Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48430A5EF42611EFAB4F4690762E951A.roa
File: 48430A5EF42611EFAB4F4690762E951A.roa (raw, json)
Hash identifier: 4w6MluRjzqEwMy7BjU5ToHTVPRI8+5UkiEFEHRXcfn8=
Subject key identifier: 33:6A:19:C0:A6:9A:2F:AA:27:A1:12:2C:61:00:C7:65:03:D1:A1:93
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0161F7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48430A5EF42611EFAB4F4690762E951A.roa
Signing time: Wed 26 Feb 2025 09:44:33 +0000
ROA not before: Wed 26 Feb 2025 09:44:29 +0000
ROA not after: Thu 19 Feb 2026 09:44:29 +0000
asID: 984
IP address blocks: 154.206.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90615 (0x161f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:44:29 2025 GMT
Not After : Feb 19 09:44:29 2026 GMT
Subject: CN=67bee281-9dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e6:0d:c5:f4:b7:35:a2:08:ab:a1:9e:2f:3d:
cd:eb:29:4f:c3:a0:11:f8:d8:10:85:15:3d:b0:5a:
46:f4:f5:37:83:dd:9c:8e:6e:a6:65:6a:98:f0:af:
46:72:90:95:cb:48:c1:77:8e:96:ed:14:90:2d:75:
5d:08:94:5c:a1:4c:e4:cf:10:9a:8c:aa:d8:20:93:
78:5d:cd:91:7a:b7:fd:9b:58:a9:33:f5:df:01:88:
98:d9:d0:9b:53:df:63:58:f0:74:da:6d:ef:f8:a0:
e6:73:06:08:05:5c:a7:0a:90:67:a7:c4:9d:ed:11:
6c:f6:d1:47:9c:fb:13:3e:d1:69:8c:81:1f:6b:0d:
e6:b6:b1:55:e1:09:8d:e6:2b:cc:43:c7:cb:7e:e8:
62:27:58:10:65:ff:aa:60:4b:85:c4:91:9d:b7:84:
60:3a:8d:4a:3a:5c:2a:7f:69:6d:4f:6d:73:86:51:
28:bb:13:63:1f:6d:ba:b9:da:2e:64:b1:22:f7:81:
c9:3e:19:81:94:ff:4f:21:bd:0d:77:80:f4:3d:bd:
73:5a:1d:10:4a:07:c0:c4:23:eb:78:79:a6:77:07:
eb:22:3f:65:70:bf:71:b2:ed:b0:50:b0:27:f0:3d:
72:ee:1e:9c:91:3f:6f:d8:ba:c1:5b:fd:eb:fb:79:
05:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6A:19:C0:A6:9A:2F:AA:27:A1:12:2C:61:00:C7:65:03:D1:A1:93
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/48430A5EF42611EFAB4F4690762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.249.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:81:ae:a4:8a:23:48:89:b3:8b:0a:98:3d:c0:e1:c6:61:8e:
44:9c:84:17:39:ba:d0:27:86:bd:02:f2:05:25:e8:37:e5:e6:
7c:2f:ee:c2:78:86:93:c9:42:a6:f4:89:f1:ab:1d:67:d1:68:
c5:cf:ed:4c:55:9f:06:e8:4f:20:6b:b5:01:fd:97:dd:e5:af:
57:47:7f:55:0c:a5:cf:2a:0f:9a:d7:e5:99:3e:5f:fd:bc:1d:
63:17:e7:af:f8:cf:b8:e3:21:f6:30:df:55:0c:5b:0a:19:2d:
7e:8d:64:16:d8:50:80:e5:81:f6:4e:ea:67:e1:84:1d:27:09:
ea:88:fa:b1:45:8e:50:3d:aa:5e:3c:83:83:05:a9:c3:12:07:
87:8d:e1:43:2c:00:74:a5:f3:dc:98:21:6d:88:f6:b5:a0:94:
43:51:5d:ad:62:76:aa:eb:40:31:ef:42:54:ee:2a:d5:4a:ae:
f8:0a:30:c2:8f:c1:55:06:01:1a:4f:cf:35:24:fc:8a:69:de:
f6:99:66:47:8a:01:6b:ae:75:7f:56:66:52:e1:4c:e7:07:7d:
d1:86:37:48:93:b7:b9:d9:19:7c:5a:20:a7:e3:21:67:bc:9d:
99:50:0c:8d:4d:56:14:11:95:72:26:4d:12:ab:f3:0f:6c:6f:
12:3c:c1:ff
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWH3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDk0NDI5WhcNMjYwMjE5MDk0NDI5WjAYMRYw
FAYDVQQDEw02N2JlZTI4MS05ZGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2+YNxfS3NaIIq6GeLz3N6ylPw6AR+NgQhRU9sFpG9PU3g92cjm6mZWqY
8K9GcpCVy0jBd46W7RSQLXVdCJRcoUzkzxCajKrYIJN4Xc2Rerf9m1ipM/XfAYiY
2dCbU99jWPB02m3v+KDmcwYIBVynCpBnp8Sd7RFs9tFHnPsTPtFpjIEfaw3mtrFV
4QmN5ivMQ8fLfuhiJ1gQZf+qYEuFxJGdt4RgOo1KOlwqf2ltT21zhlEouxNjH226
udouZLEi94HJPhmBlP9PIb0Nd4D0Pb1zWh0QSgfAxCPreHmmdwfrIj9lcL9xsu2w
ULAn8D1y7h6ckT9v2LrBW/3r+3kF/QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDNq
GcCmmi+qJ6ESLGEAx2UD0aGTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80ODQzMEE1RUY0MjYxMUVGQUI0RjQ2OTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms75MA0GCSqGSIb3DQEB
CwUAA4IBAQCzga6kiiNIibOLCpg9wOHGYY5EnIQXObrQJ4a9AvIFJeg35eZ8L+7C
eIaTyUKm9Inxqx1n0WjFz+1MVZ8G6E8ga7UB/Zfd5a9XR39VDKXPKg+a1+WZPl/9
vB1jF+ev+M+44yH2MN9VDFsKGS1+jWQW2FCA5YH2Tupn4YQdJwnqiPqxRY5QPape
PIODBanDEgeHjeFDLAB0pfPcmCFtiPa1oJRDUV2tYnaq60Ax70JU7irVSq74CjDC
j8FVBgEaT881JPyKad72mWZHigFrrnV/VmZS4UznB33RhjdIk7e52Rl8WiCn4yFn
vJ2ZUAyNTVYUEZVyJk0Sq/MPbG8SPMH/
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:20:15 2025 by rpki-client