Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FBCF9147F0A11EFB1814AB1762E951A.roa
File: 1FBCF9147F0A11EFB1814AB1762E951A.roa (raw, json)
Hash identifier: Ms+EQZK8T4W+v5XXgLFAY3f1kmTOrWNXn3F8t07hhg8=
Subject key identifier: D6:9C:90:7C:B5:38:64:0E:76:C6:F7:98:37:61:12:11:91:D9:ED:5B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: F5A0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FBCF9147F0A11EFB1814AB1762E951A.roa
Signing time: Mon 30 Sep 2024 08:58:13 +0000
ROA not before: Mon 30 Sep 2024 08:58:09 +0000
ROA not after: Wed 17 Sep 2025 08:58:09 +0000
asID: 15169
IP address blocks: 154.82.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Feb 2025 00:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62880 (0xf5a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Sep 30 08:58:09 2024 GMT
Not After : Sep 17 08:58:09 2025 GMT
Subject: CN=66fa6825-7452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:15:41:97:b0:da:c1:75:3e:33:26:b7:b4:5a:
e4:e0:a4:92:5a:00:9e:17:1d:f8:5e:b8:da:b3:05:
41:85:d2:96:bf:e8:82:07:b4:bd:35:ce:a5:b2:dc:
55:b5:6d:ad:2c:60:44:c8:7e:37:fe:e1:ea:6a:23:
a7:0c:55:d1:29:ff:1f:d3:73:a9:6c:a2:88:cb:e5:
ff:8d:f2:7f:53:03:0e:d8:5c:5d:a7:6d:68:64:af:
28:5b:a4:59:d5:c8:99:22:0b:3e:3d:96:34:39:a3:
cc:4e:9c:d0:40:84:25:e1:4a:2a:4c:33:d2:9c:cf:
4c:4d:a9:b1:30:45:0e:38:d4:ab:36:3e:b6:67:ef:
dd:6e:8f:e9:69:b4:51:49:b4:15:d0:7f:b8:79:d7:
f8:37:88:d9:c1:72:49:35:0a:83:71:a1:92:22:24:
c0:8f:ff:3d:39:76:5d:6f:71:a9:0d:1e:a3:49:58:
ea:6a:90:78:00:af:20:62:00:03:21:d0:06:f5:82:
9f:ac:ea:27:1b:46:7c:59:eb:cb:a3:58:a4:70:f3:
16:3a:c8:97:16:d6:22:62:37:26:07:df:a8:37:e0:
2f:c2:38:99:a9:0e:e6:7a:02:74:f8:f3:3c:ba:35:
06:f7:fe:56:b5:06:5a:fe:ae:05:2f:d7:03:69:63:
40:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9C:90:7C:B5:38:64:0E:76:C6:F7:98:37:61:12:11:91:D9:ED:5B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1FBCF9147F0A11EFB1814AB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.133.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:c1:28:6c:6c:1b:86:65:e0:7e:78:75:0a:09:24:39:1c:ec:
bb:b4:4a:46:e0:f7:24:09:e9:92:f0:92:64:65:b2:ad:42:ff:
0f:73:e9:5c:67:f8:48:73:e6:b9:4e:c3:8f:d9:f0:64:54:d1:
ed:08:75:2f:7f:eb:c6:da:0a:75:48:47:66:6c:4c:8e:23:5d:
f3:87:db:0f:3b:55:cc:3c:59:6b:4a:dd:a9:48:b7:6b:f3:cf:
21:95:86:89:4a:65:4b:5c:3c:e0:21:65:00:c8:9f:32:65:b8:
d3:44:15:b8:cf:0b:f1:53:ba:2e:25:ed:e5:a2:5d:db:ac:1c:
ed:e7:7b:9a:4a:38:9f:e6:65:37:7e:eb:8f:3c:53:23:b8:93:
89:ae:eb:f1:11:15:de:ab:13:04:67:e6:df:03:0a:5a:89:e7:
05:c6:eb:e6:a9:e0:b4:ef:57:32:4e:03:7a:86:5d:87:78:b1:
68:75:1b:14:7d:62:2e:41:dd:d7:75:be:bc:af:49:92:11:1d:
89:dd:43:bc:29:b0:61:bc:29:4a:b2:43:d8:9c:5e:c2:98:24:
27:6d:e3:16:04:33:b2:03:9d:58:e6:45:93:35:85:d6:35:01:
1b:41:d3:66:fa:7d:9f:a1:fd:71:79:81:4d:fa:b4:89:06:a9:
e1:8d:4c:64
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAPWgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTMwMDg1ODA5WhcNMjUwOTE3MDg1ODA5WjAYMRYw
FAYDVQQDEw02NmZhNjgyNS03NDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4BVBl7DawXU+Mya3tFrk4KSSWgCeFx34XrjaswVBhdKWv+iCB7S9Nc6l
stxVtW2tLGBEyH43/uHqaiOnDFXRKf8f03OpbKKIy+X/jfJ/UwMO2Fxdp21oZK8o
W6RZ1ciZIgs+PZY0OaPMTpzQQIQl4UoqTDPSnM9MTamxMEUOONSrNj62Z+/dbo/p
abRRSbQV0H+4edf4N4jZwXJJNQqDcaGSIiTAj/89OXZdb3GpDR6jSVjqapB4AK8g
YgADIdAG9YKfrOonG0Z8WevLo1ikcPMWOsiXFtYiYjcmB9+oN+AvwjiZqQ7megJ0
+PM8ujUG9/5WtQZa/q4FL9cDaWNALQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNac
kHy1OGQOdsb3mDdhEhGR2e1bMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRkJDRjkxNDdGMEExMUVGQjE4MTRBQjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlKFMA0GCSqGSIb3DQEB
CwUAA4IBAQCgwShsbBuGZeB+eHUKCSQ5HOy7tEpG4PckCemS8JJkZbKtQv8Pc+lc
Z/hIc+a5TsOP2fBkVNHtCHUvf+vG2gp1SEdmbEyOI13zh9sPO1XMPFlrSt2pSLdr
888hlYaJSmVLXDzgIWUAyJ8yZbjTRBW4zwvxU7ouJe3lol3brBzt53uaSjif5mU3
fuuPPFMjuJOJruvxERXeqxMEZ+bfAwpaiecFxuvmqeC071cyTgN6hl2HeLFodRsU
fWIuQd3Xdb68r0mSER2J3UO8KbBhvClKskPYnF7CmCQnbeMWBDOyA51Y5kWTNYXW
NQEbQdNm+n2fof1xeYFN+rSJBqnhjUxk
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:33 2025 by rpki-client