Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32C1BD5EC41711EFBD9C3C94762E951A.roa
File: 32C1BD5EC41711EFBD9C3C94762E951A.roa (raw, json)
Hash identifier: IaVb0Ws0zETbsmFS+91OHfIFc8bntLNwmqTjXvOP64c=
Subject key identifier: DC:F2:B2:E7:3C:4D:5C:66:39:6D:4E:54:0E:39:7E:43:6C:CB:C8:E9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012967
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32C1BD5EC41711EFBD9C3C94762E951A.roa
Signing time: Fri 27 Dec 2024 05:55:39 +0000
ROA not before: Fri 27 Dec 2024 05:55:35 +0000
ROA not after: Fri 12 Dec 2025 05:55:35 +0000
asID: 984
IP address blocks: 154.197.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76135 (0x12967)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 05:55:35 2024 GMT
Not After : Dec 12 05:55:35 2025 GMT
Subject: CN=676e415b-1c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2f:bc:4c:2d:3c:f3:85:b2:29:37:b8:8a:17:
05:64:60:51:94:5e:db:42:2d:85:05:4f:14:27:40:
ca:ce:89:0e:f6:ac:19:4f:a1:12:ac:cc:4c:48:22:
5e:35:46:63:7f:96:26:76:6a:29:5a:c3:99:2a:e2:
9e:cd:64:b7:5e:d5:ac:90:30:07:52:88:6e:1b:32:
41:ab:39:bb:4e:b3:08:ca:65:72:0a:eb:b6:55:dc:
2c:8a:dd:ae:94:a9:99:4f:24:49:d7:f7:73:8f:22:
80:58:ae:b1:61:f5:c7:8a:f6:c0:7b:af:c3:b1:2a:
68:39:82:20:26:f5:e5:e3:a4:25:91:4b:3d:f0:42:
e6:40:89:74:b7:a7:b3:41:d7:1b:ee:fb:33:42:28:
54:6d:1d:ea:9e:e7:cb:e4:85:50:a8:3d:b3:d4:ca:
3f:d0:7f:5f:fb:82:92:48:66:00:ed:e9:6c:08:6a:
c0:a6:de:31:a3:da:99:3a:cc:e9:98:eb:98:ea:ee:
1a:bb:63:c7:f0:18:77:94:de:41:94:03:d7:5d:b9:
d5:9c:80:ea:5d:28:7d:1c:79:0d:1e:55:37:96:d0:
77:8c:17:19:39:8d:e0:11:d0:e0:a2:a0:dd:af:88:
28:f9:10:9e:36:b1:1c:72:5a:85:a3:74:5d:91:f7:
9c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F2:B2:E7:3C:4D:5C:66:39:6D:4E:54:0E:39:7E:43:6C:CB:C8:E9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/32C1BD5EC41711EFBD9C3C94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.86.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c2:85:4a:77:22:59:6b:ad:bf:a4:1a:5a:c4:c2:7f:21:a3:
8f:a1:04:82:8a:f9:57:ec:b3:5f:41:dd:bb:42:ac:c1:47:5a:
3b:d2:5f:8d:6e:e8:ab:2b:99:72:b5:fb:5f:60:25:cd:fd:fd:
03:20:a1:7f:c0:da:e4:0c:89:e8:9d:e9:a8:3b:b2:3d:14:5b:
52:8b:29:e5:5d:e9:7f:3a:90:2f:1a:b7:7d:ea:a6:4c:8d:42:
5e:ed:bf:6d:90:df:87:0a:3e:fd:f1:e7:cb:7b:5f:1a:b6:88:
dd:3d:8d:a1:ee:c8:9c:b8:9f:f8:2f:08:8c:de:0d:48:5e:b0:
3c:d4:c5:c4:09:d7:21:60:51:af:70:af:6b:46:04:e9:2a:b3:
3c:66:0d:f9:54:65:45:22:16:fd:67:f2:2d:e5:fd:eb:5e:8c:
9d:a1:8d:a8:48:de:52:84:09:8b:4f:d8:41:59:80:e6:b0:d4:
66:04:98:78:54:2b:a9:c2:d9:b9:04:9a:85:3f:b3:85:9e:f8:
c1:ee:ed:e6:76:b5:cd:42:2a:84:85:31:c2:00:d9:1f:05:7d:
2e:a2:c5:d1:27:85:01:ad:44:e9:c6:2c:c5:e1:84:f9:88:16:
0f:19:71:0d:7d:2b:60:24:80:a6:bb:a6:d9:73:1d:f9:c3:58:
99:dd:4a:21
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASlnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDU1NTM1WhcNMjUxMjEyMDU1NTM1WjAYMRYw
FAYDVQQDEw02NzZlNDE1Yi0xYzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1S+8TC0884WyKTe4ihcFZGBRlF7bQi2FBU8UJ0DKzokO9qwZT6ESrMxM
SCJeNUZjf5YmdmopWsOZKuKezWS3XtWskDAHUohuGzJBqzm7TrMIymVyCuu2Vdws
it2ulKmZTyRJ1/dzjyKAWK6xYfXHivbAe6/DsSpoOYIgJvXl46QlkUs98ELmQIl0
t6ezQdcb7vszQihUbR3qnufL5IVQqD2z1Mo/0H9f+4KSSGYA7elsCGrApt4xo9qZ
OszpmOuY6u4au2PH8Bh3lN5BlAPXXbnVnIDqXSh9HHkNHlU3ltB3jBcZOY3gEdDg
oqDdr4go+RCeNrEcclqFo3RdkfecBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNzy
suc8TVxmOW1OVA45fkNsy8jpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMkMxQkQ1RUM0MTcxMUVGQkQ5QzNDOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVWMA0GCSqGSIb3DQEB
CwUAA4IBAQBgwoVKdyJZa62/pBpaxMJ/IaOPoQSCivlX7LNfQd27QqzBR1o70l+N
buirK5lytftfYCXN/f0DIKF/wNrkDInonemoO7I9FFtSiynlXel/OpAvGrd96qZM
jUJe7b9tkN+HCj798efLe18atojdPY2h7sicuJ/4LwiM3g1IXrA81MXECdchYFGv
cK9rRgTpKrM8Zg35VGVFIhb9Z/It5f3rXoydoY2oSN5ShAmLT9hBWYDmsNRmBJh4
VCupwtm5BJqFP7OFnvjB7u3mdrXNQiqEhTHCANkfBX0uosXRJ4UBrUTpxizF4YT5
iBYPGXENfStgJICmu6bZcx35w1iZ3Uoh
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:33 2025 by rpki-client