Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DC9A9A1EE3F011EFBEDBAA4A762E951A.roa
File: DC9A9A1EE3F011EFBEDBAA4A762E951A.roa (raw, json)
Hash identifier: C32bCMoKQqOr617MkjBP6qxTAjadK57amcHVG0eLcBc=
Subject key identifier: CC:C2:2F:E9:AC:9A:29:2C:4B:AB:D9:18:89:68:FB:07:B9:31:2C:A0
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 19BF
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DC9A9A1EE3F011EFBEDBAA4A762E951A.roa
Signing time: Wed 05 Feb 2025 18:41:51 +0000
ROA not before: Wed 05 Feb 2025 18:41:46 +0000
ROA not after: Fri 05 Feb 2027 18:41:46 +0000
asID: 20473
IP address blocks: 154.16.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6591 (0x19bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Feb 5 18:41:46 2025 GMT
Not After : Feb 5 18:41:46 2027 GMT
Subject: CN=67a3b0ee-df38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e0:b9:58:9a:14:f8:a6:b7:ed:4c:34:17:cc:
fb:e0:87:bb:5b:83:11:74:0c:d6:34:8f:64:8d:12:
17:60:62:2e:3b:df:f4:44:c8:f3:64:67:e3:d0:d2:
40:f7:f9:ff:74:04:b8:4d:ee:1f:f9:96:ca:3d:d2:
c9:33:50:6e:8a:9d:7f:c7:d0:cb:19:3c:18:67:21:
d9:4e:18:ee:72:5a:72:60:bf:b6:ea:ee:90:3e:67:
aa:17:0e:e2:e1:36:1f:49:e7:95:d7:d0:f2:e9:d6:
8f:1d:35:c4:a1:81:63:3e:20:d0:cd:9a:7d:27:fd:
92:15:70:f9:fb:62:6e:52:40:a0:ab:ac:bb:3a:22:
5a:d2:13:c9:6e:c2:dd:8a:bc:4c:f8:6e:84:1d:c7:
ac:72:8c:4b:7d:59:b9:15:41:77:a3:2c:40:88:16:
ef:23:f4:0b:59:e9:a1:13:68:cb:59:f0:11:fa:29:
46:de:d0:9e:23:dc:f2:4f:1f:62:74:c8:40:ab:42:
ee:f9:b6:fb:54:7c:ad:c8:f9:1e:5c:7f:4e:1c:f9:
0b:c0:2b:ad:c0:10:7c:f0:ce:68:57:85:df:08:f5:
90:4c:0c:36:bd:48:b1:aa:8f:f2:32:fd:29:a4:b4:
c6:05:a9:33:3e:66:5e:9a:70:dc:b4:e2:ef:14:93:
10:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C2:2F:E9:AC:9A:29:2C:4B:AB:D9:18:89:68:FB:07:B9:31:2C:A0
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DC9A9A1EE3F011EFBEDBAA4A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.52.0/24
Signature Algorithm: sha256WithRSAEncryption
92:96:e8:b7:e4:91:9b:2d:44:4f:1c:c0:c0:55:e2:46:ba:36:
60:ef:89:35:75:f4:9c:5b:97:88:20:25:5b:6b:27:d4:d7:68:
e9:98:e9:84:5f:3d:63:a2:8a:cb:26:60:51:4a:3c:17:c2:6c:
2c:27:2f:29:0e:6f:02:31:80:a3:b0:9d:2d:e7:fa:70:34:e9:
b7:be:65:01:9d:59:62:82:0b:f3:e0:ca:3a:60:78:06:f5:60:
7f:87:8a:19:8c:91:4a:dd:cf:ce:d4:01:ee:83:61:01:28:96:
8f:43:4a:c3:1b:75:4c:0c:65:3d:f5:8c:96:21:f0:c9:f0:c7:
6e:df:04:09:26:66:30:d8:7c:0e:4e:4c:7b:3a:ee:de:45:3b:
0f:05:42:9b:bc:1b:77:c2:15:26:f3:cf:3d:bc:ea:77:3a:ba:
39:81:6f:aa:32:60:f4:5b:9b:de:43:89:c5:93:19:fd:73:b6:
ee:e6:6d:3a:10:6c:96:04:33:bb:f4:51:d1:8d:a8:ac:3a:91:
b9:a5:82:38:46:ef:37:5b:94:42:aa:d7:c4:17:66:a0:0d:ac:
2f:57:6c:32:e2:83:54:b1:98:7d:8d:3a:92:15:54:9e:2b:aa:
c4:1a:63:aa:54:b9:9c:55:13:ff:da:26:2e:fa:9b:87:fe:cf:
b3:c2:17:77
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGb8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAyMDUxODQxNDZaFw0yNzAyMDUxODQxNDZaMBgxFjAU
BgNVBAMTDTY3YTNiMGVlLWRmMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDz4LlYmhT4prftTDQXzPvgh7tbgxF0DNY0j2SNEhdgYi473/REyPNkZ+PQ
0kD3+f90BLhN7h/5lso90skzUG6KnX/H0MsZPBhnIdlOGO5yWnJgv7bq7pA+Z6oX
DuLhNh9J55XX0PLp1o8dNcShgWM+INDNmn0n/ZIVcPn7Ym5SQKCrrLs6IlrSE8lu
wt2KvEz4boQdx6xyjEt9WbkVQXejLECIFu8j9AtZ6aETaMtZ8BH6KUbe0J4j3PJP
H2J0yECrQu75tvtUfK3I+R5cf04c+QvAK63AEHzwzmhXhd8I9ZBMDDa9SLGqj/Iy
/SmktMYFqTM+Zl6acNy04u8UkxDtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzMIv
6ayaKSxLq9kYiWj7B7kxLKAwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RDOUE5QTFFRTNGMDExRUZCRURCQUE0QTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDQwDQYJKoZIhvcNAQEL
BQADggEBAJKW6LfkkZstRE8cwMBV4ka6NmDviTV19Jxbl4ggJVtrJ9TXaOmY6YRf
PWOiissmYFFKPBfCbCwnLykObwIxgKOwnS3n+nA06be+ZQGdWWKCC/PgyjpgeAb1
YH+HihmMkUrdz87UAe6DYQEolo9DSsMbdUwMZT31jJYh8Mnwx27fBAkmZjDYfA5O
THs67t5FOw8FQpu8G3fCFSbzzz286nc6ujmBb6oyYPRbm95DicWTGf1ztu7mbToQ
bJYEM7v0UdGNqKw6kbmlgjhG7zdblEKq18QXZqANrC9XbDLig1SxmH2NOpIVVJ4r
qsQaY6pUuZxVE//aJi76m4f+z7PCF3c=
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:02 2025 by rpki-client