Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E57FA0D2F66C11EFA4618646762E951A.roa
File: E57FA0D2F66C11EFA4618646762E951A.roa (raw, json)
Hash identifier: xHsI5h2fUN2oP9sUw9rc7S/gTY4Hbv6ichSSUZ8eNXw=
Subject key identifier: 63:C6:74:5A:A7:6E:9E:A3:4A:51:2A:E1:EB:FB:3E:21:FB:EA:A1:5E
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A34
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E57FA0D2F66C11EFA4618646762E951A.roa
Signing time: Sat 01 Mar 2025 07:15:04 +0000
ROA not before: Sat 01 Mar 2025 07:14:59 +0000
ROA not after: Mon 01 Mar 2027 07:14:59 +0000
asID: 834
IP address blocks: 154.16.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6708 (0x1a34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 1 07:14:59 2025 GMT
Not After : Mar 1 07:14:59 2027 GMT
Subject: CN=67c2b3f8-e4c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b1:e8:16:a5:77:a9:eb:3b:b3:dc:ab:bd:3e:
fe:98:85:1c:db:c3:f6:d2:44:a4:3a:20:5e:c8:0c:
69:c1:f2:c6:4e:1f:d2:41:47:16:fe:15:53:1b:1e:
df:25:3a:da:c4:64:4f:db:0c:53:82:42:08:a5:ba:
bf:54:78:c7:12:98:0b:8e:44:2f:b2:fe:a6:8c:63:
73:48:27:32:55:18:68:fd:91:be:2f:c0:99:b8:dd:
f5:30:6b:b5:c6:c4:7c:7b:7f:60:65:45:fb:09:81:
46:e8:36:15:f6:d9:66:ff:11:13:bc:bc:1e:87:fb:
e6:f2:28:66:c8:24:2a:bd:01:16:5f:a2:ad:95:b1:
5e:5f:59:d6:0a:0c:cf:d5:02:42:e4:4a:7c:03:1a:
3b:f1:e2:37:76:2b:00:45:df:2f:5e:b1:dd:15:d2:
48:6b:08:86:9f:91:d8:6c:a0:df:d8:70:6d:0c:db:
9c:7d:77:bc:1e:47:53:94:e4:3b:ba:bc:47:28:75:
ea:25:4d:e6:a4:ef:65:70:1b:3e:12:69:88:76:ab:
51:98:e5:36:7c:91:72:4a:44:15:22:e8:6b:00:2b:
42:3c:46:ee:5b:cf:6a:dc:bc:f6:95:c1:67:d7:9b:
df:69:85:80:2b:16:b1:24:30:4c:be:2f:a0:8d:22:
57:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C6:74:5A:A7:6E:9E:A3:4A:51:2A:E1:EB:FB:3E:21:FB:EA:A1:5E
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E57FA0D2F66C11EFA4618646762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.255.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:51:c8:20:c7:cb:74:1d:76:4e:11:ab:a0:9d:ef:76:b4:a9:
6d:eb:a3:74:a8:5a:d7:7a:13:f0:24:58:dd:d9:89:d5:40:4f:
58:91:51:7d:3f:93:51:78:5c:6a:a8:a2:9f:7e:8b:cc:d4:ec:
db:aa:68:23:a7:3e:8f:19:05:2f:d6:b0:74:4a:01:6c:18:81:
c6:00:9b:cd:c9:d2:43:75:78:16:21:4c:1b:06:25:5f:34:78:
1b:18:11:ad:82:e4:d6:9b:d3:3f:c6:1a:a9:6f:17:7e:f1:67:
29:c3:4b:84:1a:fd:d2:f5:86:ca:b2:d6:ea:f9:a0:c7:ae:f3:
c6:b4:90:68:54:07:24:f2:1c:cf:8c:5e:e4:cc:92:71:5f:a5:
2d:5b:c3:36:7a:93:41:64:4c:3a:e0:96:9d:06:21:c4:66:c9:
2b:7f:e1:b6:fe:77:ac:57:9b:5f:50:1d:b4:3f:ba:cc:bd:be:
3f:53:d8:7e:0a:9c:53:35:54:64:e2:99:92:b8:e4:8b:42:f5:
3d:38:be:c7:92:ad:2f:3e:4f:bf:a8:84:2a:47:86:12:07:d2:
7a:98:78:17:da:43:91:ff:fb:bb:57:9b:04:63:1a:8e:9f:44:
3e:a3:13:d5:ec:a8:78:61:39:70:f9:e3:5c:98:df:56:64:a7:
61:eb:21:ad
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGjQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAzMDEwNzE0NTlaFw0yNzAzMDEwNzE0NTlaMBgxFjAU
BgNVBAMTDTY3YzJiM2Y4LWU0YzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJsegWpXep6zuz3Ku9Pv6YhRzbw/bSRKQ6IF7IDGnB8sZOH9JBRxb+FVMb
Ht8lOtrEZE/bDFOCQgilur9UeMcSmAuORC+y/qaMY3NIJzJVGGj9kb4vwJm43fUw
a7XGxHx7f2BlRfsJgUboNhX22Wb/ERO8vB6H++byKGbIJCq9ARZfoq2VsV5fWdYK
DM/VAkLkSnwDGjvx4jd2KwBF3y9esd0V0khrCIafkdhsoN/YcG0M25x9d7weR1OU
5Du6vEcodeolTeak72VwGz4SaYh2q1GY5TZ8kXJKRBUi6GsAK0I8Ru5bz2rcvPaV
wWfXm99phYArFrEkMEy+L6CNIldZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUY8Z0
WqdunqNKUSrh6/s+IfvqoV4wHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0U1N0ZBMEQyRjY2QzExRUZBNDYxODY0Njc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEP8wDQYJKoZIhvcNAQEL
BQADggEBALRRyCDHy3Qddk4Rq6Cd73a0qW3ro3SoWtd6E/AkWN3ZidVAT1iRUX0/
k1F4XGqoop9+i8zU7NuqaCOnPo8ZBS/WsHRKAWwYgcYAm83J0kN1eBYhTBsGJV80
eBsYEa2C5Nab0z/GGqlvF37xZynDS4Qa/dL1hsqy1ur5oMeu88a0kGhUByTyHM+M
XuTMknFfpS1bwzZ6k0FkTDrglp0GIcRmySt/4bb+d6xXm19QHbQ/usy9vj9T2H4K
nFM1VGTimZK45ItC9T04vseSrS8+T7+ohCpHhhIH0nqYeBfaQ5H/+7tXmwRjGo6f
RD6jE9XsqHhhOXD541yY31Zkp2HrIa0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:06 2025 by rpki-client