Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89780F6AF44E11EFB01205AD762E951A.roa
File: 89780F6AF44E11EFB01205AD762E951A.roa (raw, json)
Hash identifier: R2HoORKEIEQS027kMxoUNEZ2f7uCDPbzU5KXn38Vd9M=
Subject key identifier: D2:D3:E4:9F:77:7D:30:C6:E7:06:AD:B7:05:F1:1B:75:C7:25:6D:2F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016459
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89780F6AF44E11EFB01205AD762E951A.roa
Signing time: Wed 26 Feb 2025 14:32:42 +0000
ROA not before: Wed 26 Feb 2025 14:32:39 +0000
ROA not after: Sat 19 Feb 2028 14:32:39 +0000
asID: 17561
IP address blocks: 154.82.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91225 (0x16459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 14:32:39 2025 GMT
Not After : Feb 19 14:32:39 2028 GMT
Subject: CN=67bf260a-3702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fa:ec:01:df:ea:e9:37:40:bf:fd:af:e4:3d:
ac:aa:e1:21:11:ef:38:c7:18:a0:b4:12:78:aa:64:
85:3a:cd:1a:7d:24:04:0d:fc:64:5b:61:5c:74:f0:
b4:80:66:be:27:a3:c8:a7:4f:8f:28:a6:05:8d:ce:
b2:1b:38:52:6a:01:ab:50:8e:ce:1a:ff:7f:28:27:
08:31:55:b1:dc:1a:14:c1:b0:d1:2a:11:f3:c9:af:
f5:0b:81:d3:84:0d:6f:eb:a8:14:da:af:03:c9:4b:
27:09:fd:7f:4e:17:28:a2:0b:43:b2:8b:e4:d5:be:
19:53:d8:9b:2c:22:3c:fc:7f:35:57:26:ed:24:a6:
50:c4:cf:50:ae:76:c9:7d:12:47:11:79:ce:55:af:
3e:02:3a:70:ab:a6:84:b4:cd:06:c1:94:ad:1b:35:
ad:fc:33:d2:99:03:6b:b0:10:c9:9b:2e:8e:2c:db:
a9:84:fe:4e:77:cf:f6:8f:71:16:4d:c7:50:06:68:
24:bb:0f:32:18:a2:bf:d4:18:3e:29:82:9d:04:59:
ba:f6:5a:c0:bb:91:28:53:ad:0b:db:32:0e:26:c6:
90:5e:b8:17:4f:8b:9b:5d:1b:cd:5c:79:59:81:dc:
4f:dc:fb:e6:45:1d:ac:92:bc:84:39:9a:bc:72:c1:
17:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D3:E4:9F:77:7D:30:C6:E7:06:AD:B7:05:F1:1B:75:C7:25:6D:2F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89780F6AF44E11EFB01205AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.211.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:1d:10:fa:e1:9c:88:4d:fd:80:7a:4c:02:ad:9d:ae:b1:ac:
29:8a:d4:b7:0f:ab:3f:84:92:d5:80:00:bc:53:63:2c:cd:99:
6b:12:da:6d:a4:ae:2a:e3:ba:a0:d4:e6:1a:c9:6e:d6:80:2d:
81:24:09:6c:10:09:9a:83:82:30:e8:53:7d:63:a9:54:65:d3:
0e:22:aa:50:ce:b7:33:2a:cc:a6:32:b5:ba:4b:86:9a:70:ab:
16:9a:82:9e:d8:be:69:98:ca:25:de:87:d9:e6:5a:73:b5:ab:
94:4a:6c:36:b8:93:67:93:df:ba:29:c0:8a:e9:10:2b:70:bc:
3a:ce:5f:92:8c:49:f7:b5:52:f0:4f:fe:9e:d8:b9:61:5d:1d:
9f:ae:4f:ed:99:b9:ca:83:03:c9:93:fb:cb:49:5b:9c:ad:0d:
e6:bc:8c:95:ff:ce:35:ba:dd:7a:6c:48:fe:98:3e:4f:9d:3b:
59:9c:b1:b5:58:0b:fb:fd:0b:a8:b2:41:1b:af:96:3d:0c:3a:
5f:c8:1a:42:53:4d:86:e5:6a:ed:03:49:3e:b1:c9:37:8b:57:
9f:b0:ce:ae:31:2a:68:9e:fa:84:d6:a9:a1:6d:a7:61:5a:2e:
c7:63:b7:05:8a:ee:e9:ef:20:f5:2a:aa:8d:a5:33:c0:b7:c3:
55:8f:e5:59
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWRZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTQzMjM5WhcNMjgwMjE5MTQzMjM5WjAYMRYw
FAYDVQQDEw02N2JmMjYwYS0zNzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApfrsAd/q6TdAv/2v5D2squEhEe84xxigtBJ4qmSFOs0afSQEDfxkW2Fc
dPC0gGa+J6PIp0+PKKYFjc6yGzhSagGrUI7OGv9/KCcIMVWx3BoUwbDRKhHzya/1
C4HThA1v66gU2q8DyUsnCf1/ThcoogtDsovk1b4ZU9ibLCI8/H81VybtJKZQxM9Q
rnbJfRJHEXnOVa8+Ajpwq6aEtM0GwZStGzWt/DPSmQNrsBDJmy6OLNuphP5Od8/2
j3EWTcdQBmgkuw8yGKK/1Bg+KYKdBFm69lrAu5EoU60L2zIOJsaQXrgXT4ubXRvN
XHlZgdxP3PvmRR2skryEOZq8csEXRQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNLT
5J93fTDG5wattwXxG3XHJW0vMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OTc4MEY2QUY0NEUxMUVGQjAxMjA1QUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLTMA0GCSqGSIb3DQEB
CwUAA4IBAQAeHRD64ZyITf2AekwCrZ2usawpitS3D6s/hJLVgAC8U2MszZlrEtpt
pK4q47qg1OYayW7WgC2BJAlsEAmag4Iw6FN9Y6lUZdMOIqpQzrczKsymMrW6S4aa
cKsWmoKe2L5pmMol3ofZ5lpztauUSmw2uJNnk9+6KcCK6RArcLw6zl+SjEn3tVLw
T/6e2LlhXR2frk/tmbnKgwPJk/vLSVucrQ3mvIyV/841ut16bEj+mD5PnTtZnLG1
WAv7/QuoskEbr5Y9DDpfyBpCU02G5WrtA0k+sck3i1efsM6uMSponvqE1qmhbadh
Wi7HY7cFiu7p7yD1KqqNpTPAt8NVj+VZ
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:55:11 2025 by rpki-client