Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EFC26A82016811F0B1A3E685762E951A.roa
File: EFC26A82016811F0B1A3E685762E951A.roa (raw, json)
Hash identifier: 9/S5NPp3d11hIpgACroVzKT2xzeOvaYA7B1ox+6i7O0=
Subject key identifier: 15:AD:9B:C7:AC:9D:DE:1C:01:0B:C2:A3:D0:02:DB:3C:4B:25:4C:B6
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A4F
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EFC26A82016811F0B1A3E685762E951A.roa
Signing time: Sat 15 Mar 2025 06:44:26 +0000
ROA not before: Sat 15 Mar 2025 06:44:21 +0000
ROA not after: Mon 15 Mar 2027 06:44:21 +0000
asID: 834
IP address blocks: 154.16.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6735 (0x1a4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF
Validity
Not Before: Mar 15 06:44:21 2025 GMT
Not After : Mar 15 06:44:21 2027 GMT
Subject: CN=67d521ca-9230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:56:5d:f4:ef:a7:6d:48:72:f7:e8:c4:c0:c7:
b1:0c:12:ca:e0:90:76:e1:5d:1b:71:19:26:f0:a0:
b4:ab:f2:de:d6:7c:8e:ca:e1:2c:ba:ba:63:14:da:
90:58:0d:30:7a:c1:e8:49:e8:46:6b:f4:3f:85:c6:
a3:8b:e9:5c:d9:a3:71:15:c0:a9:75:72:a2:48:94:
65:17:a7:21:ab:46:ca:f1:6b:a9:3d:d3:d0:c5:5b:
f1:2c:40:29:e5:69:c9:78:0e:6e:5d:35:b4:4a:d4:
f8:74:ea:f0:35:fc:2e:c2:81:9e:77:1f:c2:87:a5:
24:01:cc:1e:cd:3a:29:fe:95:bd:b7:40:18:e5:f4:
71:80:ed:90:0f:5e:3f:2d:71:f2:ef:61:cc:e3:c6:
92:64:01:05:c0:73:14:1d:73:dd:3c:7d:fe:a5:09:
81:cd:b4:9d:01:74:cc:6c:58:17:dd:4b:74:72:9b:
3b:21:2c:b6:b9:cc:22:1c:3f:ff:22:58:86:30:c0:
0b:e8:fa:51:55:bc:dc:54:92:a7:57:d6:72:bf:74:
5b:6c:e0:18:c5:9e:49:1d:0a:11:eb:c7:17:ae:25:
1c:b7:36:48:66:ba:5e:c6:01:7c:cc:9d:eb:68:7c:
0a:d2:5d:6e:d9:10:16:e8:0a:37:fd:24:20:e2:1b:
97:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:AD:9B:C7:AC:9D:DE:1C:01:0B:C2:A3:D0:02:DB:3C:4B:25:4C:B6
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/EFC26A82016811F0B1A3E685762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.86.0/24
Signature Algorithm: sha256WithRSAEncryption
53:8a:b5:79:1f:b0:88:71:1f:aa:bd:2a:60:1d:23:f3:29:b2:
88:27:67:e8:13:f6:0a:21:65:98:37:4c:c6:d1:3c:60:6d:3d:
e9:1b:22:02:88:5b:ea:09:de:78:45:08:33:3f:3c:37:aa:cc:
9a:ef:46:6d:36:cf:69:e7:f2:a3:d4:ef:c3:6a:9a:cc:7f:40:
73:64:ce:22:11:d8:f8:8b:8a:4e:54:43:a1:73:95:4a:78:7f:
b9:45:8d:44:b4:01:ec:6a:f9:d0:8f:af:34:d0:0d:48:75:42:
f8:54:75:89:3d:55:a4:57:34:e5:08:9c:a2:e7:87:05:76:db:
66:a6:c4:ca:a1:8a:a3:1e:ec:79:15:b0:dd:a6:83:9b:a2:ac:
5c:9c:dd:59:75:b5:a8:e6:30:83:38:22:47:8b:c6:63:b0:dd:
c7:a0:b3:48:a1:c8:99:42:e6:a0:79:fe:ca:5e:53:e5:30:c0:
45:8e:6b:c3:b9:09:28:bc:c2:82:e4:17:2f:cf:83:1d:85:a4:
2e:c4:29:b7:06:58:a9:16:d1:9b:26:78:92:7d:9b:8f:1e:a7:
84:47:27:cb:f5:fc:a8:86:93:5f:5a:18:e9:6c:7c:66:38:68:
04:a3:61:1b:2d:85:f3:e5:4e:f4:5b:6d:d2:22:79:fa:b1:58:
37:5b:d5:39
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGk8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTAzMTUwNjQ0MjFaFw0yNzAzMTUwNjQ0MjFaMBgxFjAU
BgNVBAMTDTY3ZDUyMWNhLTkyMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4Vl3076dtSHL36MTAx7EMEsrgkHbhXRtxGSbwoLSr8t7WfI7K4Sy6umMU
2pBYDTB6wehJ6EZr9D+FxqOL6VzZo3EVwKl1cqJIlGUXpyGrRsrxa6k909DFW/Es
QCnlacl4Dm5dNbRK1Ph06vA1/C7CgZ53H8KHpSQBzB7NOin+lb23QBjl9HGA7ZAP
Xj8tcfLvYczjxpJkAQXAcxQdc908ff6lCYHNtJ0BdMxsWBfdS3RymzshLLa5zCIc
P/8iWIYwwAvo+lFVvNxUkqdX1nK/dFts4BjFnkkdChHrxxeuJRy3Nkhmul7GAXzM
netofArSXW7ZEBboCjf9JCDiG5dvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUFa2b
x6yd3hwBC8Kj0ALbPEslTLYwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0VGQzI2QTgyMDE2ODExRjBCMUEzRTY4NTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFYwDQYJKoZIhvcNAQEL
BQADggEBAFOKtXkfsIhxH6q9KmAdI/MpsognZ+gT9gohZZg3TMbRPGBtPekbIgKI
W+oJ3nhFCDM/PDeqzJrvRm02z2nn8qPU78Nqmsx/QHNkziIR2PiLik5UQ6FzlUp4
f7lFjUS0Aexq+dCPrzTQDUh1QvhUdYk9VaRXNOUInKLnhwV222amxMqhiqMe7HkV
sN2mg5uirFyc3Vl1tajmMIM4IkeLxmOw3cegs0ihyJlC5qB5/speU+UwwEWOa8O5
CSi8woLkFy/Pgx2FpC7EKbcGWKkW0ZsmeJJ9m48ep4RHJ8v1/KiGk19aGOlsfGY4
aASjYRsthfPlTvRbbdIiefqxWDdb1Tk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:20:51 2025 by rpki-client