Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DB2D3AAF42111EFA15B916D762E951A.roa
File: 1DB2D3AAF42111EFA15B916D762E951A.roa (raw, json)
Hash identifier: uBAf6vp486DER+7c8sYmsFT8lVihE/sTmsUUn6bpfXg=
Subject key identifier: D7:44:3F:61:DB:83:30:F3:B7:FD:A7:24:FC:9F:E7:F2:79:6A:95:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01619B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DB2D3AAF42111EFA15B916D762E951A.roa
Signing time: Wed 26 Feb 2025 09:07:34 +0000
ROA not before: Wed 26 Feb 2025 09:07:30 +0000
ROA not after: Thu 19 Feb 2026 09:07:30 +0000
asID: 328608
IP address blocks: 154.200.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90523 (0x1619b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:07:30 2025 GMT
Not After : Feb 19 09:07:30 2026 GMT
Subject: CN=67bed9d6-b744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:33:81:00:47:3d:a8:2d:09:81:e3:c0:87:a6:
3b:c8:94:f3:af:78:51:01:d4:95:dd:ac:46:d7:3f:
9b:c8:d2:bc:49:ce:0a:1f:e9:aa:b5:2c:e1:c8:fb:
da:15:e4:cf:66:30:46:a6:01:ba:bb:74:7b:ee:78:
88:ff:41:60:a4:9f:4c:42:d1:5b:ca:66:5a:3a:3a:
91:fa:fb:ed:6b:f6:01:b2:2b:06:fd:a7:42:60:b3:
4b:46:dc:58:8c:8f:c3:61:71:46:14:ad:2d:30:34:
04:24:13:52:04:a2:62:9f:bc:95:b8:c2:22:b0:62:
e5:44:fb:e7:e3:ad:1b:e2:24:fb:0e:9c:e4:48:e4:
08:70:7f:7b:69:0b:16:f3:12:28:04:be:37:f6:f2:
c8:01:be:8e:4b:c1:60:1d:77:3e:5c:38:08:49:6c:
56:d9:67:8f:df:36:88:0d:c6:ca:3c:c3:a4:13:7d:
4b:cd:8e:d1:e7:b3:9c:8f:9c:1b:c1:a6:7a:af:ce:
c6:03:3b:71:e7:78:d4:98:5d:74:19:5b:96:39:f0:
93:15:55:d9:ae:9f:3e:bc:d6:6a:d4:cd:06:89:ea:
55:2d:67:c2:c7:65:9a:2d:f3:84:13:a7:d6:0c:08:
4c:8a:35:79:8d:26:bf:80:43:80:6b:6a:22:ad:b0:
ba:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:44:3F:61:DB:83:30:F3:B7:FD:A7:24:FC:9F:E7:F2:79:6A:95:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1DB2D3AAF42111EFA15B916D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.218.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:fc:62:9b:c7:3f:ae:20:a0:60:bb:43:fe:e1:c2:6d:56:10:
2a:71:30:0d:11:21:b7:bf:56:e2:4d:b8:61:3d:4c:1e:1d:5e:
5b:b2:53:94:fb:77:de:9a:36:4c:d4:95:c9:35:c7:66:3f:fc:
ad:27:cc:8e:1b:ce:af:cd:24:71:56:6b:21:d5:c3:ad:21:24:
c4:98:d9:f5:58:fc:42:f1:86:e2:4d:16:4a:de:c7:d3:1f:2a:
d3:75:6c:fb:c0:51:b4:94:06:ae:b2:51:f5:5a:7e:44:e8:48:
d5:ae:65:10:ea:80:c9:1b:d4:34:fa:fb:42:f2:4e:f8:9f:13:
23:dd:cb:2b:e5:c6:35:bf:68:fd:1f:34:7a:94:d2:8f:f0:f2:
22:df:8d:08:f8:f0:16:a2:54:96:7d:26:05:69:fa:c2:9b:62:
88:1d:0a:da:32:1a:f5:a7:cc:b9:78:d4:49:84:0e:63:77:ca:
58:e6:11:3a:8e:1d:72:61:31:8a:09:54:37:ba:9a:96:91:fc:
7a:22:83:b3:5f:9a:7e:69:e2:65:28:20:b4:6d:be:20:43:7f:
53:5b:58:72:59:33:9e:16:26:aa:61:c1:d5:dc:d1:ab:f7:e4:
73:4d:bc:1f:7a:60:bb:32:ec:91:4c:4f:19:b3:df:c8:21:8b:
1d:6a:10:3c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWGbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDkwNzMwWhcNMjYwMjE5MDkwNzMwWjAYMRYw
FAYDVQQDEw02N2JlZDlkNi1iNzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnzOBAEc9qC0JgePAh6Y7yJTzr3hRAdSV3axG1z+byNK8Sc4KH+mqtSzh
yPvaFeTPZjBGpgG6u3R77niI/0FgpJ9MQtFbymZaOjqR+vvta/YBsisG/adCYLNL
RtxYjI/DYXFGFK0tMDQEJBNSBKJin7yVuMIisGLlRPvn460b4iT7DpzkSOQIcH97
aQsW8xIoBL439vLIAb6OS8FgHXc+XDgISWxW2WeP3zaIDcbKPMOkE31LzY7R57Oc
j5wbwaZ6r87GAztx53jUmF10GVuWOfCTFVXZrp8+vNZq1M0GiepVLWfCx2WaLfOE
E6fWDAhMijV5jSa/gEOAa2oirbC6AwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNdE
P2HbgzDzt/2nJPyf5/J5apXtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xREIyRDNBQUY0MjExMUVGQTE1QjkxNkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjaMA0GCSqGSIb3DQEB
CwUAA4IBAQAL/GKbxz+uIKBgu0P+4cJtVhAqcTANESG3v1biTbhhPUweHV5bslOU
+3femjZM1JXJNcdmP/ytJ8yOG86vzSRxVmsh1cOtISTEmNn1WPxC8YbiTRZK3sfT
HyrTdWz7wFG0lAauslH1Wn5E6EjVrmUQ6oDJG9Q0+vtC8k74nxMj3csr5cY1v2j9
HzR6lNKP8PIi340I+PAWolSWfSYFafrCm2KIHQraMhr1p8y5eNRJhA5jd8pY5hE6
jh1yYTGKCVQ3upqWkfx6IoOzX5p+aeJlKCC0bb4gQ39TW1hyWTOeFiaqYcHV3NGr
9+RzTbwfemC7MuyRTE8Zs9/IIYsdahA8
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:48:23 2025 by rpki-client