Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42CC1662F13611EFB796AC94762E951A.roa
File: 42CC1662F13611EFB796AC94762E951A.roa (raw, json)
Hash identifier: pV5lk1yt7bLBJDaM1SpXgawi1UfcPux2XGIh2ligiWE=
Subject key identifier: E8:FD:E9:53:E7:EC:60:CB:48:65:5B:67:9A:77:0F:22:C2:D6:40:33
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0159E3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42CC1662F13611EFB796AC94762E951A.roa
Signing time: Sat 22 Feb 2025 16:01:22 +0000
ROA not before: Sat 22 Feb 2025 16:01:18 +0000
ROA not after: Wed 30 Apr 2025 16:01:18 +0000
asID: 46071
IP address blocks: 154.210.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88547 (0x159e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 22 16:01:18 2025 GMT
Not After : Apr 30 16:01:18 2025 GMT
Subject: CN=67b9f4d2-1f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c8:15:07:c0:1c:dc:c7:66:94:8e:72:e7:61:
c1:16:87:66:31:9c:3b:3d:e7:2a:9b:17:67:6d:94:
d1:04:e0:c9:ae:ba:28:44:e1:e1:62:76:aa:29:3d:
3f:53:48:cd:b9:56:14:c7:e3:9a:63:2b:97:0a:31:
65:c4:5b:1b:3a:67:53:5d:d9:d4:5d:ad:7c:cb:78:
8a:a7:2c:eb:ba:82:d6:b0:0d:c6:37:ad:d2:91:85:
bd:60:e0:b6:3c:25:3a:27:ae:e0:5f:ae:df:21:66:
3a:82:75:35:0b:27:8d:9f:8f:ee:84:20:97:f3:da:
e0:64:7d:66:80:d3:a2:f2:80:d3:7f:d2:08:d8:5b:
9c:8a:d2:50:68:32:a7:e9:13:6e:22:78:08:c7:80:
90:05:f6:c6:bd:71:5e:75:3a:7e:b4:80:6c:80:6f:
03:bb:71:3e:65:95:07:8a:b8:be:bc:3b:5d:3d:c0:
6d:9a:d9:a0:ee:d5:c4:4c:eb:93:14:c6:21:05:70:
40:0d:eb:76:48:e5:f1:53:e2:98:96:05:02:60:6c:
0b:bb:a5:9f:f9:36:62:54:c1:29:21:18:04:ee:51:
40:c1:08:28:bd:c3:d3:22:a9:6d:4d:0e:45:dc:65:
50:93:6d:14:65:04:43:fe:bf:c9:eb:33:56:42:bd:
d0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:FD:E9:53:E7:EC:60:CB:48:65:5B:67:9A:77:0F:22:C2:D6:40:33
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/42CC1662F13611EFB796AC94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.203.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:76:ee:60:0d:05:3d:8f:59:17:27:b8:9a:8f:4d:fc:ad:75:
5d:f3:4d:54:a7:10:74:1b:a7:97:bc:b7:d4:9b:bd:75:cc:38:
8f:82:87:b3:54:67:46:16:ff:2e:3e:66:f5:b0:ab:cb:0d:80:
b0:fd:48:50:79:5a:8d:d2:8f:0f:08:b7:e2:58:ae:00:07:a8:
32:25:46:da:f3:db:41:96:13:4c:08:c8:ab:01:43:b1:29:5e:
4e:13:5f:52:2d:b1:7f:1b:42:35:f3:9e:b2:54:05:c3:7e:28:
b0:30:82:b7:3c:27:97:15:bb:6e:26:34:5a:7f:e0:ea:5c:11:
40:d5:9d:ea:1d:3a:9f:13:98:d6:93:f5:24:55:ca:17:1b:fc:
4f:8c:2b:f8:aa:06:a1:2a:d8:3f:30:7c:34:ed:98:86:51:e2:
50:ac:a7:98:4d:ad:35:6a:fa:88:c7:97:67:24:38:fb:0a:77:
7a:32:0c:fb:ee:83:10:cd:d1:31:b0:af:14:33:f8:ee:ed:98:
77:bf:74:de:f8:ba:55:d5:fc:28:60:79:ba:ff:0a:cb:d9:89:
50:3b:17:62:2d:83:e0:74:6c:07:a7:55:57:f9:03:63:82:dd:
9a:64:05:a4:b5:e8:29:b6:6c:c6:df:80:61:3a:0d:18:4f:3f:
61:02:92:65
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVnjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjIyMTYwMTE4WhcNMjUwNDMwMTYwMTE4WjAYMRYw
FAYDVQQDEw02N2I5ZjRkMi0xZjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApcgVB8Ac3MdmlI5y52HBFodmMZw7PecqmxdnbZTRBODJrrooROHhYnaq
KT0/U0jNuVYUx+OaYyuXCjFlxFsbOmdTXdnUXa18y3iKpyzruoLWsA3GN63SkYW9
YOC2PCU6J67gX67fIWY6gnU1CyeNn4/uhCCX89rgZH1mgNOi8oDTf9II2FucitJQ
aDKn6RNuIngIx4CQBfbGvXFedTp+tIBsgG8Du3E+ZZUHiri+vDtdPcBtmtmg7tXE
TOuTFMYhBXBADet2SOXxU+KYlgUCYGwLu6Wf+TZiVMEpIRgE7lFAwQgovcPTIqlt
TQ5F3GVQk20UZQRD/r/J6zNWQr3QrQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOj9
6VPn7GDLSGVbZ5p3DyLC1kAzMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MkNDMTY2MkYxMzYxMUVGQjc5NkFDOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLLMA0GCSqGSIb3DQEB
CwUAA4IBAQCldu5gDQU9j1kXJ7iaj038rXVd801UpxB0G6eXvLfUm711zDiPgoez
VGdGFv8uPmb1sKvLDYCw/UhQeVqN0o8PCLfiWK4AB6gyJUba89tBlhNMCMirAUOx
KV5OE19SLbF/G0I1856yVAXDfiiwMIK3PCeXFbtuJjRaf+DqXBFA1Z3qHTqfE5jW
k/UkVcoXG/xPjCv4qgahKtg/MHw07ZiGUeJQrKeYTa01avqIx5dnJDj7Cnd6Mgz7
7oMQzdExsK8UM/ju7Zh3v3Te+LpV1fwoYHm6/wrL2YlQOxdiLYPgdGwHp1VX+QNj
gt2aZAWktegptmzG34BhOg0YTz9hApJl
-----END CERTIFICATE-----
Generated at Fri Apr 11 08:51:02 2025 by rpki-client