Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/367D5C3AC8BF11EF87C9B2AA762E951A.roa
File: 367D5C3AC8BF11EF87C9B2AA762E951A.roa (raw, json)
Hash identifier: QrmsHqZ90s2iZvhS9clI8/uv6cfFLugaJqMvV1ZakRs=
Subject key identifier: 02:A2:D9:4B:FB:32:76:FE:6A:06:81:78:E5:B6:CD:2E:00:71:01:23
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0131F2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/367D5C3AC8BF11EF87C9B2AA762E951A.roa
Signing time: Thu 02 Jan 2025 04:08:25 +0000
ROA not before: Thu 02 Jan 2025 04:08:22 +0000
ROA not after: Mon 13 Dec 2027 04:08:22 +0000
asID: 17561
IP address blocks: 154.221.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78322 (0x131f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 04:08:22 2025 GMT
Not After : Dec 13 04:08:22 2027 GMT
Subject: CN=67761139-9ff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:78:f4:f3:bc:ff:55:31:f3:5e:61:db:5a:c4:
c1:4e:ef:d9:d4:cb:7c:cf:0e:57:2b:e1:ff:5f:8b:
b4:cd:26:99:8a:62:d9:c5:65:45:e1:4d:12:9b:0c:
de:0f:1c:cd:f8:c4:37:fd:4a:23:75:6d:95:01:38:
99:b1:12:6f:81:86:1a:6a:31:4a:f2:8a:66:a5:34:
22:f5:25:35:77:33:08:fd:8d:4f:5e:af:14:3c:f3:
0f:9c:29:37:bb:92:05:46:05:89:76:db:32:64:9a:
8b:e7:c9:96:4a:13:8d:50:94:46:9c:25:45:72:aa:
ae:83:f0:9c:8c:e4:71:ac:c7:e5:77:22:fa:e9:75:
07:c9:6b:74:4a:da:09:9e:55:de:f3:b9:2f:22:cb:
43:5a:2b:e3:3f:3c:c2:fc:51:eb:f7:f3:bf:68:1d:
83:9b:c0:ac:a7:43:76:34:1d:1c:14:92:b9:4c:8f:
8b:b7:30:97:a7:76:5c:1b:e5:65:5c:fd:4c:17:e5:
9b:6a:bf:60:3b:b1:4e:69:34:b9:65:b2:08:23:ac:
0f:15:11:d2:a4:a3:35:e0:13:7f:3b:2c:7a:07:92:
c6:95:28:6d:ad:c6:fc:a0:89:e4:28:e7:5d:ca:cb:
5b:14:a4:89:89:91:57:1c:2c:a3:7b:96:7c:4e:48:
99:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A2:D9:4B:FB:32:76:FE:6A:06:81:78:E5:B6:CD:2E:00:71:01:23
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/367D5C3AC8BF11EF87C9B2AA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.199.0/24
Signature Algorithm: sha256WithRSAEncryption
02:b8:c4:47:ff:39:42:50:73:8c:cb:10:cf:79:78:7b:ff:60:
68:c2:78:d2:24:4d:7e:87:e7:83:e2:85:de:2d:cd:d7:b8:3d:
8c:3c:88:3b:4a:83:ae:95:b7:ad:14:c7:0b:8f:7c:e4:5a:f4:
be:8f:3d:e2:ff:c4:57:7e:5f:e6:e0:86:ae:18:c2:c8:6b:be:
fe:76:1a:6c:3e:ea:71:79:35:dd:0d:99:b7:c4:87:e8:60:2c:
82:61:33:ea:e5:be:47:b7:2b:43:02:e0:05:01:5a:81:50:92:
c8:ca:ff:f8:88:06:d1:27:7e:5c:7c:ea:10:9d:45:1c:97:41:
2f:4f:1e:4f:4e:d4:dd:79:7e:16:d3:91:8b:1e:f9:68:7a:9a:
41:02:ba:94:d1:f6:a6:bc:50:0f:52:18:08:31:8a:a0:62:81:
24:2d:79:b6:07:94:0a:27:f5:40:1b:0a:a1:ba:71:b3:a0:2c:
3d:dc:ab:a5:06:55:0e:79:27:c0:e9:d9:b4:e4:3a:f8:b3:1e:
c7:30:d3:57:40:34:3a:7e:cb:1a:56:7d:71:29:d8:12:bf:cd:
40:6b:8d:79:ef:71:11:fa:c3:26:08:7a:87:db:bd:83:ef:44:
86:ed:a3:2b:4b:7c:f5:a0:cb:72:23:54:aa:d0:40:8a:97:db:
98:4b:41:2a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATHyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDQwODIyWhcNMjcxMjEzMDQwODIyWjAYMRYw
FAYDVQQDEw02Nzc2MTEzOS05ZmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Xj087z/VTHzXmHbWsTBTu/Z1Mt8zw5XK+H/X4u0zSaZimLZxWVF4U0S
mwzeDxzN+MQ3/UojdW2VATiZsRJvgYYaajFK8opmpTQi9SU1dzMI/Y1PXq8UPPMP
nCk3u5IFRgWJdtsyZJqL58mWShONUJRGnCVFcqqug/CcjORxrMfldyL66XUHyWt0
StoJnlXe87kvIstDWivjPzzC/FHr9/O/aB2Dm8Csp0N2NB0cFJK5TI+LtzCXp3Zc
G+VlXP1MF+Wbar9gO7FOaTS5ZbIII6wPFRHSpKM14BN/Oyx6B5LGlShtrcb8oInk
KOddystbFKSJiZFXHCyje5Z8TkiZCQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAKi
2Uv7Mnb+agaBeOW2zS4AcQEjMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zNjdENUMzQUM4QkYxMUVGODdDOUIyQUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3HMA0GCSqGSIb3DQEB
CwUAA4IBAQACuMRH/zlCUHOMyxDPeXh7/2BownjSJE1+h+eD4oXeLc3XuD2MPIg7
SoOulbetFMcLj3zkWvS+jz3i/8RXfl/m4IauGMLIa77+dhpsPupxeTXdDZm3xIfo
YCyCYTPq5b5HtytDAuAFAVqBUJLIyv/4iAbRJ35cfOoQnUUcl0EvTx5PTtTdeX4W
05GLHvloeppBArqU0famvFAPUhgIMYqgYoEkLXm2B5QKJ/VAGwqhunGzoCw93Kul
BlUOeSfA6dm05Dr4sx7HMNNXQDQ6fssaVn1xKdgSv81Aa41573ER+sMmCHqH272D
70SG7aMrS3z1oMtyI1Sq0ECKl9uYS0Eq
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:12 2025 by rpki-client