Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D5D9EA90C44711EF84E33246762E951A.roa
File: D5D9EA90C44711EF84E33246762E951A.roa (raw, json)
Hash identifier: hFk1I2cxiTHuRjNUk7V4YLwYcNldB4X6Uk8HtrCffks=
Subject key identifier: 15:5A:92:4B:7D:B6:AB:09:A3:B5:B1:75:7E:3F:C9:FD:5B:6A:87:D1
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1965
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D5D9EA90C44711EF84E33246762E951A.roa
Signing time: Fri 27 Dec 2024 11:43:48 +0000
ROA not before: Fri 27 Dec 2024 11:43:44 +0000
ROA not after: Sun 27 Dec 2026 11:43:44 +0000
asID: 397423
IP address blocks: 154.16.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6501 (0x1965)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 27 11:43:44 2024 GMT
Not After : Dec 27 11:43:44 2026 GMT
Subject: CN=676e92f4-ad05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:38:d9:dc:f4:d8:fb:70:f1:d4:62:7b:73:a0:
eb:4a:52:f4:c9:75:56:cc:a3:1d:ca:f5:6d:e4:2d:
84:36:d4:7b:c9:33:c5:bf:31:70:1b:49:64:3c:ae:
5b:a2:9e:4d:df:69:a7:81:1a:cf:80:38:5c:f1:56:
33:81:61:32:8b:57:3a:44:78:92:3e:9d:6f:9e:24:
f9:74:e5:28:dc:2f:bb:1c:74:5d:9a:54:37:3e:3e:
97:d3:94:da:dc:64:ab:d5:4a:ea:bf:1f:99:dc:80:
f8:9b:5d:10:99:f0:b1:03:5f:ea:54:cf:f1:a4:20:
2d:35:d8:1e:e0:82:51:ff:43:9d:85:40:7e:49:81:
36:9a:19:2c:3f:ff:81:b8:61:3f:15:2a:85:e7:40:
89:9c:ff:9a:6e:d5:ee:89:97:0c:ac:91:3b:12:d4:
93:c7:aa:06:78:66:e9:8a:0b:d3:fc:d1:42:ae:43:
82:11:96:ca:89:ab:e2:78:f0:a2:25:66:b2:21:57:
1f:4f:ec:ec:e3:9d:9b:dd:ef:94:dc:08:72:50:89:
23:2a:eb:03:dd:6f:e4:df:7f:6b:f3:ff:68:9c:29:
3d:b3:cb:58:e7:d8:b1:e9:c4:d7:d2:cf:4e:db:3c:
87:bb:54:76:68:bc:5e:28:07:c2:a4:b5:1f:e2:d3:
36:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:5A:92:4B:7D:B6:AB:09:A3:B5:B1:75:7E:3F:C9:FD:5B:6A:87:D1
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D5D9EA90C44711EF84E33246762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.67.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:0e:12:e3:51:b8:b7:4f:a7:1f:57:5f:6c:29:3e:df:37:de:
22:b7:72:80:04:ca:ca:a4:ff:0a:46:70:fe:85:93:12:52:2f:
f8:3e:7e:c3:6c:e5:0a:9d:4a:c4:58:46:78:d7:d1:1c:ef:20:
60:1d:7e:a7:7e:d7:14:70:7e:e0:70:e4:47:d0:cb:c8:a9:b5:
20:2f:b2:b8:c6:9d:82:db:3f:19:19:26:cb:16:a4:11:53:0d:
87:07:ce:b8:78:e1:27:44:74:96:e6:e5:f0:ff:42:58:a0:33:
5a:78:77:1c:c5:32:5d:3e:b0:eb:c2:a8:f2:eb:ab:1a:3f:80:
31:0f:31:7c:94:95:58:4b:54:5c:22:0b:ba:18:83:4c:f0:cc:
46:7a:e3:c1:69:02:06:31:f1:86:70:92:4a:26:9c:d7:94:70:
c0:41:6f:e4:d1:db:e2:3e:79:42:36:97:6e:0e:86:86:ab:6c:
45:d2:16:76:86:ab:b5:05:77:48:c0:69:00:e0:3a:71:25:8b:
4a:49:a3:52:91:db:fd:f3:23:f8:7c:94:89:fd:55:54:3d:f9:
d6:2b:1e:3a:8f:bd:d6:34:dd:e5:b1:b4:8b:f1:37:ce:b1:de:
55:da:ff:bb:d3:c6:1b:95:e4:b0:48:ac:56:ed:ab:02:ec:28:
ed:f4:95:a5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGWUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjcxMTQzNDRaFw0yNjEyMjcxMTQzNDRaMBgxFjAU
BgNVBAMTDTY3NmU5MmY0LWFkMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDSONnc9Nj7cPHUYntzoOtKUvTJdVbMox3K9W3kLYQ21HvJM8W/MXAbSWQ8
rluink3faaeBGs+AOFzxVjOBYTKLVzpEeJI+nW+eJPl05SjcL7scdF2aVDc+PpfT
lNrcZKvVSuq/H5ncgPibXRCZ8LEDX+pUz/GkIC012B7gglH/Q52FQH5JgTaaGSw/
/4G4YT8VKoXnQImc/5pu1e6JlwyskTsS1JPHqgZ4ZumKC9P80UKuQ4IRlsqJq+J4
8KIlZrIhVx9P7OzjnZvd75TcCHJQiSMq6wPdb+Tff2vz/2icKT2zy1jn2LHpxNfS
z07bPIe7VHZovF4oB8KktR/i0zZ9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUFVqS
S322qwmjtbF1fj/J/Vtqh9EwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q1RDlFQTkwQzQ0NzExRUY4NEUzMzI0Njc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEMwDQYJKoZIhvcNAQEL
BQADggEBANEOEuNRuLdPpx9XX2wpPt833iK3coAEysqk/wpGcP6FkxJSL/g+fsNs
5QqdSsRYRnjX0RzvIGAdfqd+1xRwfuBw5EfQy8iptSAvsrjGnYLbPxkZJssWpBFT
DYcHzrh44SdEdJbm5fD/QligM1p4dxzFMl0+sOvCqPLrqxo/gDEPMXyUlVhLVFwi
C7oYg0zwzEZ648FpAgYx8YZwkkomnNeUcMBBb+TR2+I+eUI2l24OhoarbEXSFnaG
q7UFd0jAaQDgOnEli0pJo1KR2/3zI/h8lIn9VVQ9+dYrHjqPvdY03eWxtIvxN86x
3lXa/7vTxhuV5LBIrFbtqwLsKO30laU=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:48:19 2025 by rpki-client