Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E5414DF0C44911EFA6F81353762E951A.roa
File: E5414DF0C44911EFA6F81353762E951A.roa (raw, json)
Hash identifier: +djAt7H1iZx7OgRz61LEbj9aFCToDAQEsQsIKDKua6Q=
Subject key identifier: 3C:C1:34:55:CB:67:2E:CC:BE:F6:81:93:E9:43:DB:B0:46:A6:6C:BB
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 196B
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E5414DF0C44911EFA6F81353762E951A.roa
Signing time: Fri 27 Dec 2024 11:58:33 +0000
ROA not before: Fri 27 Dec 2024 11:58:29 +0000
ROA not after: Sun 27 Dec 2026 11:58:29 +0000
asID: 32181
IP address blocks: 154.16.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6507 (0x196b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 27 11:58:29 2024 GMT
Not After : Dec 27 11:58:29 2026 GMT
Subject: CN=676e9669-4ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3f:ec:2f:89:1c:e5:5a:b4:08:ec:3e:03:8e:
71:c8:50:c4:d7:20:96:76:e9:4c:00:36:cf:4d:5c:
1e:24:19:3b:8a:2f:1c:3d:1d:fa:c1:d6:d1:ce:9d:
dc:11:8b:fb:39:9e:23:39:d7:71:41:1d:0d:af:0f:
33:55:a1:e6:84:29:ce:05:14:2c:fe:9c:88:ca:04:
cf:65:6a:98:4f:69:12:8e:0a:d4:03:d4:e3:32:d0:
21:03:9f:00:ba:67:50:92:9c:22:08:79:7a:3b:63:
f1:18:51:12:e7:40:29:2c:5d:73:f7:6e:5f:9b:c1:
01:35:91:67:63:ad:5d:2d:48:85:7c:09:72:91:41:
e8:c7:01:3f:34:4e:c9:d6:25:91:b0:e9:ff:a7:f4:
fd:d3:88:25:7c:43:e6:b0:3d:f0:34:bb:ca:4f:3d:
4c:32:00:5b:d0:af:83:9f:db:5e:d1:79:d3:c7:c0:
bc:79:15:33:e2:7f:b4:e4:00:cf:d4:78:52:9d:95:
80:45:49:21:26:d3:c6:e0:a1:26:a8:b0:80:59:2d:
5c:33:ab:56:66:ae:74:55:bc:95:74:57:70:84:9d:
ca:69:04:3f:c8:0a:bb:15:b9:01:26:c3:21:9b:c1:
eb:ec:9c:3a:4a:6c:c3:3f:22:92:51:74:b7:9e:bb:
88:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C1:34:55:CB:67:2E:CC:BE:F6:81:93:E9:43:DB:B0:46:A6:6C:BB
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E5414DF0C44911EFA6F81353762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.148.0/24
Signature Algorithm: sha256WithRSAEncryption
37:c6:23:e2:cf:4d:0a:c7:53:35:cb:15:d0:72:5b:b7:82:7f:
58:4b:d0:12:2d:20:ed:7e:b3:dc:22:67:b4:2a:d0:c9:70:b9:
b9:c3:4d:de:a0:d4:ea:fa:85:d0:b6:60:7d:fb:46:8b:d8:b5:
98:36:c5:30:b3:a5:02:08:aa:af:ec:e7:49:65:36:f1:41:6d:
63:8d:df:48:83:ed:2d:14:f7:85:00:36:85:05:9b:77:f7:83:
d8:f7:9e:0f:ca:c3:af:1d:14:e8:7f:61:01:b3:05:65:9e:bf:
ef:e3:a9:72:62:59:ef:42:05:cd:ba:f2:2b:3e:e1:ef:5b:a3:
c6:f3:c4:9b:36:de:3b:15:59:21:85:91:92:12:d4:ab:d1:e3:
78:28:44:42:50:30:23:dc:8b:a8:ce:9a:18:e9:57:2e:85:69:
ac:e8:98:ea:1d:ca:36:61:bf:6c:44:ec:88:cc:4d:34:99:47:
0b:fa:df:d0:18:1e:da:1c:42:85:8a:fe:42:30:e0:29:5d:96:
88:8a:4d:9b:e7:10:b9:85:4c:86:0c:53:09:3e:e3:3e:dc:36:
74:ed:d4:ce:e7:48:d2:92:92:46:dc:f7:9d:b5:5f:3b:0b:16:
52:34:2b:af:71:81:46:4e:e1:c0:a3:68:f7:56:ab:d4:87:7b:
97:47:16:73
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGWswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjcxMTU4MjlaFw0yNjEyMjcxMTU4MjlaMBgxFjAU
BgNVBAMTDTY3NmU5NjY5LTRlZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9P+wviRzlWrQI7D4DjnHIUMTXIJZ26UwANs9NXB4kGTuKLxw9HfrB1tHO
ndwRi/s5niM513FBHQ2vDzNVoeaEKc4FFCz+nIjKBM9laphPaRKOCtQD1OMy0CED
nwC6Z1CSnCIIeXo7Y/EYURLnQCksXXP3bl+bwQE1kWdjrV0tSIV8CXKRQejHAT80
TsnWJZGw6f+n9P3TiCV8Q+awPfA0u8pPPUwyAFvQr4Of217RedPHwLx5FTPif7Tk
AM/UeFKdlYBFSSEm08bgoSaosIBZLVwzq1ZmrnRVvJV0V3CEncppBD/ICrsVuQEm
wyGbwevsnDpKbMM/IpJRdLeeu4iNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUPME0
VctnLsy+9oGT6UPbsEambLswHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0U1NDE0REYwQzQ0OTExRUZBNkY4MTM1Mzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJQwDQYJKoZIhvcNAQEL
BQADggEBADfGI+LPTQrHUzXLFdByW7eCf1hL0BItIO1+s9wiZ7Qq0MlwubnDTd6g
1Or6hdC2YH37RovYtZg2xTCzpQIIqq/s50llNvFBbWON30iD7S0U94UANoUFm3f3
g9j3ng/Kw68dFOh/YQGzBWWev+/jqXJiWe9CBc268is+4e9bo8bzxJs23jsVWSGF
kZIS1KvR43goREJQMCPci6jOmhjpVy6FaazomOodyjZhv2xE7IjMTTSZRwv639AY
HtocQoWK/kIw4CldloiKTZvnELmFTIYMUwk+4z7cNnTt1M7nSNKSkkbc9521XzsL
FlI0K69xgUZO4cCjaPdWq9SHe5dHFnM=
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:02:02 2025 by rpki-client