Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/229BA8B8C91211EFBFD749AE762E951A.roa
File: 229BA8B8C91211EFBFD749AE762E951A.roa (raw, json)
Hash identifier: 7/56rexEOb0GGWOSLRJ1zrKSRIElF96xEPtuPCvFxdQ=
Subject key identifier: D2:CC:8F:3E:DE:39:F9:47:8A:82:10:8F:6A:36:84:0F:BF:1A:69:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0132B1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/229BA8B8C91211EFBFD749AE762E951A.roa
Signing time: Thu 02 Jan 2025 14:02:00 +0000
ROA not before: Thu 02 Jan 2025 14:01:56 +0000
ROA not after: Mon 13 Dec 2027 14:01:56 +0000
asID: 17561
IP address blocks: 154.221.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78513 (0x132b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 14:01:56 2025 GMT
Not After : Dec 13 14:01:56 2027 GMT
Subject: CN=67769c58-69c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:30:26:dd:2f:32:4f:f7:21:8f:d6:2e:6d:
b6:be:ae:79:39:e9:80:cf:2f:59:fe:e4:54:8d:08:
27:a2:fe:12:57:67:c9:ba:d5:d6:32:75:01:5d:1b:
2e:ca:6c:37:eb:cf:18:7e:8d:83:65:5e:fd:ed:53:
f9:56:df:35:6e:ad:49:ef:87:27:b1:1a:6e:d0:c0:
db:cb:85:fa:12:40:b8:07:73:f4:ab:d7:4a:d2:81:
c4:38:23:47:ca:da:d5:12:50:a5:79:1d:ca:b8:b2:
f8:df:f8:5f:59:94:03:11:11:97:3f:ad:45:4a:be:
fc:6c:f1:3c:d0:a1:2c:8b:d5:76:9f:88:e8:f3:9e:
8f:35:92:68:43:7e:11:52:12:7c:26:c9:6e:35:48:
dd:ab:e1:7c:91:8e:94:a6:c1:c4:ff:f6:79:f6:4f:
9d:1d:51:84:02:fe:51:df:9c:e5:3d:45:38:24:22:
9a:74:1b:c0:59:bf:19:37:b2:d0:0b:d9:5e:32:16:
cb:6a:b9:3b:89:a7:71:3a:fc:c1:47:a0:45:b6:c1:
3e:86:12:a5:c2:d5:9e:24:b4:c7:88:68:4c:a6:f8:
b1:88:3e:d2:af:92:82:b4:89:f9:64:06:b3:ca:13:
77:8e:f8:5b:44:e0:6f:7e:0e:f1:a3:d1:b4:20:e4:
de:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:CC:8F:3E:DE:39:F9:47:8A:82:10:8F:6A:36:84:0F:BF:1A:69:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/229BA8B8C91211EFBFD749AE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.229.0/24
Signature Algorithm: sha256WithRSAEncryption
43:85:b6:a9:c0:7d:39:d4:08:cc:f8:8a:01:01:a1:01:98:85:
b2:df:5d:b4:33:88:bb:d9:04:82:4e:70:c2:6e:11:91:e2:b3:
61:f5:46:0f:cf:fa:58:68:b4:f3:14:dc:8a:7e:75:fd:97:4f:
0a:8e:e1:3c:15:e9:8f:21:01:2d:22:d9:f7:b1:b4:80:27:de:
ec:14:d4:b5:a4:b2:e1:ea:9b:f5:15:09:ad:e0:ab:59:77:79:
4b:b5:a9:d7:f7:8e:65:f4:31:df:84:05:65:d2:15:c9:79:0e:
39:96:1c:4e:68:05:d5:6d:3d:16:f1:82:2c:c4:e8:f5:36:11:
84:3c:aa:32:7d:14:3c:ca:f9:8e:45:09:d2:62:72:05:44:8a:
e1:9f:b0:0c:05:1c:b9:f9:1d:b6:2f:b8:aa:dd:aa:ef:3c:31:
e5:05:ae:e1:78:71:13:5d:89:8a:44:73:e8:20:c1:0d:c5:e3:
e9:1b:33:e1:b2:e8:5c:19:db:4c:4c:18:5b:f5:dd:81:94:a1:
e2:6e:88:d7:63:ee:66:c8:ee:32:0d:eb:ea:c5:5c:fb:31:08:
14:56:5e:36:cb:fb:f7:fe:db:6f:e1:91:de:2a:68:cc:ce:26:
fb:4e:ed:6f:7c:2a:6f:f5:cd:40:30:91:48:e7:d2:df:59:58:
62:e8:2e:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATKxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTQwMTU2WhcNMjcxMjEzMTQwMTU2WjAYMRYw
FAYDVQQDEw02Nzc2OWM1OC02OWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqhEwJt0vMk/3IY/WLm22vq55OemAzy9Z/uRUjQgnov4SV2fJutXWMnUB
XRsuymw3688Yfo2DZV797VP5Vt81bq1J74cnsRpu0MDby4X6EkC4B3P0q9dK0oHE
OCNHytrVElCleR3KuLL43/hfWZQDERGXP61FSr78bPE80KEsi9V2n4jo856PNZJo
Q34RUhJ8JsluNUjdq+F8kY6UpsHE//Z59k+dHVGEAv5R35zlPUU4JCKadBvAWb8Z
N7LQC9leMhbLark7iadxOvzBR6BFtsE+hhKlwtWeJLTHiGhMpvixiD7Sr5KCtIn5
ZAazyhN3jvhbROBvfg7xo9G0IOTe9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNLM
jz7eOflHioIQj2o2hA+/GmmwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yMjlCQThCOEM5MTIxMUVGQkZENzQ5QUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3lMA0GCSqGSIb3DQEB
CwUAA4IBAQBDhbapwH051AjM+IoBAaEBmIWy3120M4i72QSCTnDCbhGR4rNh9UYP
z/pYaLTzFNyKfnX9l08KjuE8FemPIQEtItn3sbSAJ97sFNS1pLLh6pv1FQmt4KtZ
d3lLtanX945l9DHfhAVl0hXJeQ45lhxOaAXVbT0W8YIsxOj1NhGEPKoyfRQ8yvmO
RQnSYnIFRIrhn7AMBRy5+R22L7iq3arvPDHlBa7heHETXYmKRHPoIMENxePpGzPh
suhcGdtMTBhb9d2BlKHibojXY+5myO4yDevqxVz7MQgUVl42y/v3/ttv4ZHeKmjM
zib7Tu1vfCpv9c1AMJFI59LfWVhi6C5j
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:35:49 2025 by rpki-client