Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/66E90450F45711EFB0721D69762E951A.roa
File: 66E90450F45711EFB0721D69762E951A.roa (raw, json)
Hash identifier: h7h1phrkJELmMy7cnWy1gEEbY5JBYhIg9rq1nelq3L0=
Subject key identifier: B8:A3:22:8C:82:BE:7F:4C:60:50:5C:23:8E:BD:47:B8:89:BC:BD:93
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0164DE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/66E90450F45711EFB0721D69762E951A.roa
Signing time: Wed 26 Feb 2025 15:36:11 +0000
ROA not before: Wed 26 Feb 2025 15:36:04 +0000
ROA not after: Sat 19 Feb 2028 15:36:04 +0000
asID: 17561
IP address blocks: 154.82.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91358 (0x164de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 15:36:04 2025 GMT
Not After : Feb 19 15:36:04 2028 GMT
Subject: CN=67bf34eb-4f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0f:93:2d:5a:dc:00:15:3e:a1:a9:41:77:6f:
31:d1:58:96:cb:6c:e9:da:ae:36:a0:34:db:b5:6e:
cc:a7:d6:8e:3b:ae:45:64:82:f7:a2:cb:24:24:31:
8c:33:a8:22:35:2c:f4:9f:9e:8b:f1:a5:f3:ce:eb:
3f:d4:35:7c:1a:00:67:1b:db:2b:2a:59:2a:ff:89:
a9:9c:aa:68:2c:83:6f:34:a8:17:35:31:97:82:2f:
40:e7:86:41:42:95:8a:fc:16:ac:39:f6:8e:c7:4a:
56:99:64:d7:c3:8a:b1:30:67:56:6d:98:9f:cf:14:
fa:89:00:05:af:1d:a4:0b:c8:e4:57:a0:ed:86:91:
80:07:9d:ed:93:a6:b9:ad:2e:35:fe:ff:63:11:b9:
a2:5d:b3:69:18:e4:37:16:69:48:e5:17:4d:83:40:
55:32:03:cf:4d:22:62:14:18:cf:45:06:10:83:63:
7c:5b:9e:f5:f9:a6:1a:59:f6:03:8d:2a:6b:65:f0:
e3:13:d7:a6:6f:ec:de:90:11:75:76:51:a7:29:48:
0d:6d:d0:c0:a5:16:ba:17:54:ca:d6:20:a4:fd:17:
9c:e6:d8:f4:d0:da:4a:ac:ae:c0:ca:a0:47:ed:8d:
13:c2:41:fe:f5:73:00:d8:6d:aa:ae:86:f8:e4:31:
c0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A3:22:8C:82:BE:7F:4C:60:50:5C:23:8E:BD:47:B8:89:BC:BD:93
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/66E90450F45711EFB0721D69762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.238.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:80:f6:42:07:65:5a:40:0a:53:9b:99:cb:8a:81:2e:c3:c1:
68:8d:90:69:2f:6a:76:f5:1a:86:c2:52:ce:ef:01:03:f8:5e:
6d:fd:98:d9:ee:36:5d:0c:86:34:88:50:db:9b:fa:3c:d5:3e:
42:8a:c5:e9:f6:9b:de:c2:f6:6f:35:45:20:14:f0:82:30:75:
d2:d0:57:ec:8c:26:7b:e7:b0:73:51:2d:59:c7:a0:4b:3d:82:
44:28:6a:46:87:6e:f7:41:f5:89:27:a1:3e:94:a1:0a:62:b4:
c5:86:f4:50:f4:aa:f7:2a:56:a7:21:16:f5:6d:e6:97:62:b8:
bd:33:d6:b0:ae:0b:74:98:ca:4f:be:cd:e2:c3:46:05:d7:f2:
18:78:a3:33:81:bf:d3:e6:33:41:b4:00:1a:ea:5d:22:fc:3f:
b5:f7:f7:b2:12:9f:92:fe:a7:a0:87:e6:80:a7:09:e1:d1:0b:
b0:7e:a5:76:d2:1b:d5:43:0d:0b:13:1f:39:e6:f4:92:50:21:
e9:77:34:fc:31:9e:b9:6c:2d:4b:44:1f:0e:7c:d5:96:09:76:
58:24:da:6c:f3:0d:15:ea:f8:22:1b:89:8f:74:0b:67:42:32:
ba:e2:17:dd:43:fa:60:1d:50:6f:37:1e:4a:2c:c4:7b:09:a7:
92:6e:c8:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWTeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTUzNjA0WhcNMjgwMjE5MTUzNjA0WjAYMRYw
FAYDVQQDEw02N2JmMzRlYi00ZjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsA+TLVrcABU+oalBd28x0ViWy2zp2q42oDTbtW7Mp9aOO65FZIL3ossk
JDGMM6giNSz0n56L8aXzzus/1DV8GgBnG9srKlkq/4mpnKpoLINvNKgXNTGXgi9A
54ZBQpWK/BasOfaOx0pWmWTXw4qxMGdWbZifzxT6iQAFrx2kC8jkV6DthpGAB53t
k6a5rS41/v9jEbmiXbNpGOQ3FmlI5RdNg0BVMgPPTSJiFBjPRQYQg2N8W571+aYa
WfYDjSprZfDjE9emb+zekBF1dlGnKUgNbdDApRa6F1TK1iCk/Rec5tj00NpKrK7A
yqBH7Y0TwkH+9XMA2G2qrob45DHATwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLij
IoyCvn9MYFBcI469R7iJvL2TMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NkU5MDQ1MEY0NTcxMUVGQjA3MjFENjk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLuMA0GCSqGSIb3DQEB
CwUAA4IBAQDXgPZCB2VaQApTm5nLioEuw8FojZBpL2p29RqGwlLO7wED+F5t/ZjZ
7jZdDIY0iFDbm/o81T5CisXp9pvewvZvNUUgFPCCMHXS0FfsjCZ757BzUS1Zx6BL
PYJEKGpGh273QfWJJ6E+lKEKYrTFhvRQ9Kr3KlanIRb1beaXYri9M9awrgt0mMpP
vs3iw0YF1/IYeKMzgb/T5jNBtAAa6l0i/D+19/eyEp+S/qegh+aApwnh0QuwfqV2
0hvVQw0LEx855vSSUCHpdzT8MZ65bC1LRB8OfNWWCXZYJNps8w0V6vgiG4mPdAtn
QjK64hfdQ/pgHVBvNx5KLMR7CaeSbsiz
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:08:54 2025 by rpki-client