Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2958F6ECDFEC11EFB2C7EDAB762E951A.roa
File: 2958F6ECDFEC11EFB2C7EDAB762E951A.roa (raw, json)
Hash identifier: 5Ad5MzdWQStYUWVhsrfwTgwlgt7g6Q32DRnoXsQX5Fw=
Subject key identifier: 64:1C:71:AD:7F:3C:31:82:E8:62:83:2B:38:3F:F6:D0:E3:FE:3C:D4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014DFF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2958F6ECDFEC11EFB2C7EDAB762E951A.roa
Signing time: Fri 31 Jan 2025 15:58:07 +0000
ROA not before: Fri 31 Jan 2025 15:58:03 +0000
ROA not after: Sat 03 Jan 2026 15:58:03 +0000
asID: 40065
IP address blocks: 154.208.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85503 (0x14dff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 31 15:58:03 2025 GMT
Not After : Jan 3 15:58:03 2026 GMT
Subject: CN=679cf30f-b122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:78:ca:47:e6:16:3f:37:b1:cc:bb:6d:83:45:
74:99:05:66:9e:1a:4f:25:c0:ad:41:6a:e4:c5:62:
53:0c:62:a7:cc:f8:a7:95:f8:31:34:76:61:0d:ee:
bf:60:e8:e2:8d:5f:eb:9d:b2:5a:48:6e:d4:6e:31:
b1:da:9f:f0:09:2e:a2:85:6c:d8:bd:2f:97:dc:8e:
1f:1f:07:29:68:f4:de:2c:9d:9d:07:6a:f9:eb:28:
d3:3d:3d:4a:c1:02:d1:b1:a8:96:37:82:75:0f:4e:
88:ef:f1:cc:b8:7f:ba:7f:2e:e9:80:39:c3:4d:ad:
08:b3:b9:8d:0e:42:9e:8a:8c:6c:76:b8:48:98:3e:
a6:73:5e:83:7e:ef:2e:e5:50:19:63:69:2b:4c:ff:
ec:9d:e4:10:06:d3:55:61:22:53:70:72:86:90:d4:
e7:b1:6f:6a:0f:96:3d:5f:9a:a0:d2:01:8a:a7:e4:
21:ed:0e:f0:d3:ea:13:5f:dd:a1:30:15:10:93:a0:
f1:0f:44:77:bc:62:04:dd:98:4e:e4:10:11:32:a9:
ac:ea:fd:2f:cf:c0:f2:7b:97:7a:72:55:f1:72:bd:
51:38:1b:00:9f:7e:a2:8c:9a:88:c9:f1:ad:ae:95:
50:db:e6:a4:78:70:78:c9:61:10:3a:95:ba:01:29:
3f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:1C:71:AD:7F:3C:31:82:E8:62:83:2B:38:3F:F6:D0:E3:FE:3C:D4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2958F6ECDFEC11EFB2C7EDAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.4.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:84:7c:24:ba:ed:76:c5:9c:9d:c7:18:e0:00:f7:24:51:c6:
eb:eb:ca:3f:37:f8:82:f2:ab:dc:b2:20:c8:d1:e9:0d:a5:ae:
d5:3d:72:fd:4e:d8:67:4d:17:ab:71:28:5d:25:86:94:48:24:
d2:a0:c8:4f:45:63:0b:3f:50:3e:71:71:9f:10:8c:30:d4:97:
41:c8:b3:e4:f3:59:97:6c:fa:ff:09:4d:b5:0c:f7:53:19:ac:
e3:3d:e7:02:f0:2a:29:63:da:ed:ab:db:25:9b:17:d4:e3:63:
e6:91:06:aa:10:0e:5f:33:fe:ca:97:f1:ab:f5:ba:5e:f7:b0:
da:ec:df:ac:c5:44:30:28:06:ec:1b:56:c8:d1:d9:44:0a:43:
a1:0b:55:ce:ac:e3:89:e0:d2:b7:ed:83:10:55:31:19:c6:ab:
aa:64:07:80:6e:0b:7b:42:55:8b:4a:60:28:78:49:ed:20:e1:
e2:ef:b4:23:41:41:b4:74:51:8b:62:84:12:79:8e:dd:24:43:
0c:40:28:dc:c8:c5:e0:ee:0d:3d:54:ae:d1:6c:a2:0f:6e:ec:
25:93:1c:03:66:8f:fe:b8:32:a6:1c:0f:44:8d:e6:9c:4c:42:
2b:5e:8b:4d:af:92:8f:cf:8a:e3:0f:25:ec:8f:29:33:0a:0f:
f7:77:57:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAU3/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTMxMTU1ODAzWhcNMjYwMTAzMTU1ODAzWjAYMRYw
FAYDVQQDEw02NzljZjMwZi1iMTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu3jKR+YWPzexzLttg0V0mQVmnhpPJcCtQWrkxWJTDGKnzPinlfgxNHZh
De6/YOjijV/rnbJaSG7UbjGx2p/wCS6ihWzYvS+X3I4fHwcpaPTeLJ2dB2r56yjT
PT1KwQLRsaiWN4J1D06I7/HMuH+6fy7pgDnDTa0Is7mNDkKeioxsdrhImD6mc16D
fu8u5VAZY2krTP/sneQQBtNVYSJTcHKGkNTnsW9qD5Y9X5qg0gGKp+Qh7Q7w0+oT
X92hMBUQk6DxD0R3vGIE3ZhO5BARMqms6v0vz8Dye5d6clXxcr1ROBsAn36ijJqI
yfGtrpVQ2+akeHB4yWEQOpW6ASk/iQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGQc
ca1/PDGC6GKDKzg/9tDj/jzUMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTU4RjZFQ0RGRUMxMUVGQjJDN0VEQUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtAEMA0GCSqGSIb3DQEB
CwUAA4IBAQCohHwkuu12xZydxxjgAPckUcbr68o/N/iC8qvcsiDI0ekNpa7VPXL9
TthnTRercShdJYaUSCTSoMhPRWMLP1A+cXGfEIww1JdByLPk81mXbPr/CU21DPdT
GazjPecC8CopY9rtq9slmxfU42PmkQaqEA5fM/7Kl/Gr9bpe97Da7N+sxUQwKAbs
G1bI0dlECkOhC1XOrOOJ4NK37YMQVTEZxquqZAeAbgt7QlWLSmAoeEntIOHi77Qj
QUG0dFGLYoQSeY7dJEMMQCjcyMXg7g09VK7RbKIPbuwlkxwDZo/+uDKmHA9Ejeac
TEIrXotNr5KPz4rjDyXsjykzCg/3d1d2
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:38:19 2025 by rpki-client