Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69565BBA097A11F08240D4A1762E951A.roa
File: 69565BBA097A11F08240D4A1762E951A.roa (raw, json)
Hash identifier: qnPpRxUDs/XgVSgYBBUZ7ESaN5J3uNZW4JIDTgQlxb4=
Subject key identifier: 4B:CF:54:8E:D2:FE:CA:1D:34:B5:58:F6:83:A7:39:62:2A:20:D3:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017646
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69565BBA097A11F08240D4A1762E951A.roa
Signing time: Tue 25 Mar 2025 13:09:42 +0000
ROA not before: Tue 25 Mar 2025 13:09:37 +0000
ROA not after: Mon 14 Apr 2025 13:09:37 +0000
asID: 57043
IP address blocks: 154.83.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95814 (0x17646)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 13:09:37 2025 GMT
Not After : Apr 14 13:09:37 2025 GMT
Subject: CN=67e2ab16-48f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:66:3b:3c:35:50:e1:41:57:18:a4:58:f1:30:
42:d5:f7:2c:52:ba:71:4f:42:eb:62:26:4f:f3:70:
9c:2d:2a:e0:a7:fb:a3:de:3a:40:ab:67:0f:91:3d:
87:36:77:f4:cc:56:08:93:66:f7:dd:94:fb:f3:a6:
c8:b3:3b:34:59:05:bd:36:e5:58:97:15:3d:ea:45:
d2:88:c9:d5:32:e5:c5:57:fd:f6:05:93:f6:cd:f1:
24:2e:50:f2:20:42:14:16:8d:3b:76:75:45:12:cc:
5d:0f:b9:8b:ce:e3:a8:a2:e1:f4:af:b0:fd:85:2b:
3b:ac:57:bd:14:20:3c:3a:62:29:cb:9e:43:3c:25:
a3:f3:83:fd:6a:a8:4f:06:2f:4e:e2:fd:a1:c7:93:
ae:84:57:83:02:9e:cb:2e:7d:c0:81:0b:7e:49:32:
96:e6:26:36:fc:87:71:58:bc:58:e1:63:df:c1:b7:
5d:dc:18:bc:7d:d6:62:9a:bc:c6:27:c4:96:d9:9a:
31:d0:13:aa:db:ad:39:96:a1:e5:ef:79:7e:ce:5e:
87:ca:d2:46:ac:41:d2:84:6e:98:ec:0f:bb:e0:8a:
ac:5c:f3:4a:9c:ef:d2:bf:dc:f6:e9:9c:81:4e:a9:
be:d7:51:95:38:78:29:cf:4a:4d:26:a9:de:e1:4f:
4c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CF:54:8E:D2:FE:CA:1D:34:B5:58:F6:83:A7:39:62:2A:20:D3:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/69565BBA097A11F08240D4A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.132.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:b2:5d:cf:de:9d:e9:4f:8e:b0:8c:fc:e0:f3:86:58:00:32:
eb:85:94:a9:e1:f4:51:b9:b2:43:d9:83:e4:3f:31:9c:b6:f3:
49:48:1b:23:47:d3:d8:8e:bc:7d:4f:a5:15:d5:c5:a3:e4:ac:
1b:88:b7:59:e8:c9:19:ba:c3:d9:f4:57:34:56:c6:5e:5c:70:
79:4d:87:ef:b3:9c:a1:5e:bb:ff:13:00:9d:11:11:be:23:73:
8b:c5:7c:e4:51:22:1c:7e:e5:2c:d8:16:77:9a:0b:cd:e7:b1:
45:1f:1c:72:a5:22:88:18:3d:9e:6d:c6:a1:48:83:ed:56:8b:
68:a1:90:01:c6:31:ee:4d:76:a0:7f:d2:5a:73:69:a4:32:e2:
80:30:0c:7b:00:70:74:8e:31:da:21:cd:45:bd:3b:19:95:3b:
97:3a:53:d9:30:92:20:6e:d2:fc:8e:6a:fa:52:5c:80:fd:ea:
ac:89:f9:6b:8e:e9:50:17:46:37:bb:99:87:5d:7a:e0:7c:80:
0f:b1:61:04:fc:a6:57:7e:ff:42:37:ff:c7:7b:ba:c2:15:3e:
39:bd:d7:09:2a:8a:3d:65:64:5d:ce:0e:1a:3a:6d:fa:14:32:
3b:fc:20:b7:25:23:2e:19:77:96:d0:60:22:b4:f8:fb:be:97:
84:67:77:1b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXZGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MTMwOTM3WhcNMjUwNDE0MTMwOTM3WjAYMRYw
FAYDVQQDEw02N2UyYWIxNi00OGYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9GY7PDVQ4UFXGKRY8TBC1fcsUrpxT0LrYiZP83CcLSrgp/uj3jpAq2cP
kT2HNnf0zFYIk2b33ZT786bIszs0WQW9NuVYlxU96kXSiMnVMuXFV/32BZP2zfEk
LlDyIEIUFo07dnVFEsxdD7mLzuOoouH0r7D9hSs7rFe9FCA8OmIpy55DPCWj84P9
aqhPBi9O4v2hx5OuhFeDAp7LLn3AgQt+STKW5iY2/IdxWLxY4WPfwbdd3Bi8fdZi
mrzGJ8SW2Zox0BOq2605lqHl73l+zl6HytJGrEHShG6Y7A+74IqsXPNKnO/Sv9z2
6ZyBTqm+11GVOHgpz0pNJqne4U9M9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEvP
VI7S/sodNLVY9oOnOWIqINMfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82OTU2NUJCQTA5N0ExMUYwODI0MEQ0QTE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOEMA0GCSqGSIb3DQEB
CwUAA4IBAQDFsl3P3p3pT46wjPzg84ZYADLrhZSp4fRRubJD2YPkPzGctvNJSBsj
R9PYjrx9T6UV1cWj5KwbiLdZ6MkZusPZ9Fc0VsZeXHB5TYfvs5yhXrv/EwCdERG+
I3OLxXzkUSIcfuUs2BZ3mgvN57FFHxxypSKIGD2ebcahSIPtVotooZABxjHuTXag
f9Jac2mkMuKAMAx7AHB0jjHaIc1FvTsZlTuXOlPZMJIgbtL8jmr6UlyA/eqsiflr
julQF0Y3u5mHXXrgfIAPsWEE/KZXfv9CN//He7rCFT45vdcJKoo9ZWRdzg4aOm36
FDI7/CC3JSMuGXeW0GAitPj7vpeEZ3cb
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:13:54 2025 by rpki-client