Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E5C157FAC2BB11EFB2124E69762E951A.roa
File: E5C157FAC2BB11EFB2124E69762E951A.roa (raw, json)
Hash identifier: JukYsEKL9CYlzUY2ywSUBmJrH17+m6tBPUBNd79DRos=
Subject key identifier: 1A:F7:42:61:C1:FD:4A:45:04:CD:F9:45:71:AC:95:17:AB:F9:FC:59
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1957
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E5C157FAC2BB11EFB2124E69762E951A.roa
Signing time: Wed 25 Dec 2024 12:29:34 +0000
ROA not before: Wed 25 Dec 2024 12:29:30 +0000
ROA not after: Thu 25 Dec 2025 12:29:30 +0000
asID: 21840
IP address blocks: 154.127.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6487 (0x1957)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 25 12:29:30 2024 GMT
Not After : Dec 25 12:29:30 2025 GMT
Subject: CN=676bfaae-6586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:eb:bc:95:a3:42:9e:34:77:79:f0:94:70:a2:
8c:22:57:a2:ba:96:e5:bb:d6:9a:89:29:c6:87:db:
db:46:75:10:a6:50:a7:8b:21:72:48:75:b7:64:09:
4d:a3:9f:63:40:f4:ec:84:a6:f5:77:ba:9f:4c:2e:
47:4d:05:b3:3d:a0:ae:61:c8:34:ff:01:9e:2c:c5:
0b:8f:eb:b9:de:a8:ab:79:ba:ed:1b:a0:ca:35:c5:
48:08:78:51:6a:8f:26:dc:cd:7f:7b:a4:ac:26:04:
fa:2a:40:63:99:9a:8d:50:18:06:26:96:f8:44:31:
63:38:3d:46:dd:ed:96:f8:99:1c:32:02:4c:e1:5a:
77:4e:e9:f4:75:50:1e:84:d8:91:46:38:24:14:13:
1d:11:2b:80:2f:cb:00:6b:62:32:28:b2:72:5a:0f:
2f:cf:b3:2a:24:25:d5:1b:79:97:7d:44:bc:94:b5:
86:0b:a9:70:a6:9f:28:de:62:09:4a:c1:54:b5:1c:
e6:25:41:36:30:ff:a8:0a:7d:30:97:46:44:c5:cf:
85:73:3e:cb:5a:16:7e:6d:da:46:6f:ac:88:ae:10:
42:7d:4e:8c:a6:a3:f8:d2:16:1f:77:46:10:30:1b:
a4:5c:a5:5d:37:7e:89:ab:11:b6:ad:d0:12:91:bb:
9d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F7:42:61:C1:FD:4A:45:04:CD:F9:45:71:AC:95:17:AB:F9:FC:59
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/E5C157FAC2BB11EFB2124E69762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.127.59.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:0f:93:9f:70:51:c7:df:c8:77:07:60:ff:8a:e3:e1:75:af:
cc:9f:22:0a:e0:db:37:b1:66:a9:a6:e2:2b:b6:da:cd:01:38:
c5:a5:22:10:52:95:7e:fa:ee:4f:e2:ec:01:07:a3:db:80:cd:
96:dd:38:de:6b:50:51:ea:80:fb:e2:ef:21:e5:80:a1:3c:b5:
cf:99:eb:17:ec:fc:48:6d:60:a5:4e:9f:1b:56:ff:af:9b:a8:
58:89:db:37:38:a3:2e:27:e1:1d:7a:fc:af:24:6b:1b:69:fb:
a6:b2:b2:db:14:76:e2:47:c1:ec:e3:63:5a:8b:1f:c9:d8:4f:
95:d4:d4:87:5d:4e:e2:70:db:9f:af:ef:ec:fc:e1:99:b6:92:
18:10:81:a2:3f:67:1f:13:45:29:17:4f:12:c8:e7:33:a8:75:
61:29:75:f2:ad:04:b0:98:aa:48:f6:7e:e3:a4:04:05:c4:ef:
db:36:bd:f0:1b:46:0b:5a:81:e8:13:2e:b5:47:22:7c:ac:6b:
05:d0:27:78:00:54:00:e8:fa:09:60:e6:82:f4:5f:f3:c2:a2:
84:48:f2:41:2f:be:49:9e:4b:5f:3f:0b:91:63:56:a6:d0:92:
39:73:c2:67:5b:d7:76:a5:5e:37:c3:ae:85:ed:04:75:a4:d4:
48:a4:2d:7c
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGVcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjUxMjI5MzBaFw0yNTEyMjUxMjI5MzBaMBgxFjAU
BgNVBAMTDTY3NmJmYWFlLTY1ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDn67yVo0KeNHd58JRwoowiV6K6luW71pqJKcaH29tGdRCmUKeLIXJIdbdk
CU2jn2NA9OyEpvV3up9MLkdNBbM9oK5hyDT/AZ4sxQuP67neqKt5uu0boMo1xUgI
eFFqjybczX97pKwmBPoqQGOZmo1QGAYmlvhEMWM4PUbd7Zb4mRwyAkzhWndO6fR1
UB6E2JFGOCQUEx0RK4AvywBrYjIosnJaDy/PsyokJdUbeZd9RLyUtYYLqXCmnyje
YglKwVS1HOYlQTYw/6gKfTCXRkTFz4VzPstaFn5t2kZvrIiuEEJ9Toymo/jSFh93
RhAwG6RcpV03fomrEbat0BKRu50zAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGvdC
YcH9SkUEzflFcayVF6v5/FkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0U1QzE1N0ZBQzJCQjExRUZCMjEyNEU2OTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACafzswDQYJKoZIhvcNAQEL
BQADggEBAB0Pk59wUcffyHcHYP+K4+F1r8yfIgrg2zexZqmm4iu22s0BOMWlIhBS
lX767k/i7AEHo9uAzZbdON5rUFHqgPvi7yHlgKE8tc+Z6xfs/EhtYKVOnxtW/6+b
qFiJ2zc4oy4n4R16/K8kaxtp+6aystsUduJHwezjY1qLH8nYT5XU1IddTuJw25+v
7+z84Zm2khgQgaI/Zx8TRSkXTxLI5zOodWEpdfKtBLCYqkj2fuOkBAXE79s2vfAb
RgtagegTLrVHInysawXQJ3gAVADo+glg5oL0X/PCooRI8kEvvkmeS18/C5FjVqbQ
kjlzwmdb13alXjfDroXtBHWk1EikLXw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:58:20 2025 by rpki-client