Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/148C1E22C90A11EF9A38147C762E951A.roa
File: 148C1E22C90A11EF9A38147C762E951A.roa (raw, json)
Hash identifier: lkf+gsSpKGedFYOK/DZZ59nknBG+Oy6JuR0sWlnFLp8=
Subject key identifier: FE:DF:4C:76:27:E2:E8:DB:02:0E:E7:4F:5C:12:00:A1:F7:7C:E3:E7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01328B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/148C1E22C90A11EF9A38147C762E951A.roa
Signing time: Thu 02 Jan 2025 13:04:20 +0000
ROA not before: Thu 02 Jan 2025 13:04:17 +0000
ROA not after: Mon 13 Dec 2027 13:04:17 +0000
asID: 17561
IP address blocks: 154.221.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78475 (0x1328b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 13:04:17 2025 GMT
Not After : Dec 13 13:04:17 2027 GMT
Subject: CN=67768ed4-50b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d3:7a:68:a2:56:52:90:28:b7:62:b3:85:71:
42:f1:96:99:33:63:d1:fc:e9:26:af:bb:3c:b5:a5:
be:6e:df:32:d5:37:34:b4:db:ab:06:f4:21:68:f8:
cb:11:6f:31:01:00:51:8b:90:1d:a3:4f:bd:4e:76:
3f:a0:a5:05:55:e5:ee:18:52:eb:89:21:1e:b2:5e:
b4:50:fb:fd:12:1e:e7:f8:a3:9b:04:0e:85:03:19:
02:b8:70:e9:c5:d7:58:60:dd:ec:7e:41:30:a6:e5:
2b:11:54:8e:9d:55:3d:a7:9f:c3:cb:c6:8c:d6:0a:
d5:4a:e4:1f:cb:a6:90:83:41:e5:c8:86:01:78:65:
44:2f:a4:5d:5b:8c:d8:c3:a3:bb:78:dd:25:18:3f:
68:6b:3d:df:45:99:7f:08:ee:84:38:24:51:8f:6b:
45:bb:85:3d:b3:c5:9b:1c:a5:26:35:74:4b:e0:17:
cd:3c:11:28:28:e0:69:80:aa:e6:8a:5f:90:e7:ad:
f8:fe:49:38:96:0f:c8:fb:5e:02:b2:d2:4b:cf:9e:
c8:76:a5:62:5c:cd:4a:98:67:ef:f7:69:cb:04:2b:
18:71:cf:ad:4d:da:0e:bf:b0:0e:47:2b:c7:28:ab:
9b:1e:ad:6c:23:b3:52:bb:43:c9:33:a1:96:b0:01:
58:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:DF:4C:76:27:E2:E8:DB:02:0E:E7:4F:5C:12:00:A1:F7:7C:E3:E7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/148C1E22C90A11EF9A38147C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.210.0/24
Signature Algorithm: sha256WithRSAEncryption
66:b8:40:a3:de:6e:32:9a:2e:17:dd:a1:25:e5:e4:5d:70:b6:
a1:c4:fb:e6:aa:ba:51:1c:e5:e9:92:f8:af:fa:20:b1:14:1a:
4c:f1:a7:a9:ee:ba:09:ba:38:5c:c2:3c:0e:d9:57:26:52:1d:
23:f8:00:d4:69:3b:f3:35:4d:3d:e1:38:94:da:64:f9:cd:e4:
3f:9b:13:bf:22:5a:fd:5b:af:18:19:ad:ce:4f:d5:b2:7c:d1:
23:8f:a3:ef:34:65:ed:ab:fc:61:ad:30:b5:00:fc:c3:17:c6:
ee:eb:2a:b6:57:09:12:5e:ec:dc:7f:80:11:2e:d1:2c:44:b4:
59:c9:75:89:a4:a7:6f:1f:1f:35:38:8f:23:9e:a6:44:62:5b:
83:07:31:69:6f:83:82:4e:1a:c1:33:69:b2:7a:24:f6:e2:ee:
03:9a:cc:f7:f0:14:ca:86:a8:d1:03:14:51:7b:b8:d7:69:21:
d3:09:1c:b2:98:ae:4c:60:e4:b5:b5:18:24:69:47:f3:80:ec:
b7:9d:35:8f:2a:57:b5:cc:2c:11:08:e5:31:2e:64:f5:23:4f:
1f:ac:81:34:41:5b:7f:ee:f7:1a:35:64:ae:60:cc:2c:cb:2f:
5a:27:3b:eb:95:cd:76:dc:b7:53:c5:73:13:fd:13:ee:0a:8f:
88:03:b3:fb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATKLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTMwNDE3WhcNMjcxMjEzMTMwNDE3WjAYMRYw
FAYDVQQDEw02Nzc2OGVkNC01MGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvNN6aKJWUpAot2KzhXFC8ZaZM2PR/Okmr7s8taW+bt8y1Tc0tNurBvQh
aPjLEW8xAQBRi5Ado0+9TnY/oKUFVeXuGFLriSEesl60UPv9Eh7n+KObBA6FAxkC
uHDpxddYYN3sfkEwpuUrEVSOnVU9p5/Dy8aM1grVSuQfy6aQg0HlyIYBeGVEL6Rd
W4zYw6O7eN0lGD9oaz3fRZl/CO6EOCRRj2tFu4U9s8WbHKUmNXRL4BfNPBEoKOBp
gKrmil+Q5634/kk4lg/I+14CstJLz57IdqViXM1KmGfv92nLBCsYcc+tTdoOv7AO
RyvHKKubHq1sI7NSu0PJM6GWsAFY1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFP7f
THYn4ujbAg7nT1wSAKH3fOPnMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNDhDMUUyMkM5MEExMUVGOUEzODE0N0M3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3SMA0GCSqGSIb3DQEB
CwUAA4IBAQBmuECj3m4ymi4X3aEl5eRdcLahxPvmqrpRHOXpkviv+iCxFBpM8aep
7roJujhcwjwO2VcmUh0j+ADUaTvzNU094TiU2mT5zeQ/mxO/Ilr9W68YGa3OT9Wy
fNEjj6PvNGXtq/xhrTC1APzDF8bu6yq2VwkSXuzcf4ARLtEsRLRZyXWJpKdvHx81
OI8jnqZEYluDBzFpb4OCThrBM2myeiT24u4Dmsz38BTKhqjRAxRRe7jXaSHTCRyy
mK5MYOS1tRgkaUfzgOy3nTWPKle1zCwRCOUxLmT1I08frIE0QVt/7vcaNWSuYMws
yy9aJzvrlc123LdTxXMT/RPuCo+IA7P7
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:54:11 2025 by rpki-client