Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DAE4EFD0644811EFAD4D9C8B762E951A.roa
File: DAE4EFD0644811EFAD4D9C8B762E951A.roa (raw, json)
Hash identifier: ob2o+umal3xBGmdQHMbEBSkF7ZdnIESoxDPvF5iCYu0=
Subject key identifier: 91:92:19:19:E5:D7:05:51:AB:2C:2E:3E:A8:0C:2C:6E:90:4F:27:BE
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 17D5
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DAE4EFD0644811EFAD4D9C8B762E951A.roa
Signing time: Tue 27 Aug 2024 07:49:14 +0000
ROA not before: Tue 27 Aug 2024 07:49:11 +0000
ROA not after: Thu 27 Aug 2026 07:49:11 +0000
asID: 61317
IP address blocks: 154.70.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6101 (0x17d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Aug 27 07:49:11 2024 GMT
Not After : Aug 27 07:49:11 2026 GMT
Subject: CN=66cd84fa-af5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:73:20:82:ef:99:58:e6:fe:64:b4:80:0d:e8:
0d:fa:dc:89:f1:f6:f1:b7:e1:ab:54:bf:6a:f8:0b:
12:75:90:4e:65:ae:b6:b0:cd:9b:26:89:26:23:ba:
e0:a2:15:34:37:0f:99:15:7f:cc:39:d0:af:c8:bb:
38:d4:31:65:7a:68:d3:4a:50:c2:78:86:cd:18:a8:
da:f6:ec:70:58:08:26:47:39:cd:50:26:3b:38:b7:
5e:3a:c5:4b:b9:a5:60:01:25:88:49:11:6f:d0:f9:
51:b8:3f:28:9c:c2:9d:a8:cf:d3:c8:ae:bc:b3:b3:
ef:50:c5:44:59:d4:0f:f6:52:d8:2e:ee:7b:17:71:
77:59:d1:0a:e8:f0:04:03:a7:34:81:ee:8c:c3:29:
98:2b:0e:8a:01:1a:5f:16:12:49:2a:e3:b4:5e:41:
d3:67:7f:95:1f:42:db:60:33:79:b0:a1:80:30:52:
da:cc:b6:d9:27:4c:7c:de:24:ba:33:71:aa:7e:09:
f6:fa:f5:70:e7:5f:b9:8d:c9:fa:17:d1:47:df:85:
68:a3:b3:2b:f7:69:17:f3:ff:e8:d7:3f:17:d9:cd:
0d:25:86:dd:02:39:5d:33:0f:61:ea:39:33:6e:e1:
84:7f:d7:66:8e:6c:ce:01:d6:48:9d:80:27:69:6d:
dc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:92:19:19:E5:D7:05:51:AB:2C:2E:3E:A8:0C:2C:6E:90:4F:27:BE
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DAE4EFD0644811EFAD4D9C8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.70.153.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:b2:c9:0a:50:69:93:e7:1e:2c:dd:ae:1f:87:2e:61:1e:00:
aa:23:26:50:c9:f1:76:4b:56:09:00:c1:09:39:25:7a:58:6c:
6f:16:a2:f4:0b:c4:3a:42:b0:71:c2:b1:09:ab:7c:29:6d:b4:
b9:09:8e:60:ec:24:04:e0:bf:c7:1c:42:21:6d:17:b7:b1:5a:
f5:83:10:f3:33:26:3a:9d:7d:20:6a:95:09:f1:23:2d:43:bd:
87:46:cd:a9:35:5c:a1:89:7d:f2:21:ff:c4:ae:36:c8:76:08:
bb:b3:96:c5:c8:87:5a:b8:c0:69:12:74:eb:43:b8:22:e5:6c:
55:64:84:40:51:5b:e3:b4:ac:5c:38:a3:ad:67:f0:be:29:45:
0f:db:44:36:99:01:08:ad:d1:de:4b:e4:31:34:f2:bb:b9:e5:
7e:76:0d:fc:e4:d2:96:1b:14:b7:35:d3:8e:ad:76:97:c3:c8:
39:3a:85:7f:b6:b0:89:91:26:5e:d0:65:0e:5a:a6:c8:90:8d:
c4:bb:3a:b7:11:da:ff:97:f7:e7:a5:74:97:ca:ed:4f:92:f9:
e3:af:5a:56:e3:e7:8a:46:9e:ce:a2:74:b7:6a:de:ec:75:b2:
1e:b3:ba:31:d3:f5:d3:5e:f4:0c:49:3f:d4:cd:47:0e:22:73:
7c:65:ac:81
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICF9UwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA4MjcwNzQ5MTFaFw0yNjA4MjcwNzQ5MTFaMBgxFjAU
BgNVBAMTDTY2Y2Q4NGZhLWFmNWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCmcyCC75lY5v5ktIAN6A363Inx9vG34atUv2r4CxJ1kE5lrrawzZsmiSYj
uuCiFTQ3D5kVf8w50K/IuzjUMWV6aNNKUMJ4hs0YqNr27HBYCCZHOc1QJjs4t146
xUu5pWABJYhJEW/Q+VG4Pyicwp2oz9PIrryzs+9QxURZ1A/2Utgu7nsXcXdZ0Qro
8AQDpzSB7ozDKZgrDooBGl8WEkkq47ReQdNnf5UfQttgM3mwoYAwUtrMttknTHze
JLozcap+Cfb69XDnX7mNyfoX0UffhWijsyv3aRfz/+jXPxfZzQ0lht0COV0zD2Hq
OTNu4YR/12aObM4B1kidgCdpbdwVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUkZIZ
GeXXBVGrLC4+qAwsbpBPJ74wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RBRTRFRkQwNjQ0ODExRUZBRDREOUM4Qjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaRpkwDQYJKoZIhvcNAQEL
BQADggEBAL2yyQpQaZPnHizdrh+HLmEeAKojJlDJ8XZLVgkAwQk5JXpYbG8WovQL
xDpCsHHCsQmrfClttLkJjmDsJATgv8ccQiFtF7exWvWDEPMzJjqdfSBqlQnxIy1D
vYdGzak1XKGJffIh/8SuNsh2CLuzlsXIh1q4wGkSdOtDuCLlbFVkhEBRW+O0rFw4
o61n8L4pRQ/bRDaZAQit0d5L5DE08ru55X52Dfzk0pYbFLc1046tdpfDyDk6hX+2
sImRJl7QZQ5apsiQjcS7OrcR2v+X9+eldJfK7U+S+eOvWlbj54pGns6idLdq3ux1
sh6zujHT9dNe9AxJP9TNRw4ic3xlrIE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:25 2025 by rpki-client