Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/298C8E2804CF11F0A8D354A3762E951A.roa
File: 298C8E2804CF11F0A8D354A3762E951A.roa (raw, json)
Hash identifier: 4xlnHJhPNEXVKKUbKjcxWhOESNggYJYVS2ddLPljgek=
Subject key identifier: CA:A2:3E:4E:ED:01:D0:6D:0C:0B:43:B4:18:EC:FF:C8:74:4D:D0:F2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017530
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/298C8E2804CF11F0A8D354A3762E951A.roa
Signing time: Wed 19 Mar 2025 14:33:45 +0000
ROA not before: Wed 19 Mar 2025 14:33:41 +0000
ROA not after: Thu 24 Jul 2025 14:33:41 +0000
asID: 328608
IP address blocks: 154.198.168.0/22 maxlen: 24
154.209.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95536 (0x17530)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 19 14:33:41 2025 GMT
Not After : Jul 24 14:33:41 2025 GMT
Subject: CN=67dad5c9-c00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d9:4f:06:9b:97:82:e9:a8:9d:a5:4f:3a:3a:
bf:7b:79:c1:4e:bb:81:f6:88:12:fd:5f:a6:b4:05:
7e:2e:c4:a6:28:e2:f0:33:43:63:8c:cc:26:d8:25:
9f:62:47:c6:78:83:cd:2e:24:71:42:b9:d0:18:5f:
a0:f9:62:ed:c4:ce:eb:4f:c9:f1:1e:d5:01:78:fb:
7f:53:ae:2d:28:a9:15:b0:c4:d9:a9:27:e5:7f:b6:
50:6a:57:37:e3:dc:6b:4a:f9:4a:0e:ea:4b:7d:ab:
cc:f9:0f:cd:e2:4d:e0:03:c4:8f:69:86:cd:63:c0:
a1:7b:45:a6:3e:d9:02:77:1b:95:c0:f8:b2:9a:91:
8a:2d:13:72:85:ab:ee:bb:7a:cf:30:02:d8:84:65:
d7:b0:f0:0c:63:92:f5:f1:84:8e:47:69:e5:ba:69:
a4:e5:d2:ac:24:4e:4d:4d:e4:2d:e0:10:1f:fb:b2:
89:fb:d1:b2:61:47:4b:6c:98:df:5d:07:e9:4f:8a:
e7:60:f2:16:e0:f6:bd:1b:df:f5:54:08:79:c8:8a:
93:c1:77:28:ba:8c:ce:74:a9:b4:e5:3e:e2:72:eb:
5b:af:c2:26:79:1c:df:81:93:5d:d9:b2:67:f8:da:
dc:97:17:25:31:be:e0:10:67:0f:2b:18:2c:25:ba:
32:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A2:3E:4E:ED:01:D0:6D:0C:0B:43:B4:18:EC:FF:C8:74:4D:D0:F2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/298C8E2804CF11F0A8D354A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.168.0/22
154.209.128.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:c7:2c:34:9b:ed:51:15:72:58:ca:ec:ec:5c:28:3f:80:ee:
83:8e:35:c7:ee:be:45:2e:dd:13:68:e1:fb:a7:72:2d:c0:b7:
59:b0:cc:cf:01:f8:00:c7:23:cd:76:ed:b1:72:53:ca:c2:cc:
7c:d2:85:73:21:f8:c9:ff:8b:33:a7:aa:16:81:30:e9:2b:98:
93:6d:7d:00:aa:84:e8:9f:4e:dd:17:6c:de:af:30:32:f5:a2:
8f:5f:05:8e:3f:b0:cf:ce:3f:4d:7f:bd:c7:90:82:59:d2:da:
7a:48:94:ba:9f:8e:ee:78:7e:24:ae:37:34:68:75:32:38:35:
c4:64:69:ed:12:9f:9d:ab:56:63:1c:c1:fd:0b:a5:b0:41:e2:
b5:75:83:48:34:71:c6:02:64:d1:ed:3e:58:15:f9:2a:cd:9d:
ab:ba:89:95:e0:e5:e3:da:47:53:8d:c0:c8:2d:01:9a:a3:9e:
41:1b:8a:16:8b:00:a2:ab:5a:8b:d2:db:90:cf:3c:a6:22:fb:
5a:ac:b9:10:e4:58:38:d5:54:03:ff:95:f5:61:8e:54:e0:d1:
ad:d6:0c:ba:27:17:43:e4:1a:7d:ac:99:73:ef:f1:b7:54:c6:
84:d1:d5:3e:b1:55:ee:e5:74:54:ed:76:63:ca:99:87:b2:0a:
f7:57:d2:ae
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXUwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzE5MTQzMzQxWhcNMjUwNzI0MTQzMzQxWjAYMRYw
FAYDVQQDEw02N2RhZDVjOS1jMDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtdlPBpuXgumonaVPOjq/e3nBTruB9ogS/V+mtAV+LsSmKOLwM0NjjMwm
2CWfYkfGeIPNLiRxQrnQGF+g+WLtxM7rT8nxHtUBePt/U64tKKkVsMTZqSflf7ZQ
alc349xrSvlKDupLfavM+Q/N4k3gA8SPaYbNY8Che0WmPtkCdxuVwPiympGKLRNy
havuu3rPMALYhGXXsPAMY5L18YSOR2nlummk5dKsJE5NTeQt4BAf+7KJ+9GyYUdL
bJjfXQfpT4rnYPIW4Pa9G9/1VAh5yIqTwXcouozOdKm05T7icutbr8ImeRzfgZNd
2bJn+NrclxclMb7gEGcPKxgsJboyiwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMqi
Pk7tAdBtDAtDtBjs/8h0TdDyMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOThDOEUyODA0Q0YxMUYwQThEMzU0QTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmsaoAwQCmtGAMA0GCSqG
SIb3DQEBCwUAA4IBAQDHxyw0m+1RFXJYyuzsXCg/gO6DjjXH7r5FLt0TaOH7p3It
wLdZsMzPAfgAxyPNdu2xclPKwsx80oVzIfjJ/4szp6oWgTDpK5iTbX0AqoTon07d
F2zerzAy9aKPXwWOP7DPzj9Nf73HkIJZ0tp6SJS6n47ueH4krjc0aHUyODXEZGnt
Ep+dq1ZjHMH9C6WwQeK1dYNINHHGAmTR7T5YFfkqzZ2ruomV4OXj2kdTjcDILQGa
o55BG4oWiwCiq1qL0tuQzzymIvtarLkQ5Fg41VQD/5X1YY5U4NGt1gy6JxdD5Bp9
rJlz7/G3VMaE0dU+sVXu5XRU7XZjypmHsgr3V9Ku
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:40 2025 by rpki-client