Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14D2A722E06911EFA04BCE84762E951A.roa
File: 14D2A722E06911EFA04BCE84762E951A.roa (raw, json)
Hash identifier: I5YJFRX5R6MCAh30ovHu2TUErSurcUCcxIwf1plFSCM=
Subject key identifier: 25:48:8C:8D:89:59:EC:73:0F:5C:29:C9:95:08:1D:BF:7C:0C:2B:F0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014E80
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14D2A722E06911EFA04BCE84762E951A.roa
Signing time: Sat 01 Feb 2025 06:52:20 +0000
ROA not before: Sat 01 Feb 2025 06:52:16 +0000
ROA not after: Sun 04 Jan 2026 06:52:16 +0000
asID: 211392
IP address blocks: 154.83.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85632 (0x14e80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 1 06:52:16 2025 GMT
Not After : Jan 4 06:52:16 2026 GMT
Subject: CN=679dc4a4-2342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:14:51:32:07:37:6a:1f:e7:b0:c6:1b:bf:c4:
41:cb:7e:94:1f:a7:b3:b0:71:c4:42:46:1e:ae:27:
23:c9:82:0c:15:62:db:2c:25:ea:cb:06:f1:43:09:
8f:94:f8:e7:b1:51:d1:a5:fa:8e:54:be:cf:c8:7e:
9d:ec:ea:bb:68:de:b0:0d:55:9b:e1:dd:69:43:24:
8e:bf:10:fd:2f:09:e3:01:53:a7:a1:12:34:79:91:
49:c2:ef:c3:a6:ef:62:f0:ab:ff:3e:5c:d8:7a:2f:
52:6c:a4:51:7c:3b:04:b5:26:30:24:cd:9e:f0:0b:
ec:e2:e6:a6:ad:c2:bb:69:99:9f:a3:57:7c:9e:db:
8a:a3:4e:9d:b0:a8:f7:8e:e3:d8:da:2b:63:62:fa:
91:65:c7:bd:e7:fe:5c:62:09:10:ee:0b:6f:b9:5c:
fc:43:83:87:eb:12:f5:c8:68:d2:f6:ed:89:2b:d7:
52:14:a2:1e:93:5d:c6:63:22:f4:54:c6:58:81:79:
22:5b:16:ca:e6:2e:d9:29:ff:5b:fe:96:fc:cf:d7:
9f:2f:ec:cb:f6:a1:26:ef:ef:0b:92:0f:79:ed:79:
cd:86:27:1b:aa:0a:48:28:a0:2d:d3:41:da:53:62:
f9:99:64:31:1e:e7:91:1f:8b:6b:ee:e8:2a:81:6c:
2a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:48:8C:8D:89:59:EC:73:0F:5C:29:C9:95:08:1D:BF:7C:0C:2B:F0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/14D2A722E06911EFA04BCE84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.30.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:03:bc:9e:22:4b:16:36:e5:fc:a4:e6:2a:7f:9c:4a:a4:80:
07:e0:ab:1f:71:a8:a3:89:3a:8e:9d:e2:f3:68:d4:22:09:67:
28:0c:da:ce:ce:bd:94:b3:07:ea:17:84:c3:1e:5d:71:a2:57:
3c:e3:fc:dd:20:56:e6:6b:b9:43:ec:8d:84:b3:4e:cc:28:d3:
42:5a:32:0f:c2:a4:15:a7:2f:6b:48:b3:06:2a:64:50:87:1a:
c2:b8:64:50:9f:d9:f4:a5:16:66:b7:d6:e6:72:7b:10:5a:79:
d8:dd:87:92:1f:05:27:ce:f7:ed:75:d4:ea:f2:82:20:6e:bd:
06:ec:92:9a:b3:16:dc:23:4a:1a:54:e6:12:e8:74:1e:7b:99:
2c:c1:e3:dc:4a:eb:5e:d9:d4:8c:2c:9d:61:85:b9:46:a2:eb:
7d:ec:69:0e:6c:7f:01:f6:ec:45:d7:a9:7d:2a:dc:82:16:82:
50:3a:9c:27:32:69:e0:62:fc:f5:a9:64:3d:7b:ce:aa:60:f9:
5e:e2:dd:e4:c2:29:ae:57:66:87:8d:32:43:8a:4c:b4:47:11:
f5:6c:6a:60:97:f5:be:11:b1:2a:31:c1:29:ba:13:ee:c1:76:
c5:9a:cb:3b:fc:96:4e:d2:90:98:02:6f:97:d3:3f:8c:ff:42:
e4:36:83:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU6AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjAxMDY1MjE2WhcNMjYwMTA0MDY1MjE2WjAYMRYw
FAYDVQQDEw02NzlkYzRhNC0yMzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1xRRMgc3ah/nsMYbv8RBy36UH6ezsHHEQkYericjyYIMFWLbLCXqywbx
QwmPlPjnsVHRpfqOVL7PyH6d7Oq7aN6wDVWb4d1pQySOvxD9LwnjAVOnoRI0eZFJ
wu/Dpu9i8Kv/PlzYei9SbKRRfDsEtSYwJM2e8Avs4uamrcK7aZmfo1d8ntuKo06d
sKj3juPY2itjYvqRZce95/5cYgkQ7gtvuVz8Q4OH6xL1yGjS9u2JK9dSFKIek13G
YyL0VMZYgXkiWxbK5i7ZKf9b/pb8z9efL+zL9qEm7+8Lkg957XnNhicbqgpIKKAt
00HaU2L5mWQxHueRH4tr7ugqgWwqNwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCVI
jI2JWexzD1wpyZUIHb98DCvwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNEQyQTcyMkUwNjkxMUVGQTA0QkNFODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlMeMA0GCSqGSIb3DQEB
CwUAA4IBAQDIA7yeIksWNuX8pOYqf5xKpIAH4KsfcaijiTqOneLzaNQiCWcoDNrO
zr2UswfqF4TDHl1xolc84/zdIFbma7lD7I2Es07MKNNCWjIPwqQVpy9rSLMGKmRQ
hxrCuGRQn9n0pRZmt9bmcnsQWnnY3YeSHwUnzvftddTq8oIgbr0G7JKasxbcI0oa
VOYS6HQee5kswePcSute2dSMLJ1hhblGout97GkObH8B9uxF16l9KtyCFoJQOpwn
MmngYvz1qWQ9e86qYPle4t3kwimuV2aHjTJDiky0RxH1bGpgl/W+EbEqMcEpuhPu
wXbFmss7/JZO0pCYAm+X0z+M/0LkNoPF
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:17:03 2025 by rpki-client