Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/15FCCD18C40C11EF83FE4950762E951A.roa
File: 15FCCD18C40C11EF83FE4950762E951A.roa (raw, json)
Hash identifier: qGk+9MosVLd+4/Thaje6wlzSYygeLlGWP94y1DbrH1c=
Subject key identifier: C7:52:76:0F:E4:EF:1D:EE:A5:83:A1:53:8E:83:43:F5:84:20:49:13
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01291F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/15FCCD18C40C11EF83FE4950762E951A.roa
Signing time: Fri 27 Dec 2024 04:36:06 +0000
ROA not before: Fri 27 Dec 2024 04:36:02 +0000
ROA not after: Fri 12 Dec 2025 04:36:02 +0000
asID: 984
IP address blocks: 154.196.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76063 (0x1291f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 04:36:02 2024 GMT
Not After : Dec 12 04:36:02 2025 GMT
Subject: CN=676e2eb6-d616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:07:9a:1a:fc:99:ae:c3:b8:ae:c1:15:bd:f1:
fb:f3:60:2f:36:12:2a:f7:36:2a:62:83:36:1d:97:
85:7b:df:23:b8:d1:32:ea:27:6d:f1:39:c2:09:79:
59:81:53:dd:7a:22:47:09:e3:68:e8:f3:20:01:11:
ff:7e:ec:1a:c1:7c:c6:5a:10:df:89:95:5a:de:f1:
88:f8:ef:81:db:26:79:e2:75:1f:6e:b7:e8:27:28:
69:e2:8d:6a:84:ff:6a:b6:13:68:5c:e3:52:66:b6:
a2:ad:93:66:c1:52:2c:22:69:1a:5f:4e:fb:3c:d0:
7d:fd:b4:b2:20:d1:fe:96:9c:5b:a1:a3:5c:32:84:
6d:9a:fc:16:9b:ce:d7:86:cc:da:e1:09:60:50:b8:
ed:15:3d:75:a3:c4:47:e8:19:e2:de:b8:cf:73:64:
ae:da:80:e3:da:c5:42:c5:5b:9f:c9:31:c1:82:e8:
5f:e4:68:ea:ce:24:1c:dc:1f:9a:6e:c1:60:df:4f:
eb:49:44:78:ad:c0:de:4b:5d:48:52:6f:3a:a3:49:
85:1e:8b:93:d4:4b:81:3e:32:07:87:56:d6:ae:db:
4e:8a:20:5e:38:a0:41:92:de:a8:8a:2e:06:44:5f:
df:77:5d:19:52:9f:6e:00:f1:1a:4d:fa:91:ec:2d:
b0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:52:76:0F:E4:EF:1D:EE:A5:83:A1:53:8E:83:43:F5:84:20:49:13
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/15FCCD18C40C11EF83FE4950762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.217.0/24
Signature Algorithm: sha256WithRSAEncryption
20:4b:4c:03:fa:8c:60:9f:ad:66:9d:fa:98:ed:4c:bb:73:ce:
aa:77:0f:30:8d:ea:ad:b3:48:f2:03:c5:40:42:57:e1:0a:fc:
50:82:84:62:0f:64:40:17:c1:68:20:49:44:3b:c8:b2:35:b3:
8d:bd:32:17:b0:9d:d3:d0:46:f1:5d:18:34:44:9b:f8:9f:1a:
c2:83:28:09:53:e4:9b:ac:1a:75:8b:ea:9f:44:b3:aa:88:a8:
b8:e6:82:73:f2:db:65:4f:fa:f7:39:64:0e:67:ad:b9:c4:f1:
0d:54:ea:db:e3:67:1e:06:a1:58:fc:9f:28:64:e7:4e:b4:96:
92:cc:3c:7b:23:f3:dd:97:3b:0f:ce:b1:59:c0:77:f4:a4:8a:
45:f3:8d:db:ce:2e:cc:1b:a1:fe:6c:5e:b1:d8:4e:c2:78:e8:
66:cd:07:49:15:14:c6:30:ce:ce:31:b5:07:de:cd:74:22:10:
7c:73:86:5b:75:10:00:4f:fd:f7:f3:b7:09:5c:88:17:84:cf:
56:96:37:ae:57:09:21:75:06:9f:4b:c4:c5:84:bf:ef:6f:60:
66:e9:54:a0:f9:49:d9:76:a4:44:38:a1:0e:07:33:b1:3f:3c:
dd:61:b0:88:40:81:73:56:8a:03:50:15:6e:95:2e:02:79:bf:
1e:4a:a0:43
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASkfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDQzNjAyWhcNMjUxMjEyMDQzNjAyWjAYMRYw
FAYDVQQDEw02NzZlMmViNi1kNjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0geaGvyZrsO4rsEVvfH782AvNhIq9zYqYoM2HZeFe98juNEy6idt8TnC
CXlZgVPdeiJHCeNo6PMgARH/fuwawXzGWhDfiZVa3vGI+O+B2yZ54nUfbrfoJyhp
4o1qhP9qthNoXONSZrairZNmwVIsImkaX077PNB9/bSyINH+lpxboaNcMoRtmvwW
m87Xhsza4QlgULjtFT11o8RH6Bni3rjPc2Su2oDj2sVCxVufyTHBguhf5GjqziQc
3B+absFg30/rSUR4rcDeS11IUm86o0mFHouT1EuBPjIHh1bWrttOiiBeOKBBkt6o
ii4GRF/fd10ZUp9uAPEaTfqR7C2w4wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMdS
dg/k7x3upYOhU46DQ/WEIEkTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNUZDQ0QxOEM0MEMxMUVGODNGRTQ5NTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsTZMA0GCSqGSIb3DQEB
CwUAA4IBAQAgS0wD+oxgn61mnfqY7Uy7c86qdw8wjeqts0jyA8VAQlfhCvxQgoRi
D2RAF8FoIElEO8iyNbONvTIXsJ3T0EbxXRg0RJv4nxrCgygJU+SbrBp1i+qfRLOq
iKi45oJz8ttlT/r3OWQOZ625xPENVOrb42ceBqFY/J8oZOdOtJaSzDx7I/PdlzsP
zrFZwHf0pIpF843bzi7MG6H+bF6x2E7CeOhmzQdJFRTGMM7OMbUH3s10IhB8c4Zb
dRAAT/3387cJXIgXhM9WljeuVwkhdQafS8TFhL/vb2Bm6VSg+UnZdqREOKEOBzOx
PzzdYbCIQIFzVooDUBVulS4Ceb8eSqBD
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:41 2025 by rpki-client