![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/503BEA461E5211EF93B7A6367DDC24C2.roa
File: 503BEA461E5211EF93B7A6367DDC24C2.roa (raw, json)
Hash identifier: Ut5bThuFj9FuVwtpTHKZ/kp7urnGWPweebQdDn33iVA=
Subject key identifier: F3:EA:22:07:BF:33:4E:0A:0C:7F:56:93:A5:71:EB:56:03:09:D5:7D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: BBF8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/503BEA461E5211EF93B7A6367DDC24C2.roa
Signing time: Thu 30 May 2024 07:00:35 +0000
ROA not before: Thu 30 May 2024 07:00:32 +0000
ROA not after: Mon 01 Jul 2024 07:00:32 +0000
asID: 44559
IP address blocks: 154.209.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 28 Jun 2024 00:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48120 (0xbbf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 30 07:00:32 2024 GMT
Not After : Jul 1 07:00:32 2024 GMT
Subject: CN=66582413-b0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:54:f1:cb:6b:29:a5:fd:34:2f:a6:33:9a:f9:
7f:9c:ed:7d:cb:c4:5f:4f:32:aa:c8:c5:3c:96:8d:
9f:97:0f:c2:61:f7:29:f0:3a:ac:c5:03:b1:b2:83:
0a:34:a2:8a:c8:a9:3f:8a:b7:c8:4a:8b:05:22:91:
cc:25:6c:42:cf:3b:7a:ae:fe:37:7a:73:1b:9c:90:
45:87:d0:7c:d3:37:7c:77:68:37:37:04:56:18:f3:
01:a3:c1:15:b1:08:5c:1e:4b:be:6a:c9:09:a4:99:
43:56:64:0b:c8:7b:c3:fa:36:30:53:ac:c2:99:ce:
b0:71:44:36:97:ed:b6:4a:04:b3:6a:e6:65:15:55:
ee:a1:0a:2b:bf:9e:0c:44:a6:27:e1:42:2f:ba:92:
8e:b9:57:c9:5b:69:64:4a:7d:53:c1:08:9c:66:41:
7b:fe:5d:51:d2:b3:43:d9:d0:bd:a5:5b:1c:07:b1:
88:1a:9b:6e:b9:8c:ca:13:5c:d6:05:dd:b0:ca:b0:
ae:97:ad:e5:64:48:3f:2a:94:b2:fe:ad:f0:c1:81:
c5:be:f4:bd:bd:3a:e4:bd:bd:db:61:b5:8f:f1:67:
8c:e1:33:cd:9f:6c:a8:fd:db:a2:31:6f:9b:22:a8:
56:74:f6:01:0d:ad:8d:83:13:13:f6:dd:35:9e:b7:
da:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EA:22:07:BF:33:4E:0A:0C:7F:56:93:A5:71:EB:56:03:09:D5:7D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/503BEA461E5211EF93B7A6367DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.149.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ea:3e:10:90:ae:39:a5:e9:73:61:89:74:b0:20:f5:94:35:
42:d7:4e:3f:10:3b:c1:f8:d2:ec:3f:99:15:8f:d4:77:2c:f9:
c7:80:0a:08:f5:a4:56:fa:ff:94:c8:28:03:1c:44:b1:0b:7b:
23:87:10:ac:5f:58:1f:36:79:d5:f3:5f:3e:86:45:15:f6:b1:
07:7c:07:c2:d9:70:4e:43:57:38:91:92:29:ea:03:05:bd:f5:
d8:f8:15:32:19:18:b5:6d:c6:e6:c1:d2:f5:43:cf:87:b8:e7:
02:62:f4:6b:5d:6d:cc:a0:95:ac:c7:82:76:b3:2b:52:45:7d:
79:9d:28:69:48:69:09:5a:1c:51:be:7a:76:d3:98:4a:ce:e5:
cf:cd:69:aa:ac:53:78:f3:3f:1d:24:5c:90:0e:9d:9b:c1:92:
ed:35:77:05:cb:f6:87:1f:aa:81:5a:85:65:2d:47:53:9b:ff:
0d:7b:81:ee:36:76:05:ae:55:24:b5:e5:7b:49:86:8c:ab:00:
66:1f:b4:1c:58:2a:7a:bb:c5:a4:29:ed:9a:37:9b:45:89:d5:
4e:2f:b7:92:0a:a7:34:3a:5d:ab:83:63:2b:6e:cd:07:7c:ae:
d5:0c:ea:8a:e3:72:52:4b:79:5f:69:12:f7:30:2d:ff:3a:ef:
2b:73:0a:3d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDALv4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwNTMwMDcwMDMyWhcNMjQwNzAxMDcwMDMyWjAYMRYw
FAYDVQQDEw02NjU4MjQxMy1iMGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8FTxy2sppf00L6Yzmvl/nO19y8RfTzKqyMU8lo2flw/CYfcp8DqsxQOx
soMKNKKKyKk/irfISosFIpHMJWxCzzt6rv43enMbnJBFh9B80zd8d2g3NwRWGPMB
o8EVsQhcHku+askJpJlDVmQLyHvD+jYwU6zCmc6wcUQ2l+22SgSzauZlFVXuoQor
v54MRKYn4UIvupKOuVfJW2lkSn1TwQicZkF7/l1R0rND2dC9pVscB7GIGptuuYzK
E1zWBd2wyrCul63lZEg/KpSy/q3wwYHFvvS9vTrkvb3bYbWP8WeM4TPNn2yo/dui
MW+bIqhWdPYBDa2NgxMT9t01nrfa+wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPPq
Ige/M04KDH9Wk6Vx61YDCdV9MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MDNCRUE0NjFFNTIxMUVGOTNCN0E2MzY3RERDMjRDMi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtGVMA0GCSqGSIb3DQEB
CwUAA4IBAQAX6j4QkK45pelzYYl0sCD1lDVC104/EDvB+NLsP5kVj9R3LPnHgAoI
9aRW+v+UyCgDHESxC3sjhxCsX1gfNnnV818+hkUV9rEHfAfC2XBOQ1c4kZIp6gMF
vfXY+BUyGRi1bcbmwdL1Q8+HuOcCYvRrXW3MoJWsx4J2sytSRX15nShpSGkJWhxR
vnp205hKzuXPzWmqrFN48z8dJFyQDp2bwZLtNXcFy/aHH6qBWoVlLUdTm/8Ne4Hu
NnYFrlUkteV7SYaMqwBmH7QcWCp6u8WkKe2aN5tFidVOL7eSCqc0Ol2rg2Mrbs0H
fK7VDOqK43JSS3lfaRL3MC3/Ou8rcwo9
-----END CERTIFICATE-----
Generated at Wed Jun 26 02:45:00 2024 by rpki-client on console-fra.rpki-client.org