Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EE99FE32C44A11EFB86F9F59762E951A.roa
File: EE99FE32C44A11EFB86F9F59762E951A.roa (raw, json)
Hash identifier: 5I9skEdQDjWXL+E9YQTmwjTbUZ3VozhZXU+CT8mvlXw=
Subject key identifier: B0:97:48:34:B3:26:AE:6B:F6:AD:17:28:E5:93:FA:E3:AF:9A:61:06
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1974
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EE99FE32C44A11EFB86F9F59762E951A.roa
Signing time: Fri 27 Dec 2024 12:05:58 +0000
ROA not before: Fri 27 Dec 2024 12:05:54 +0000
ROA not after: Sun 27 Dec 2026 12:05:54 +0000
asID: 212238
IP address blocks: 154.16.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6516 (0x1974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Dec 27 12:05:54 2024 GMT
Not After : Dec 27 12:05:54 2026 GMT
Subject: CN=676e9826-e680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f2:38:a8:a5:4b:11:92:c1:08:83:fe:4f:2d:
03:b6:14:45:53:80:5d:ec:5c:f7:7f:cd:56:1e:36:
f7:10:54:d9:71:f6:1b:5f:86:04:12:56:a8:b2:4d:
16:5c:ca:17:75:48:5a:b5:c1:8e:ec:75:65:7c:7e:
9c:5d:6d:7e:39:8b:22:66:1a:d7:ce:84:45:cf:f5:
ba:7d:4b:d7:43:42:45:f7:86:23:1e:e7:a3:6e:a0:
20:48:72:78:96:79:73:9d:d6:f9:a9:1e:c2:2f:d3:
47:f6:d3:54:4f:be:c3:0a:bf:2b:d9:7f:a2:99:3f:
63:a7:58:9d:87:c6:b2:98:49:2b:87:00:f2:55:31:
c1:80:8b:b9:43:db:41:43:9a:8c:cd:67:fc:56:a2:
15:50:24:f6:b4:83:28:3a:3e:1d:78:3a:a4:54:ec:
38:5d:1b:a9:5c:fa:c6:dd:cd:45:87:8f:a3:dc:bf:
ed:16:2b:e5:0d:70:c3:7c:eb:87:4a:cc:fc:cc:12:
b5:22:70:0f:f8:12:dc:68:cf:80:0f:83:91:b9:0f:
a2:3a:60:a2:7c:c3:21:ec:c4:43:51:5c:72:26:58:
0a:99:f9:f6:e8:97:88:c0:ce:5f:79:0e:43:c5:91:
6b:5d:39:1d:fe:2a:d5:56:35:2a:57:01:d0:19:6b:
7a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:97:48:34:B3:26:AE:6B:F6:AD:17:28:E5:93:FA:E3:AF:9A:61:06
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EE99FE32C44A11EFB86F9F59762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.209.0/24
Signature Algorithm: sha256WithRSAEncryption
39:bc:6c:e5:10:75:f3:bd:e3:ea:86:3e:7f:07:7b:5c:41:67:
e0:96:0f:4e:fa:89:08:de:83:74:14:b2:be:ba:0b:c5:97:80:
e9:42:7a:76:52:8e:da:90:34:6f:35:71:f0:fa:c5:ce:19:73:
b9:52:e8:e2:54:b9:8f:f2:67:d7:8c:98:91:74:03:27:1f:93:
9c:a5:2b:48:72:2f:cf:b5:d9:0f:1c:c8:97:80:45:0f:c7:9d:
af:f0:51:6f:86:e8:27:77:cb:61:2d:41:72:a3:68:8f:da:38:
52:23:59:ba:5e:19:c9:14:21:75:40:20:6d:55:9a:7b:4e:5e:
5e:ac:1d:8c:41:69:56:5d:a9:c6:f0:ec:d8:4d:25:83:96:50:
42:ec:0c:da:54:02:9c:83:97:2c:5f:a6:5e:30:08:67:c7:62:
b0:61:e2:4c:89:da:42:34:28:9a:b0:09:46:e4:2a:f9:1e:bd:
31:06:3b:38:4f:a9:d6:0a:69:cb:f3:86:fa:71:26:54:d9:6d:
51:7a:f6:a8:37:71:cf:71:0a:a2:90:78:9f:9d:8e:0d:a4:32:
f0:1b:9d:14:ed:09:54:90:d2:06:d9:8b:73:2f:a0:20:f8:c7:
2f:f5:5a:82:72:f2:5e:a2:ce:83:f2:2e:e1:6e:89:4a:1f:11:
df:fc:9a:1d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGXQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDEyMjcxMjA1NTRaFw0yNjEyMjcxMjA1NTRaMBgxFjAU
BgNVBAMTDTY3NmU5ODI2LWU2ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC18jiopUsRksEIg/5PLQO2FEVTgF3sXPd/zVYeNvcQVNlx9htfhgQSVqiy
TRZcyhd1SFq1wY7sdWV8fpxdbX45iyJmGtfOhEXP9bp9S9dDQkX3hiMe56NuoCBI
cniWeXOd1vmpHsIv00f201RPvsMKvyvZf6KZP2OnWJ2HxrKYSSuHAPJVMcGAi7lD
20FDmozNZ/xWohVQJPa0gyg6Ph14OqRU7DhdG6lc+sbdzUWHj6Pcv+0WK+UNcMN8
64dKzPzMErUicA/4Etxoz4APg5G5D6I6YKJ8wyHsxENRXHImWAqZ+fbol4jAzl95
DkPFkWtdOR3+KtVWNSpXAdAZa3rhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUsJdI
NLMmrmv2rRco5ZP646+aYQYwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0VFOTlGRTMyQzQ0QTExRUZCODZGOUY1OTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaENEwDQYJKoZIhvcNAQEL
BQADggEBADm8bOUQdfO94+qGPn8He1xBZ+CWD076iQjeg3QUsr66C8WXgOlCenZS
jtqQNG81cfD6xc4Zc7lS6OJUuY/yZ9eMmJF0Aycfk5ylK0hyL8+12Q8cyJeARQ/H
na/wUW+G6Cd3y2EtQXKjaI/aOFIjWbpeGckUIXVAIG1VmntOXl6sHYxBaVZdqcbw
7NhNJYOWUELsDNpUApyDlyxfpl4wCGfHYrBh4kyJ2kI0KJqwCUbkKvkevTEGOzhP
qdYKacvzhvpxJlTZbVF69qg3cc9xCqKQeJ+djg2kMvAbnRTtCVSQ0gbZi3MvoCD4
xy/1WoJy8l6izoPyLuFuiUofEd/8mh0=
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:55:15 2025 by rpki-client