Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D24C2CEF2CC11EF8B756F56762E951A.roa
File: 5D24C2CEF2CC11EF8B756F56762E951A.roa (raw, json)
Hash identifier: n8v954/DcdYeCAaLvySK+4VNDeOjqhcFTE59TeXPRgk=
Subject key identifier: 18:F8:4B:74:C0:70:07:F9:81:42:21:D3:2B:13:24:67:44:F5:23:84
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015C69
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D24C2CEF2CC11EF8B756F56762E951A.roa
Signing time: Mon 24 Feb 2025 16:28:22 +0000
ROA not before: Mon 24 Feb 2025 16:28:18 +0000
ROA not after: Fri 03 Oct 2025 16:28:18 +0000
asID: 400619
IP address blocks: 154.210.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89193 (0x15c69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 24 16:28:18 2025 GMT
Not After : Oct 3 16:28:18 2025 GMT
Subject: CN=67bc9e26-7877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ce:94:e5:59:64:d8:cf:6f:c7:9b:49:6d:b0:
5a:c2:21:cb:8c:0a:9a:66:49:25:36:bd:6d:a8:3b:
33:d4:54:9e:b9:b7:d3:b4:aa:19:c2:29:3f:1a:bc:
93:af:24:0b:58:ae:31:a7:f6:70:78:3d:36:dc:ec:
89:95:8b:7f:5f:90:3e:82:fb:ce:4a:35:95:1c:ff:
5b:e5:28:76:d4:ba:3a:d7:e7:10:57:cd:79:21:c4:
92:0b:08:09:6c:d3:4f:08:3c:24:f7:1b:8b:e6:16:
cf:15:a1:74:40:94:87:7d:96:f9:a6:ba:b7:fa:51:
6a:a8:84:ae:c6:4e:49:7e:c5:fd:83:c6:86:7e:44:
d7:d5:51:16:92:bb:38:71:52:2a:d8:aa:e0:a3:93:
92:d3:0f:d0:cb:f6:fa:b5:c4:d5:7d:b5:77:cc:e4:
46:9f:97:25:09:0f:1a:75:77:ca:7a:80:25:71:04:
e9:f9:62:6c:ba:a5:32:5a:42:6c:0f:c5:ff:c8:0d:
86:17:7b:47:d6:17:e3:43:2f:68:5e:d8:82:44:b3:
94:ec:13:de:eb:ab:03:a9:2a:91:fe:c4:98:26:da:
f5:10:2a:77:75:c4:f0:e0:ad:c9:7d:44:cf:5f:51:
d6:23:f3:6b:1a:98:ff:33:5e:e4:61:20:6a:ad:fe:
e9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F8:4B:74:C0:70:07:F9:81:42:21:D3:2B:13:24:67:44:F5:23:84
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5D24C2CEF2CC11EF8B756F56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.2.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:74:58:18:e4:fe:c0:f0:28:c2:6a:39:62:25:f7:8c:d9:e3:
f8:45:2b:61:f5:8f:14:31:c8:c5:87:c3:15:7d:51:78:96:19:
c4:e0:26:a9:ed:ca:8f:22:2b:8f:dd:c2:5a:e4:c6:e2:f4:fe:
c4:72:a3:d9:36:13:ac:a7:a5:37:e0:60:bc:67:a0:d6:ac:df:
33:f3:ad:d2:d2:f4:c8:15:97:b0:1e:59:36:81:7b:ad:fa:19:
b5:2a:a0:3e:33:c6:46:9f:af:d3:96:c6:58:c1:4e:db:75:78:
bd:32:7e:e9:5c:10:02:9c:ca:ff:8b:6f:ec:c2:17:88:b7:03:
fe:1d:8d:49:7f:a1:c6:21:db:86:74:ad:79:06:6c:27:09:1a:
af:8f:8a:cb:eb:bd:14:53:c4:c9:fb:46:dd:75:2b:71:37:8d:
55:fa:6b:29:43:c8:5b:73:79:43:2a:87:97:a6:57:2a:62:cf:
5e:59:10:61:45:41:7e:c0:47:82:d6:06:47:35:a4:ff:d3:6d:
fa:d7:e0:e7:83:83:a6:7f:e3:e5:ea:7a:ce:03:2e:80:04:74:
7c:56:d1:33:0d:96:6e:d1:eb:92:ff:15:33:58:84:95:9b:6b:
6c:79:79:45:be:c6:bd:ed:06:ab:9b:60:e7:69:cb:35:64:ae:
e3:cf:28:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVxpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI0MTYyODE4WhcNMjUxMDAzMTYyODE4WjAYMRYw
FAYDVQQDEw02N2JjOWUyNi03ODc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwc6U5Vlk2M9vx5tJbbBawiHLjAqaZkklNr1tqDsz1FSeubfTtKoZwik/
GryTryQLWK4xp/ZweD023OyJlYt/X5A+gvvOSjWVHP9b5Sh21Lo61+cQV815IcSS
CwgJbNNPCDwk9xuL5hbPFaF0QJSHfZb5prq3+lFqqISuxk5JfsX9g8aGfkTX1VEW
krs4cVIq2Krgo5OS0w/Qy/b6tcTVfbV3zORGn5clCQ8adXfKeoAlcQTp+WJsuqUy
WkJsD8X/yA2GF3tH1hfjQy9oXtiCRLOU7BPe66sDqSqR/sSYJtr1ECp3dcTw4K3J
fUTPX1HWI/NrGpj/M17kYSBqrf7pmwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBj4
S3TAcAf5gUIh0ysTJGdE9SOEMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81RDI0QzJDRUYyQ0MxMUVGOEI3NTZGNTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtICMA0GCSqGSIb3DQEB
CwUAA4IBAQB+dFgY5P7A8CjCajliJfeM2eP4RSth9Y8UMcjFh8MVfVF4lhnE4Cap
7cqPIiuP3cJa5Mbi9P7EcqPZNhOsp6U34GC8Z6DWrN8z863S0vTIFZewHlk2gXut
+hm1KqA+M8ZGn6/TlsZYwU7bdXi9Mn7pXBACnMr/i2/swheItwP+HY1Jf6HGIduG
dK15BmwnCRqvj4rL670UU8TJ+0bddStxN41V+mspQ8hbc3lDKoeXplcqYs9eWRBh
RUF+wEeC1gZHNaT/02361+Dng4Omf+Pl6nrOAy6ABHR8VtEzDZZu0euS/xUzWISV
m2tseXlFvsa97Qarm2Dnacs1ZK7jzyjT
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:33 2025 by rpki-client