Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/721EA2B2E31811EFB6D35D8B762E951A.roa
File: 721EA2B2E31811EFB6D35D8B762E951A.roa (raw, json)
Hash identifier: Mo0KXkq9ABe9Z+Pxd+oyd5sE/l3pn4fV3jLFqRd9aG8=
Subject key identifier: 00:60:C6:D9:D8:5B:6D:53:30:1D:91:E8:87:EC:D9:C7:04:6D:14:03
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015135
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/721EA2B2E31811EFB6D35D8B762E951A.roa
Signing time: Tue 04 Feb 2025 16:52:40 +0000
ROA not before: Tue 04 Feb 2025 16:52:37 +0000
ROA not after: Wed 30 Apr 2025 16:52:37 +0000
asID: 18229
IP address blocks: 154.210.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86325 (0x15135)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 16:52:37 2025 GMT
Not After : Apr 30 16:52:37 2025 GMT
Subject: CN=67a245d8-d1cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8b:86:3f:b5:c9:80:bd:fa:3b:39:58:c0:fb:
ef:ca:50:94:90:34:d6:ef:64:e1:2a:59:66:14:a6:
cc:15:c0:ed:27:69:39:3d:7e:92:de:1b:1e:24:86:
6e:20:ae:8c:b5:c4:18:3d:39:57:7b:93:35:75:60:
34:dd:e2:e6:e8:68:50:2f:69:e5:1c:cc:4e:e1:d2:
02:89:07:52:a7:d4:96:2c:8e:34:b4:ac:f6:68:9f:
8b:64:4e:8b:62:58:b7:f0:11:2e:66:02:0c:0d:1d:
50:2b:54:74:5c:cb:80:72:c3:22:09:a5:4e:44:ea:
7f:9a:ab:ec:e4:ea:21:a1:7b:21:9f:c4:13:c0:59:
44:ad:25:c2:2b:b9:80:e6:78:42:01:ca:08:c0:91:
81:95:d3:5b:1f:ea:9b:90:2c:e3:24:20:39:03:3e:
5f:2a:f2:f5:06:cc:94:7c:85:08:81:c7:ca:74:ed:
09:e9:1e:79:4b:74:32:f1:8d:2c:57:a1:4d:90:4d:
14:2e:6c:60:b1:69:47:1f:75:37:98:05:41:a3:56:
d8:b7:1a:f2:3b:7e:70:41:6c:da:14:df:c1:6e:1f:
a2:b5:8b:6a:ac:fc:b5:f4:8e:c2:51:d3:a0:6e:26:
0b:22:8a:15:3c:51:f8:f4:f5:cb:94:e5:90:2c:d3:
52:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:60:C6:D9:D8:5B:6D:53:30:1D:91:E8:87:EC:D9:C7:04:6D:14:03
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/721EA2B2E31811EFB6D35D8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.142.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:5c:63:1a:66:e4:fc:ea:84:e5:02:d4:83:e9:76:13:21:10:
6f:1f:96:bc:fa:3d:d9:a4:e4:6a:81:56:b9:78:5e:a7:64:7e:
d5:c8:58:fa:0c:10:6e:9c:6b:2a:10:4f:c4:31:f3:0a:44:d3:
3c:eb:f2:2d:f7:92:60:76:7d:50:b3:36:0b:63:03:99:64:6a:
ce:52:67:97:4f:5f:68:ac:bc:91:61:ed:46:0f:b5:2d:fd:b1:
8d:9b:0d:9e:29:49:6b:dc:3b:e2:c9:64:89:ca:29:04:f0:4e:
d5:0c:52:6e:bb:5c:a8:21:e1:d4:fe:98:77:0a:83:59:7e:2f:
22:a2:89:2c:cb:80:be:12:44:fc:73:8e:bc:ef:df:e3:e1:d6:
3c:73:ed:dd:d1:10:37:d4:c0:a6:40:1c:e7:c3:3c:e3:6a:51:
32:34:c7:5e:b2:04:97:95:b0:c9:87:55:10:e8:96:b4:38:bf:
15:e8:02:0c:43:00:d9:8a:b1:40:3c:b4:04:94:99:3f:9b:6b:
8b:17:2d:3f:6f:10:8e:d0:93:f1:7b:e2:9b:94:06:26:c1:64:
71:47:80:b7:68:bf:3c:9e:32:a9:99:51:9d:39:b6:ca:06:58:
b3:22:c4:ae:fa:4d:5f:d3:48:cb:c0:56:8a:69:50:dd:9a:d7:
88:6e:6d:df
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVE1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MTY1MjM3WhcNMjUwNDMwMTY1MjM3WjAYMRYw
FAYDVQQDEw02N2EyNDVkOC1kMWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw4uGP7XJgL36OzlYwPvvylCUkDTW72ThKllmFKbMFcDtJ2k5PX6S3hse
JIZuIK6MtcQYPTlXe5M1dWA03eLm6GhQL2nlHMxO4dICiQdSp9SWLI40tKz2aJ+L
ZE6LYli38BEuZgIMDR1QK1R0XMuAcsMiCaVOROp/mqvs5OohoXshn8QTwFlErSXC
K7mA5nhCAcoIwJGBldNbH+qbkCzjJCA5Az5fKvL1BsyUfIUIgcfKdO0J6R55S3Qy
8Y0sV6FNkE0ULmxgsWlHH3U3mAVBo1bYtxryO35wQWzaFN/Bbh+itYtqrPy19I7C
UdOgbiYLIooVPFH49PXLlOWQLNNS1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFABg
xtnYW21TMB2R6Ifs2ccEbRQDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MjFFQTJCMkUzMTgxMUVGQjZEMzVEOEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtKOMA0GCSqGSIb3DQEB
CwUAA4IBAQAeXGMaZuT86oTlAtSD6XYTIRBvH5a8+j3ZpORqgVa5eF6nZH7VyFj6
DBBunGsqEE/EMfMKRNM86/It95Jgdn1QszYLYwOZZGrOUmeXT19orLyRYe1GD7Ut
/bGNmw2eKUlr3DviyWSJyikE8E7VDFJuu1yoIeHU/ph3CoNZfi8iooksy4C+EkT8
c46879/j4dY8c+3d0RA31MCmQBznwzzjalEyNMdesgSXlbDJh1UQ6Ja0OL8V6AIM
QwDZirFAPLQElJk/m2uLFy0/bxCO0JPxe+KblAYmwWRxR4C3aL88njKpmVGdObbK
BlizIsSu+k1f00jLwFaKaVDdmteIbm3f
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:49 2025 by rpki-client