Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F1AAE08E30F11EF9751694B762E951A.roa
File: 0F1AAE08E30F11EF9751694B762E951A.roa (raw, json)
Hash identifier: Ue5fomNv2ulK21H1+d/MxY0kK37qhQ6i1zO8xcxgFzc=
Subject key identifier: A8:36:8E:B0:C6:66:7A:2A:66:A0:D9:7F:03:75:04:73:6F:4F:CC:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0150EF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F1AAE08E30F11EF9751694B762E951A.roa
Signing time: Tue 04 Feb 2025 15:45:29 +0000
ROA not before: Tue 04 Feb 2025 15:45:25 +0000
ROA not after: Wed 30 Apr 2025 15:45:25 +0000
asID: 18229
IP address blocks: 154.210.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86255 (0x150ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 15:45:25 2025 GMT
Not After : Apr 30 15:45:25 2025 GMT
Subject: CN=67a23619-72e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:14:bb:f5:50:eb:89:76:6a:bd:82:43:02:98:
5d:2b:56:b3:f0:89:9c:5b:f6:10:7b:54:dd:4e:b8:
14:91:00:9a:ea:d8:db:47:fa:22:8a:7c:d2:76:d7:
c6:19:0b:53:91:a9:46:dd:55:7d:74:eb:cd:c6:17:
00:75:1f:56:a1:b3:f3:22:bb:7a:6e:e1:7c:34:52:
56:e0:8f:a6:25:43:c5:d8:08:e0:d8:e8:d6:18:c7:
c6:07:04:18:c3:5e:62:f8:c3:da:ce:cb:36:bd:29:
77:90:03:a4:8f:8a:b9:b5:1d:bb:3e:e6:43:9c:49:
fc:39:9c:15:17:8f:2e:a0:5f:c4:27:a7:5d:6d:0b:
3d:af:64:08:93:d2:dd:08:75:35:32:db:db:ee:72:
37:b8:df:d3:b9:99:d0:fc:cf:6e:78:20:96:d5:47:
7c:a5:bd:e5:e2:90:b1:b5:c6:bd:04:a4:17:51:9e:
d7:02:58:f2:ad:71:71:41:d0:36:9f:9a:81:c1:58:
35:70:f1:2d:cc:22:db:7e:d4:44:e2:0d:a7:17:eb:
b4:15:62:c8:2b:34:9c:1d:b2:0b:52:40:e2:3e:a7:
07:61:2b:a6:3a:d3:2d:63:36:5a:30:85:74:9d:09:
95:48:b6:69:f7:96:b3:5f:bd:9f:e6:17:00:ee:08:
92:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:36:8E:B0:C6:66:7A:2A:66:A0:D9:7F:03:75:04:73:6F:4F:CC:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F1AAE08E30F11EF9751694B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.221.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a4:4f:91:b0:ab:77:10:d0:30:65:d5:fa:96:89:a5:89:c3:
37:99:84:8c:e6:fc:2f:23:3b:05:19:46:6a:4f:2c:40:81:a0:
bb:1f:7e:fa:c3:1c:aa:3b:f9:a7:ff:f0:ea:1a:d4:77:e3:36:
28:f0:02:87:db:c9:9d:72:23:01:2b:e4:d8:27:46:34:51:62:
bb:b8:ac:03:c5:92:b8:11:0a:5f:6f:7b:f5:72:13:0b:46:1f:
5a:3d:ab:05:43:b0:3e:8a:42:01:4a:89:96:8e:4f:34:48:fe:
b2:72:36:90:3c:be:71:ea:14:2e:f9:71:0e:27:c7:54:47:c0:
58:3c:8d:68:64:73:3f:4e:54:89:76:b9:ca:8d:7c:d8:05:91:
7f:cc:f3:47:0f:f8:22:fe:8a:46:9d:c5:ab:0d:02:e7:c1:b8:
1f:f1:25:c7:83:6b:bd:27:49:07:58:0c:7c:53:45:cf:98:37:
18:5c:b1:5e:b5:a0:2b:9f:25:c8:36:06:87:d2:b6:20:df:b1:
98:82:58:01:87:0e:9a:1a:d5:80:fc:9d:b4:14:8b:20:b2:3f:
86:9a:56:2a:18:ca:af:2c:33:ed:bf:9d:49:bf:1a:18:f8:bd:
6c:a4:fd:84:b4:56:f4:5d:91:2a:8b:64:ec:96:e3:0a:d0:61:
19:94:fa:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVDvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MTU0NTI1WhcNMjUwNDMwMTU0NTI1WjAYMRYw
FAYDVQQDEw02N2EyMzYxOS03MmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzxS79VDriXZqvYJDAphdK1az8ImcW/YQe1TdTrgUkQCa6tjbR/oiinzS
dtfGGQtTkalG3VV9dOvNxhcAdR9WobPzIrt6buF8NFJW4I+mJUPF2Ajg2OjWGMfG
BwQYw15i+MPazss2vSl3kAOkj4q5tR27PuZDnEn8OZwVF48uoF/EJ6ddbQs9r2QI
k9LdCHU1Mtvb7nI3uN/TuZnQ/M9ueCCW1Ud8pb3l4pCxtca9BKQXUZ7XAljyrXFx
QdA2n5qBwVg1cPEtzCLbftRE4g2nF+u0FWLIKzScHbILUkDiPqcHYSumOtMtYzZa
MIV0nQmVSLZp95azX72f5hcA7giS5QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKg2
jrDGZnoqZqDZfwN1BHNvT8xlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRjFBQUUwOEUzMEYxMUVGOTc1MTY5NEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLdMA0GCSqGSIb3DQEB
CwUAA4IBAQAVpE+RsKt3ENAwZdX6lomlicM3mYSM5vwvIzsFGUZqTyxAgaC7H376
wxyqO/mn//DqGtR34zYo8AKH28mdciMBK+TYJ0Y0UWK7uKwDxZK4EQpfb3v1chML
Rh9aPasFQ7A+ikIBSomWjk80SP6ycjaQPL5x6hQu+XEOJ8dUR8BYPI1oZHM/TlSJ
drnKjXzYBZF/zPNHD/gi/opGncWrDQLnwbgf8SXHg2u9J0kHWAx8U0XPmDcYXLFe
taArnyXINgaH0rYg37GYglgBhw6aGtWA/J20FIsgsj+GmlYqGMqvLDPtv51JvxoY
+L1spP2EtFb0XZEqi2TsluMK0GEZlPqL
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:19 2025 by rpki-client