Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5242DE70D99C11EF913FD593762E951A.roa
File: 5242DE70D99C11EF913FD593762E951A.roa (raw, json)
Hash identifier: glixZhMUcVc1tOvCyg7RySjGwkasT0Wd259WSp4h7fM=
Subject key identifier: 63:29:BE:A2:80:DF:CE:0E:AD:E6:A0:9A:22:8B:1A:25:27:53:54:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0142A2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5242DE70D99C11EF913FD593762E951A.roa
Signing time: Thu 23 Jan 2025 15:11:29 +0000
ROA not before: Thu 23 Jan 2025 15:11:25 +0000
ROA not after: Tue 13 May 2025 15:11:25 +0000
asID: 138915
IP address blocks: 154.205.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82594 (0x142a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 23 15:11:25 2025 GMT
Not After : May 13 15:11:25 2025 GMT
Subject: CN=67925c21-f37f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:de:9a:1f:83:c6:8f:6d:dd:46:4d:b2:ee:b0:
2d:4a:89:78:57:4f:9a:ee:0f:19:66:cf:46:5c:a7:
d0:7a:0b:31:85:72:56:ef:98:8b:e9:d5:53:24:38:
2e:34:42:95:3e:8f:64:3c:5a:5f:72:8d:41:6f:1e:
a7:8b:6d:41:8c:2a:d7:2f:bd:21:b9:84:af:09:a5:
d6:f7:db:19:8b:02:d4:5a:16:20:2a:ce:e1:94:f2:
0e:b7:a1:e5:0a:af:0c:cf:07:ed:30:d9:6d:ca:7f:
86:b6:dc:b5:cf:56:3d:79:f3:13:da:b7:5e:37:4d:
8e:a4:17:99:74:04:4f:3d:01:28:27:85:bc:a8:59:
c8:e1:90:43:a1:a3:80:ed:57:91:af:d6:f0:c5:6a:
d0:3c:5b:29:dd:86:ce:ce:4a:89:66:7d:a3:8c:38:
04:0c:3b:95:3a:e0:e3:fe:3b:3c:77:6b:ff:c0:0c:
98:ee:3b:1e:35:04:ac:0e:2b:22:20:bd:c8:ad:c4:
ef:47:b3:77:37:25:29:d7:9e:51:2e:80:cd:8c:65:
91:80:15:9b:c0:8d:f4:89:a6:3f:32:2c:48:eb:db:
f4:f2:6f:ae:10:92:17:19:22:5c:bf:7a:9e:fe:1d:
c2:8a:63:ce:52:25:cc:68:d0:22:06:33:85:73:26:
9b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:29:BE:A2:80:DF:CE:0E:AD:E6:A0:9A:22:8B:1A:25:27:53:54:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5242DE70D99C11EF913FD593762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.141.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:ef:37:b5:41:4c:4c:b6:a7:7e:e2:de:71:ba:17:55:74:bb:
86:99:51:ba:c9:58:a1:16:f0:6f:26:95:ab:26:f9:36:d4:69:
a2:ff:58:e4:3b:a4:65:08:4a:8c:8b:11:b9:f6:22:46:31:0e:
30:52:68:e9:88:eb:26:8c:ad:d7:bd:1e:5f:0a:7c:60:fd:77:
85:08:39:46:12:46:40:9a:0f:eb:65:28:85:75:c9:0a:89:d1:
f8:63:5e:21:e3:8b:7b:fe:64:70:c4:25:0d:ad:5e:69:de:ab:
50:02:10:13:d1:16:d0:4f:08:38:f3:ed:37:66:17:33:5e:53:
19:02:b8:5c:d8:ef:96:2e:5c:30:b4:1d:13:54:37:31:70:b8:
46:16:1d:ae:74:90:df:1b:47:96:70:35:2f:15:64:68:77:7f:
e9:8a:d7:54:df:4c:86:bd:21:38:4b:96:d4:2a:46:72:42:c9:
ae:93:35:b5:d2:41:b8:58:0a:8b:df:6d:a7:51:54:0b:5f:43:
7d:af:99:ca:c8:e5:44:85:e7:ac:d5:82:b7:3a:4e:c4:ac:c0:
ee:fe:88:73:d0:62:c8:57:1d:39:8d:c3:ab:a1:14:9d:65:fe:
08:ba:a9:5e:a0:95:5a:56:84:e1:2f:d6:69:4c:ab:f8:97:82:
9f:fd:fc:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUKiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTIzMTUxMTI1WhcNMjUwNTEzMTUxMTI1WjAYMRYw
FAYDVQQDEw02NzkyNWMyMS1mMzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArd6aH4PGj23dRk2y7rAtSol4V0+a7g8ZZs9GXKfQegsxhXJW75iL6dVT
JDguNEKVPo9kPFpfco1Bbx6ni21BjCrXL70huYSvCaXW99sZiwLUWhYgKs7hlPIO
t6HlCq8MzwftMNltyn+Gtty1z1Y9efMT2rdeN02OpBeZdARPPQEoJ4W8qFnI4ZBD
oaOA7VeRr9bwxWrQPFsp3YbOzkqJZn2jjDgEDDuVOuDj/js8d2v/wAyY7jseNQSs
DisiIL3IrcTvR7N3NyUp155RLoDNjGWRgBWbwI30iaY/MixI69v08m+uEJIXGSJc
v3qe/h3CimPOUiXMaNAiBjOFcyab2wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGMp
vqKA384OreagmiKLGiUnU1S/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MjQyREU3MEQ5OUMxMUVGOTEzRkQ1OTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2NMA0GCSqGSIb3DQEB
CwUAA4IBAQC27ze1QUxMtqd+4t5xuhdVdLuGmVG6yVihFvBvJpWrJvk21Gmi/1jk
O6RlCEqMixG59iJGMQ4wUmjpiOsmjK3XvR5fCnxg/XeFCDlGEkZAmg/rZSiFdckK
idH4Y14h44t7/mRwxCUNrV5p3qtQAhAT0RbQTwg48+03ZhczXlMZArhc2O+WLlww
tB0TVDcxcLhGFh2udJDfG0eWcDUvFWRod3/pitdU30yGvSE4S5bUKkZyQsmukzW1
0kG4WAqL322nUVQLX0N9r5nKyOVEhees1YK3Ok7ErMDu/ohz0GLIVx05jcOroRSd
Zf4IuqleoJVaVoThL9ZpTKv4l4Kf/fxY
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:31 2025 by rpki-client