Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8040788CFB2511EFA1F8F143762E951A.roa
File: 8040788CFB2511EFA1F8F143762E951A.roa (raw, json)
Hash identifier: rEw59OjjDwYLpxoCt+HRffQWldFOO/D82I6ytu76qpc=
Subject key identifier: 06:BF:D6:FB:5D:5C:4D:1F:DA:17:E7:41:68:65:23:37:E4:07:82:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172B0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8040788CFB2511EFA1F8F143762E951A.roa
Signing time: Fri 07 Mar 2025 07:26:36 +0000
ROA not before: Fri 07 Mar 2025 07:26:31 +0000
ROA not after: Sat 22 Mar 2025 07:26:31 +0000
asID: 58460
IP address blocks: 154.197.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94896 (0x172b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 7 07:26:31 2025 GMT
Not After : Mar 22 07:26:31 2025 GMT
Subject: CN=67ca9fab-c7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:df:52:75:75:92:be:f0:1a:3f:f5:5d:58:d8:
7c:24:0f:1e:7c:63:f5:24:cc:a6:e1:e1:f6:97:8a:
bd:e8:c8:6f:ca:fd:38:1d:2d:76:1c:5f:f5:f5:bf:
41:b6:53:49:9d:49:4f:9b:0a:07:86:49:16:e9:f5:
7d:29:dd:5e:18:1b:08:1e:3e:55:61:0a:86:ff:c7:
9e:d3:bb:3a:8f:d9:0e:4c:77:ad:26:c1:e5:4a:64:
f8:24:57:4a:bd:1a:3d:65:aa:0a:81:11:8c:7b:aa:
8a:32:cc:b5:b6:2c:6f:7a:0a:e5:12:34:f0:0b:7e:
a7:a1:76:9f:c8:a5:f1:94:2b:d2:8f:c9:cf:29:96:
3d:39:6f:30:0a:03:fa:37:58:0d:17:cc:4c:ba:dd:
71:5a:08:19:a3:7b:49:1a:a8:66:7e:2d:6e:a8:a9:
bb:fe:9b:b3:20:38:4f:a5:a3:ca:6b:91:2d:a5:9e:
5f:31:f1:64:28:87:0a:32:3d:53:93:ec:0b:07:89:
cc:7b:33:db:56:ba:bc:04:cb:93:4b:33:81:5c:cf:
37:b2:62:b3:c7:c0:73:b5:19:b4:02:40:ef:a6:d6:
fc:cb:6c:35:b2:fb:61:32:df:a4:29:d1:d2:54:87:
98:ae:5a:73:70:4e:7d:8e:16:fd:da:85:fb:33:e1:
fa:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:BF:D6:FB:5D:5C:4D:1F:DA:17:E7:41:68:65:23:37:E4:07:82:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8040788CFB2511EFA1F8F143762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.40.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:d0:c9:a1:63:14:71:27:1c:14:ae:f5:63:3b:3a:f2:82:ad:
a5:4f:13:ab:b5:b7:7c:0a:16:0d:62:b3:5e:f7:fe:05:ba:f9:
10:7d:45:16:3c:e3:fe:3e:fa:89:32:c3:3c:ac:d3:39:5d:86:
2e:5a:aa:4d:cd:fa:3e:89:ff:3a:b8:08:77:55:4f:e7:ce:d3:
cd:07:e2:0e:b9:81:8b:be:47:9a:28:c7:12:c1:b1:a9:eb:86:
9d:39:fe:6e:94:59:60:f2:13:3e:6d:68:b7:a8:46:7e:54:a9:
c9:ac:44:be:3b:74:e8:b3:6d:bb:92:fc:a8:91:a9:65:ce:31:
c1:f2:ea:2c:98:7c:71:24:03:18:f0:53:de:11:6b:11:6d:1c:
de:e4:09:5a:85:67:c3:92:0a:b0:2c:85:a6:04:33:4c:7e:65:
a2:3b:d7:16:d8:e2:d9:69:47:9f:0b:32:9a:87:98:1d:93:1e:
f6:9a:0d:7c:46:c4:05:80:ce:3c:ea:e1:74:b3:6c:34:af:59:
14:17:9b:7e:bf:97:4c:8c:b0:f8:da:ef:f3:46:3e:41:c3:a1:
81:85:81:d3:05:57:ce:f4:ec:71:05:2b:34:04:5a:66:95:d9:
e7:4e:58:2b:44:83:22:8a:ff:a8:eb:48:fd:38:e0:00:80:9d:
23:59:98:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXKwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA3MDcyNjMxWhcNMjUwMzIyMDcyNjMxWjAYMRYw
FAYDVQQDEw02N2NhOWZhYi1jN2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyN9SdXWSvvAaP/VdWNh8JA8efGP1JMym4eH2l4q96Mhvyv04HS12HF/1
9b9BtlNJnUlPmwoHhkkW6fV9Kd1eGBsIHj5VYQqG/8ee07s6j9kOTHetJsHlSmT4
JFdKvRo9ZaoKgRGMe6qKMsy1tixvegrlEjTwC36noXafyKXxlCvSj8nPKZY9OW8w
CgP6N1gNF8xMut1xWggZo3tJGqhmfi1uqKm7/puzIDhPpaPKa5EtpZ5fMfFkKIcK
Mj1Tk+wLB4nMezPbVrq8BMuTSzOBXM83smKzx8BztRm0AkDvptb8y2w1svthMt+k
KdHSVIeYrlpzcE59jhb92oX7M+H6EQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAa/
1vtdXE0f2hfnQWhlIzfkB4IKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MDQwNzg4Q0ZCMjUxMUVGQTFGOEYxNDM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsUoMA0GCSqGSIb3DQEB
CwUAA4IBAQCP0MmhYxRxJxwUrvVjOzrygq2lTxOrtbd8ChYNYrNe9/4FuvkQfUUW
POP+PvqJMsM8rNM5XYYuWqpNzfo+if86uAh3VU/nztPNB+IOuYGLvkeaKMcSwbGp
64adOf5ulFlg8hM+bWi3qEZ+VKnJrES+O3Tos227kvyokallzjHB8uosmHxxJAMY
8FPeEWsRbRze5AlahWfDkgqwLIWmBDNMfmWiO9cW2OLZaUefCzKah5gdkx72mg18
RsQFgM486uF0s2w0r1kUF5t+v5dMjLD42u/zRj5Bw6GBhYHTBVfO9OxxBSs0BFpm
ldnnTlgrRIMiiv+o60j9OOAAgJ0jWZgj
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:14:45 2025 by rpki-client