Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68D60172C1AE11EF8D4C7DB0762E951A.roa
File: 68D60172C1AE11EF8D4C7DB0762E951A.roa (raw, json)
Hash identifier: VZ/H+xaRHuqMyyikVDdPU+2duJHFc80nzlwtvTw1t6Y=
Subject key identifier: FB:71:24:F3:AE:42:D6:52:5B:AB:71:FB:EC:68:7D:CD:77:2A:3E:DA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012155
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68D60172C1AE11EF8D4C7DB0762E951A.roa
Signing time: Tue 24 Dec 2024 04:20:30 +0000
ROA not before: Tue 24 Dec 2024 04:20:26 +0000
ROA not after: Wed 10 Dec 2025 04:20:26 +0000
asID: 984
IP address blocks: 154.193.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74069 (0x12155)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 04:20:26 2024 GMT
Not After : Dec 10 04:20:26 2025 GMT
Subject: CN=676a368e-a2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:98:79:59:0d:4c:94:1f:0d:83:79:6d:a1:53:
db:1c:84:d2:8b:de:ed:74:5a:ab:b5:39:8a:e6:c6:
97:ac:08:d1:2e:ba:22:db:e2:32:ec:a3:03:3f:4f:
62:70:e8:3d:88:49:0c:43:ea:be:29:09:76:a4:8d:
21:66:b0:e1:0c:a6:43:15:1e:10:a9:3d:c5:f0:5d:
91:04:b6:b8:36:85:67:77:8a:fc:5a:a5:42:75:77:
cb:ff:ee:98:ff:15:71:f0:69:84:3e:33:90:69:cc:
f0:ad:25:dd:a2:75:0c:5a:23:2c:9c:c6:31:6d:66:
02:70:b5:c2:aa:df:43:ea:b0:f3:67:b3:01:0f:b0:
c0:3a:c8:e1:f5:39:30:99:9b:0b:8f:64:10:ee:3e:
15:36:59:b6:42:9e:24:92:83:5a:88:12:95:a4:99:
b7:12:c0:3b:4a:81:ec:0b:45:b6:1a:c7:be:f0:83:
e1:32:58:d2:4c:fc:7b:dd:96:27:b8:04:77:f8:30:
98:f2:ee:37:2d:10:92:77:39:0e:b2:71:13:93:36:
7e:24:e7:1e:d0:93:5e:9b:0d:5d:21:68:46:62:7c:
9f:38:2e:52:a5:cf:d7:5f:1c:ae:44:79:6d:2d:2e:
ab:88:d7:e6:4e:47:3d:68:15:98:e2:71:b5:c3:62:
bd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:71:24:F3:AE:42:D6:52:5B:AB:71:FB:EC:68:7D:CD:77:2A:3E:DA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68D60172C1AE11EF8D4C7DB0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.78.0/24
Signature Algorithm: sha256WithRSAEncryption
27:5a:bf:d4:7d:d7:f0:87:ea:4c:64:1a:7b:06:cd:13:2f:f5:
16:4e:17:28:66:bb:d3:f4:80:97:79:41:fe:7c:f8:c8:ab:c0:
8a:1f:44:36:98:24:8d:b0:9e:62:5c:96:06:fa:9d:32:be:47:
2c:66:1b:b8:98:09:6d:d5:c9:45:64:43:7e:97:61:65:02:57:
4c:bc:ec:71:d3:78:7a:94:d5:b1:6a:77:99:1d:a8:35:4e:76:
cb:af:66:c4:a6:9a:31:79:29:a8:51:b9:1a:4b:96:b8:96:18:
66:0d:db:51:e1:82:02:79:1c:8e:22:dd:04:38:92:dc:63:38:
7b:18:de:db:c5:a9:fb:23:4d:48:11:5a:c0:86:a4:21:49:c4:
07:c5:46:96:93:01:2d:47:87:65:88:a0:b9:ae:0f:cf:d6:36:
75:d3:3a:7d:2d:ce:46:b9:0b:56:77:d4:e9:81:6d:63:45:bd:
11:8b:6f:3f:02:68:bb:68:44:f5:fc:af:a4:56:14:3f:c0:fe:
e5:d2:50:f7:f3:f5:89:b7:a5:03:3c:4f:b7:58:df:b6:29:fa:
43:73:a6:27:c0:a2:bc:ca:a9:83:f7:57:d6:13:4b:81:05:60:
38:5f:bc:fb:fe:66:d1:77:ea:be:47:e8:7c:1e:3c:0d:04:c8:
5c:24:7a:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASFVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDQyMDI2WhcNMjUxMjEwMDQyMDI2WjAYMRYw
FAYDVQQDEw02NzZhMzY4ZS1hMmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA15h5WQ1MlB8Ng3ltoVPbHITSi97tdFqrtTmK5saXrAjRLroi2+Iy7KMD
P09icOg9iEkMQ+q+KQl2pI0hZrDhDKZDFR4QqT3F8F2RBLa4NoVnd4r8WqVCdXfL
/+6Y/xVx8GmEPjOQaczwrSXdonUMWiMsnMYxbWYCcLXCqt9D6rDzZ7MBD7DAOsjh
9TkwmZsLj2QQ7j4VNlm2Qp4kkoNaiBKVpJm3EsA7SoHsC0W2Gse+8IPhMljSTPx7
3ZYnuAR3+DCY8u43LRCSdzkOsnETkzZ+JOce0JNemw1dIWhGYnyfOC5Spc/XXxyu
RHltLS6riNfmTkc9aBWY4nG1w2K9gwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPtx
JPOuQtZSW6tx++xofc13Kj7aMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OEQ2MDE3MkMxQUUxMUVGOEQ0QzdEQjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsFOMA0GCSqGSIb3DQEB
CwUAA4IBAQAnWr/Ufdfwh+pMZBp7Bs0TL/UWThcoZrvT9ICXeUH+fPjIq8CKH0Q2
mCSNsJ5iXJYG+p0yvkcsZhu4mAlt1clFZEN+l2FlAldMvOxx03h6lNWxaneZHag1
TnbLr2bEppoxeSmoUbkaS5a4lhhmDdtR4YICeRyOIt0EOJLcYzh7GN7bxan7I01I
EVrAhqQhScQHxUaWkwEtR4dliKC5rg/P1jZ10zp9Lc5GuQtWd9TpgW1jRb0Ri28/
Ami7aET1/K+kVhQ/wP7l0lD38/WJt6UDPE+3WN+2KfpDc6YnwKK8yqmD91fWE0uB
BWA4X7z7/mbRd+q+R+h8HjwNBMhcJHqF
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:41 2025 by rpki-client