87JfOziBOw6BlSJX
mbUZsw3hml6tyMzG7aOCix/PCelnmKw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:19 2025 by rpki-client