Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E41744EAB16911EFBB14B0BA762E951A.roa
File: E41744EAB16911EFBB14B0BA762E951A.roa (raw, json)
Hash identifier: SW2CZ/9KAn0DbZFwr4MOJku0h7wuZfdgCBKfdmvBucM=
Subject key identifier: 90:43:5D:DE:22:C9:95:EC:02:A8:66:D1:1F:CB:13:A4:A9:5B:3B:32
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1921
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E41744EAB16911EFBB14B0BA762E951A.roa
Signing time: Tue 03 Dec 2024 11:29:43 +0000
ROA not before: Tue 03 Dec 2024 11:29:39 +0000
ROA not after: Thu 03 Dec 2026 11:29:39 +0000
asID: 46562
IP address blocks: 154.16.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6433 (0x1921)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 3 11:29:39 2024 GMT
Not After : Dec 3 11:29:39 2026 GMT
Subject: CN=674eeba7-a330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7b:96:eb:12:14:b7:e4:1c:69:f1:1f:c0:99:
55:b9:0c:0b:17:1b:d5:a5:51:5c:8f:f4:55:dc:36:
01:25:ed:07:21:0b:25:f2:52:17:56:d2:c5:47:bf:
38:ee:83:21:e9:82:12:ee:98:7f:0c:5a:ed:7b:2c:
22:b1:7f:14:32:00:3d:ce:8b:c7:8b:b8:c1:77:74:
5d:7d:88:39:60:62:ac:0e:a5:7e:69:bc:48:38:9f:
1b:1c:a5:53:ac:43:c8:b6:7d:10:2e:50:43:7c:cf:
e2:1a:0a:e2:09:95:f7:ec:9d:86:eb:80:4d:50:1b:
34:97:3e:4e:fc:a7:81:27:fc:8f:72:ba:a3:4e:13:
dc:88:01:b1:70:c9:6f:03:70:d8:e4:a6:85:24:82:
3f:14:8f:48:b6:92:b0:9b:cb:21:08:c7:41:42:d5:
57:c5:8e:7f:54:d1:00:64:08:cf:51:c7:28:9f:1c:
74:e1:a1:3f:f9:e6:37:66:c9:2f:ea:c6:da:97:ab:
34:43:a3:eb:37:03:15:34:4c:0c:2f:5a:bd:85:10:
3f:35:c2:ad:a7:77:c7:88:34:e6:6c:45:1b:30:0e:
06:03:dc:6f:61:35:f7:ab:73:e8:3b:27:f7:b5:08:
84:d1:e5:0d:23:77:46:40:14:49:61:bf:93:14:06:
72:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:43:5D:DE:22:C9:95:EC:02:A8:66:D1:1F:CB:13:A4:A9:5B:3B:32
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E41744EAB16911EFBB14B0BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.196.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:88:d3:7a:a1:b1:29:7d:5b:b8:86:2c:2e:61:bd:a3:47:d6:
20:d8:b8:d4:ee:7f:a9:11:c8:05:cf:2a:12:5d:50:48:9f:ee:
87:59:64:60:54:33:ab:39:72:a2:6a:21:fc:9e:5f:d2:59:f2:
f9:9b:4a:fe:71:a1:7f:94:43:20:fa:c7:ec:ee:b2:0b:cb:88:
05:ee:62:63:af:6a:b7:53:d9:f2:e9:2a:4c:21:d1:5c:e3:98:
83:51:c8:02:4c:47:05:33:66:09:d7:4f:6e:ea:d2:17:e3:80:
7d:50:c5:91:1a:6e:0d:31:49:f3:28:e5:47:5c:e5:72:b7:4e:
3e:78:cf:b5:90:ac:3a:48:12:5a:aa:89:7b:9f:4a:28:6e:6f:
79:47:4d:08:fc:22:b4:fa:a4:84:55:17:d4:a0:ae:ee:60:c8:
45:47:12:66:8d:5a:f7:6b:2c:1a:59:2b:4f:d7:0a:b1:42:65:
1f:a3:d7:73:0e:ef:ac:f5:59:cb:4f:22:ab:95:02:8f:5e:bf:
23:cf:a1:ae:4e:31:f1:e6:a0:5d:59:24:25:7d:a3:17:cb:78:
24:1c:5a:8a:89:61:93:4d:df:10:7a:6c:c4:79:fe:db:a3:17:
a3:8b:dd:09:69:da:f8:07:57:53:50:de:9b:84:4f:6d:27:95:
bf:24:32:0c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGSEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMDMxMTI5MzlaFw0yNjEyMDMxMTI5MzlaMBgxFjAU
BgNVBAMTDTY3NGVlYmE3LWEzMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFe5brEhS35Bxp8R/AmVW5DAsXG9WlUVyP9FXcNgEl7QchCyXyUhdW0sVH
vzjugyHpghLumH8MWu17LCKxfxQyAD3Oi8eLuMF3dF19iDlgYqwOpX5pvEg4nxsc
pVOsQ8i2fRAuUEN8z+IaCuIJlffsnYbrgE1QGzSXPk78p4En/I9yuqNOE9yIAbFw
yW8DcNjkpoUkgj8Uj0i2krCbyyEIx0FC1VfFjn9U0QBkCM9RxyifHHThoT/55jdm
yS/qxtqXqzRDo+s3AxU0TAwvWr2FED81wq2nd8eINOZsRRswDgYD3G9hNferc+g7
J/e1CITR5Q0jd0ZAFElhv5MUBnKzAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUkENd
3iLJlewCqGbRH8sTpKlbOzIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0U0MTc0NEVBQjE2OTExRUZCQjE0QjBCQTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMQwDQYJKoZIhvcNAQEL
BQADggEBALeI03qhsSl9W7iGLC5hvaNH1iDYuNTuf6kRyAXPKhJdUEif7odZZGBU
M6s5cqJqIfyeX9JZ8vmbSv5xoX+UQyD6x+zusgvLiAXuYmOvardT2fLpKkwh0Vzj
mINRyAJMRwUzZgnXT27q0hfjgH1QxZEabg0xSfMo5Udc5XK3Tj54z7WQrDpIElqq
iXufSihub3lHTQj8IrT6pIRVF9Sgru5gyEVHEmaNWvdrLBpZK0/XCrFCZR+j13MO
76z1WctPIquVAo9evyPPoa5OMfHmoF1ZJCV9oxfLeCQcWoqJYZNN3xB6bMR5/tuj
F6OL3Qlp2vgHV1NQ3puET20nlb8kMgw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:50:33 2025 by rpki-client