Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/680A21BEC91111EFA5AAEBA9762E951A.roa
File: 680A21BEC91111EFA5AAEBA9762E951A.roa (raw, json)
Hash identifier: SMoN/vX4nY+KaVCN4BVZU1CG+0YGv42HvFx/1uqOX3g=
Subject key identifier: FA:D7:7D:4D:4C:02:B8:43:16:45:2C:FB:61:9D:FD:03:18:C4:AD:ED
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0132AB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/680A21BEC91111EFA5AAEBA9762E951A.roa
Signing time: Thu 02 Jan 2025 13:56:47 +0000
ROA not before: Thu 02 Jan 2025 13:56:43 +0000
ROA not after: Mon 13 Dec 2027 13:56:43 +0000
asID: 17561
IP address blocks: 154.221.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78507 (0x132ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 13:56:43 2025 GMT
Not After : Dec 13 13:56:43 2027 GMT
Subject: CN=67769b1f-d9d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:53:96:b3:6b:3d:7d:24:7b:0a:9f:43:dc:52:
03:a5:e0:5f:17:4a:63:9e:7d:91:7a:09:8d:26:65:
06:7b:e0:00:26:a8:51:94:59:ed:d4:f1:96:36:22:
08:01:2b:d8:a3:f4:50:dc:1a:16:6b:c5:73:27:07:
9a:03:22:f3:95:06:3c:b7:a7:77:c5:7e:43:0b:4d:
05:99:b8:41:f8:c8:71:ac:4f:fe:3f:83:ea:33:f9:
2c:94:5f:09:fe:a8:fe:c9:fb:00:16:04:4e:a6:94:
df:78:15:2e:62:0f:bc:fc:4f:9b:78:40:13:30:0f:
97:63:5a:10:8f:65:2a:dc:bd:c2:c7:59:04:97:63:
4a:cc:ff:4a:26:0f:62:37:77:90:4d:cd:45:35:cd:
9d:21:75:d7:46:1e:dd:4c:0e:0b:ee:fd:7d:c7:79:
fb:6c:6f:00:e9:ef:37:b5:73:48:7f:84:c7:3e:90:
4b:04:7e:1c:8d:6b:32:dc:33:16:c1:a1:9d:76:4b:
f3:31:ac:63:aa:47:58:83:89:6b:aa:1f:92:8a:6e:
8d:68:98:04:fb:b3:69:6a:9f:82:02:2f:fe:72:5e:
5d:65:4c:a1:65:c3:9d:08:5a:74:39:3f:e9:e1:e2:
47:e5:8e:86:8b:4d:55:f3:d8:ba:b2:2a:64:2e:cd:
1a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D7:7D:4D:4C:02:B8:43:16:45:2C:FB:61:9D:FD:03:18:C4:AD:ED
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/680A21BEC91111EFA5AAEBA9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.226.0/24
Signature Algorithm: sha256WithRSAEncryption
23:71:bb:52:ed:25:89:ba:04:87:c8:a6:c8:85:e6:2a:fa:c3:
f3:c9:1d:fe:2a:bb:17:57:55:8c:cf:b6:16:cb:91:6a:aa:9f:
99:34:36:f5:48:87:fd:22:52:32:6f:27:cd:4f:b7:fe:4e:9c:
53:88:a2:49:e2:ae:82:4c:11:24:57:e8:ce:db:8e:77:a9:1e:
ee:f8:91:da:c7:23:3a:71:50:c0:bc:4a:8b:60:5a:64:6c:cb:
e5:a7:1c:a1:fa:f4:98:d0:65:d3:6a:7c:7a:4e:c8:b0:17:0c:
fc:0f:26:d5:f4:84:86:9e:18:8f:b0:88:79:82:6d:11:6c:d0:
f8:dc:56:08:25:8f:26:05:86:e9:a8:7b:b7:6c:59:39:e6:49:
b8:93:80:60:25:08:37:42:ee:dc:f8:de:1a:68:d0:ca:05:06:
11:ec:12:5e:a3:ae:91:f3:f5:4f:34:a4:77:46:04:64:b3:28:
2d:6c:0e:d8:61:7f:56:3b:e6:87:fa:50:a3:8d:b9:bd:32:24:
63:8d:5c:da:d5:f7:1a:e3:ed:72:8c:fd:84:fd:9e:3b:76:9b:
c2:08:2b:9c:9f:b3:8d:ac:41:66:bf:ce:65:44:3e:01:86:aa:
91:cc:a4:f7:eb:3f:74:e3:63:41:4c:82:f3:8c:01:51:c6:cb:
24:d3:59:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATKrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTM1NjQzWhcNMjcxMjEzMTM1NjQzWjAYMRYw
FAYDVQQDEw02Nzc2OWIxZi1kOWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr1OWs2s9fSR7Cp9D3FIDpeBfF0pjnn2RegmNJmUGe+AAJqhRlFnt1PGW
NiIIASvYo/RQ3BoWa8VzJweaAyLzlQY8t6d3xX5DC00FmbhB+MhxrE/+P4PqM/ks
lF8J/qj+yfsAFgROppTfeBUuYg+8/E+beEATMA+XY1oQj2Uq3L3Cx1kEl2NKzP9K
Jg9iN3eQTc1FNc2dIXXXRh7dTA4L7v19x3n7bG8A6e83tXNIf4THPpBLBH4cjWsy
3DMWwaGddkvzMaxjqkdYg4lrqh+Sim6NaJgE+7Npap+CAi/+cl5dZUyhZcOdCFp0
OT/p4eJH5Y6Gi01V89i6sipkLs0a3QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPrX
fU1MArhDFkUs+2Gd/QMYxK3tMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODBBMjFCRUM5MTExMUVGQTVBQUVCQTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3iMA0GCSqGSIb3DQEB
CwUAA4IBAQAjcbtS7SWJugSHyKbIheYq+sPzyR3+KrsXV1WMz7YWy5Fqqp+ZNDb1
SIf9IlIybyfNT7f+TpxTiKJJ4q6CTBEkV+jO2453qR7u+JHaxyM6cVDAvEqLYFpk
bMvlpxyh+vSY0GXTanx6TsiwFwz8DybV9ISGnhiPsIh5gm0RbND43FYIJY8mBYbp
qHu3bFk55km4k4BgJQg3Qu7c+N4aaNDKBQYR7BJeo66R8/VPNKR3RgRksygtbA7Y
YX9WO+aH+lCjjbm9MiRjjVza1fca4+1yjP2E/Z47dpvCCCucn7ONrEFmv85lRD4B
hqqRzKT36z9042NBTILzjAFRxssk01kG
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:51:49 2025 by rpki-client