Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/242CD0D215EB11F08CC2BCCB6DB8BCC6.roa
File: 242CD0D215EB11F08CC2BCCB6DB8BCC6.roa (raw, json)
Hash identifier: znRzRy0pbXHVAXwZZb+xuQGa37niPnfxHunrGyRcg9c=
Subject key identifier: EF:4B:00:2B:90:BB:B9:AF:B5:8D:38:6D:BB:75:20:F3:D0:27:9E:18
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1A7C
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/242CD0D215EB11F08CC2BCCB6DB8BCC6.roa
Signing time: Thu 10 Apr 2025 09:06:52 +0000
ROA not before: Thu 10 Apr 2025 09:06:48 +0000
ROA not after: Sat 10 Apr 2027 09:06:48 +0000
asID: 174
IP address blocks: 154.16.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 01:18:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6780 (0x1a7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Apr 10 09:06:48 2025 GMT
Not After : Apr 10 09:06:48 2027 GMT
Subject: CN=67f78a2c-2687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ca:3d:cd:0a:ae:d2:0d:b7:eb:82:a7:5f:cf:
61:44:f7:36:21:22:c8:cb:59:65:4d:bb:17:24:49:
69:e1:f0:b5:f1:eb:15:f9:31:9a:35:a4:f3:6d:51:
23:0f:89:98:67:ad:57:d9:c2:2d:6a:93:31:1b:3a:
ed:12:35:9c:cb:94:e2:5c:56:2d:1f:f3:dc:64:23:
d3:ca:e9:73:9a:c3:08:90:d4:9b:f1:e4:04:30:1a:
af:ec:53:37:0b:f5:2d:fa:49:a3:09:4c:2c:da:81:
8b:67:98:af:16:77:f4:16:85:52:d1:ca:8a:7b:fe:
8f:07:40:a4:82:49:bd:ed:a8:04:4b:8c:8c:c6:32:
28:08:a6:28:64:81:1e:0a:77:8d:f7:7a:b9:df:63:
40:4a:8a:9e:94:3a:ae:e5:1f:e1:aa:bf:61:a6:0a:
6c:76:85:7d:29:aa:f1:ae:06:cc:16:51:78:72:b1:
c6:7c:40:ef:04:32:d2:64:14:21:ed:8c:26:96:3b:
4b:de:97:16:bd:5a:6e:56:7f:d2:c2:48:1a:c3:f2:
36:e1:15:ea:ab:c3:fc:3d:3c:2d:6f:9d:63:d9:b3:
42:b3:6e:70:1d:d8:a6:ba:f4:11:2b:26:74:ad:84:
bc:3a:e5:da:a6:eb:f0:74:bc:f2:94:22:8d:8f:95:
14:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4B:00:2B:90:BB:B9:AF:B5:8D:38:6D:BB:75:20:F3:D0:27:9E:18
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/242CD0D215EB11F08CC2BCCB6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.192.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:dd:2e:a7:a9:10:e5:69:b8:4f:a4:21:eb:c1:f4:a0:ba:5e:
e2:95:4e:6d:ba:81:f6:39:5c:66:72:ed:1d:4b:03:88:ce:74:
b8:c9:f6:56:25:69:58:dc:e9:a3:7a:54:7c:fc:0f:c6:0d:5f:
2c:de:a9:20:5b:a3:06:b7:77:32:8a:90:77:50:b3:ba:5e:a1:
80:c9:5e:fb:a8:73:4e:b7:6e:9a:72:99:7d:e2:fb:83:11:e9:
e8:ce:e3:4a:ac:00:d7:bc:ca:7f:43:11:5d:da:ff:e9:66:96:
f3:c8:69:83:7e:c5:b1:51:fd:a3:38:14:8c:3d:49:4d:0c:db:
87:ce:46:03:bc:7b:1e:6a:29:9e:ab:07:ff:c0:5c:fa:18:66:
f0:5b:37:f6:69:2c:bb:57:25:21:7e:07:32:7c:4a:4d:3f:d1:
ce:01:56:e3:35:43:58:04:e3:13:11:42:0b:80:42:30:00:a7:
a9:27:e4:99:39:d6:72:f6:c6:f8:59:c4:c8:5a:02:e3:f9:17:
27:8a:31:64:11:91:6f:63:2b:b1:12:5a:cc:78:0e:4e:6a:53:
30:4f:bf:ba:0a:c2:bb:a0:22:88:da:ab:1a:55:a5:22:53:35:
f4:7b:aa:62:7d:d6:60:69:ec:04:84:24:32:9a:d0:18:0a:c4:
de:6b:9e:91
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGnwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA0MTAwOTA2NDhaFw0yNzA0MTAwOTA2NDhaMBgxFjAU
BgNVBAMTDTY3Zjc4YTJjLTI2ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDayj3NCq7SDbfrgqdfz2FE9zYhIsjLWWVNuxckSWnh8LXx6xX5MZo1pPNt
USMPiZhnrVfZwi1qkzEbOu0SNZzLlOJcVi0f89xkI9PK6XOawwiQ1Jvx5AQwGq/s
UzcL9S36SaMJTCzagYtnmK8Wd/QWhVLRyop7/o8HQKSCSb3tqARLjIzGMigIpihk
gR4Kd433ernfY0BKip6UOq7lH+Gqv2GmCmx2hX0pqvGuBswWUXhyscZ8QO8EMtJk
FCHtjCaWO0velxa9Wm5Wf9LCSBrD8jbhFeqrw/w9PC1vnWPZs0KzbnAd2Ka69BEr
JnSthLw65dqm6/B0vPKUIo2PlRRdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU70sA
K5C7ua+1jThtu3Ug89AnnhgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzI0MkNEMEQyMTVFQjExRjA4Q0MyQkNDQjZEQjhCQ0M2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMAwDQYJKoZIhvcNAQEL
BQADggEBAKPdLqepEOVpuE+kIevB9KC6XuKVTm26gfY5XGZy7R1LA4jOdLjJ9lYl
aVjc6aN6VHz8D8YNXyzeqSBbowa3dzKKkHdQs7peoYDJXvuoc063bppymX3i+4MR
6ejO40qsANe8yn9DEV3a/+lmlvPIaYN+xbFR/aM4FIw9SU0M24fORgO8ex5qKZ6r
B//AXPoYZvBbN/ZpLLtXJSF+BzJ8Sk0/0c4BVuM1Q1gE4xMRQguAQjAAp6kn5Jk5
1nL2xvhZxMhaAuP5FyeKMWQRkW9jK7ESWsx4Dk5qUzBPv7oKwrugIojaqxpVpSJT
NfR7qmJ91mBp7ASEJDKa0BgKxN5rnpE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:43:45 2025 by rpki-client