Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0121F914F42111EFAE14896B762E951A.roa
File: 0121F914F42111EFAE14896B762E951A.roa (raw, json)
Hash identifier: rkPmana7G697n4kgMYD5V0Em5+yViQo7QICCx2RisR0=
Subject key identifier: BA:3F:68:E2:FC:10:24:9A:65:23:5D:DA:20:DF:B2:A3:F5:B0:1C:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016199
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0121F914F42111EFAE14896B762E951A.roa
Signing time: Wed 26 Feb 2025 09:06:46 +0000
ROA not before: Wed 26 Feb 2025 09:06:43 +0000
ROA not after: Thu 19 Feb 2026 09:06:43 +0000
asID: 984
IP address blocks: 154.206.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90521 (0x16199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:06:43 2025 GMT
Not After : Feb 19 09:06:43 2026 GMT
Subject: CN=67bed9a6-4e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d3:62:d3:14:e1:15:3a:ba:14:90:a7:8a:c4:
0d:47:b7:c9:f1:e8:26:6c:58:58:c9:a0:0f:0b:27:
67:b1:48:c6:cd:4e:64:f6:e2:95:6d:bc:8c:bc:65:
63:9b:b6:19:f7:8f:fd:09:32:dc:f9:da:66:21:a2:
b8:53:10:3d:d3:42:d6:c8:cb:ba:ef:0c:64:c9:6f:
37:bb:5f:ad:b8:a2:6e:b1:ce:b1:13:63:94:bf:4b:
9e:0f:d3:72:a1:8c:d3:21:69:53:d8:7f:d3:fd:cb:
7e:3e:8b:3e:75:94:0e:cf:c9:11:e4:f2:26:de:61:
fb:96:8e:71:c4:63:71:54:c9:cc:b9:b9:c9:45:ab:
1f:44:43:73:7d:dd:9e:cf:63:d5:64:d6:46:24:5d:
c1:5f:b9:cc:20:28:3e:39:65:cb:21:d5:3b:26:13:
6c:bd:42:5a:13:aa:06:47:a8:7a:79:8a:6e:76:1e:
c3:c0:0b:d4:a8:b7:89:ec:44:da:d7:f4:17:15:31:
1b:75:48:24:cf:4a:f0:6c:fe:62:c2:a1:6f:df:72:
0f:3e:92:99:9a:92:c2:95:58:95:d7:70:df:3c:3d:
6a:b3:19:6d:1d:58:3c:8b:35:63:84:ea:42:da:dd:
17:c4:e0:a1:fc:22:80:7b:cb:6d:dc:17:a3:8e:fb:
56:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3F:68:E2:FC:10:24:9A:65:23:5D:DA:20:DF:B2:A3:F5:B0:1C:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0121F914F42111EFAE14896B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.226.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:64:80:41:0a:54:56:24:c3:87:4e:73:5b:f5:e8:cf:61:9e:
b6:3f:2d:dc:b5:46:ce:2e:34:e3:0b:56:78:24:58:d1:42:6b:
12:a2:7a:96:f7:6a:fc:f7:e2:84:19:85:d0:3a:fa:c3:b9:f5:
53:6f:ce:1e:a0:b1:c4:75:9e:6b:3f:c4:57:3b:f4:33:ef:7a:
39:49:45:2e:23:d2:69:29:f2:a5:6f:83:db:65:f2:3c:51:9f:
b2:94:9b:a9:61:4d:e8:45:c5:d9:2e:99:8e:02:5a:ec:e3:4a:
38:71:0b:35:86:37:3b:b8:00:ba:77:8f:f3:54:7b:e0:f6:5a:
d7:93:7e:cb:c8:5f:37:07:d5:2a:ca:14:e7:8b:4f:c9:53:51:
37:c3:3f:03:9d:2e:0e:93:ec:51:44:e0:24:21:63:b8:93:0f:
17:ed:eb:57:ff:6b:20:59:b5:37:48:c3:a3:8f:39:d9:8c:7f:
ec:0e:4b:d0:d0:f9:c3:f7:72:5d:03:50:6a:ff:4f:1e:6b:27:
4b:2b:d6:bb:46:85:27:ab:94:9b:cb:fd:bd:ab:2d:82:a6:4c:
80:82:b7:df:0d:37:ab:ea:97:87:ba:6b:62:b6:e7:93:ba:e9:
57:4e:34:82:ac:4a:53:bc:ea:64:fb:77:c5:0c:c4:88:27:13:
b7:fc:d7:bf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWGZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDkwNjQzWhcNMjYwMjE5MDkwNjQzWjAYMRYw
FAYDVQQDEw02N2JlZDlhNi00ZTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA19Ni0xThFTq6FJCnisQNR7fJ8egmbFhYyaAPCydnsUjGzU5k9uKVbbyM
vGVjm7YZ94/9CTLc+dpmIaK4UxA900LWyMu67wxkyW83u1+tuKJusc6xE2OUv0ue
D9NyoYzTIWlT2H/T/ct+Pos+dZQOz8kR5PIm3mH7lo5xxGNxVMnMubnJRasfRENz
fd2ez2PVZNZGJF3BX7nMICg+OWXLIdU7JhNsvUJaE6oGR6h6eYpudh7DwAvUqLeJ
7ETa1/QXFTEbdUgkz0rwbP5iwqFv33IPPpKZmpLClViV13DfPD1qsxltHVg8izVj
hOpC2t0XxOCh/CKAe8tt3BejjvtWuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLo/
aOL8ECSaZSNd2iDfsqP1sBzaMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMTIxRjkxNEY0MjExMUVGQUUxNDg5NkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms7iMA0GCSqGSIb3DQEB
CwUAA4IBAQCPZIBBClRWJMOHTnNb9ejPYZ62Py3ctUbOLjTjC1Z4JFjRQmsSonqW
92r89+KEGYXQOvrDufVTb84eoLHEdZ5rP8RXO/Qz73o5SUUuI9JpKfKlb4PbZfI8
UZ+ylJupYU3oRcXZLpmOAlrs40o4cQs1hjc7uAC6d4/zVHvg9lrXk37LyF83B9Uq
yhTni0/JU1E3wz8DnS4Ok+xRROAkIWO4kw8X7etX/2sgWbU3SMOjjznZjH/sDkvQ
0PnD93JdA1Bq/08eaydLK9a7RoUnq5Sby/29qy2CpkyAgrffDTer6peHumtitueT
uulXTjSCrEpTvOpk+3fFDMSIJxO3/Ne/
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:48 2025 by rpki-client