Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89B1EE16F47A11EF8F0BD75F762E951A.roa
File: 89B1EE16F47A11EF8F0BD75F762E951A.roa (raw, json)
Hash identifier: HVfhHrVVgYMIkCaQ7tDQhGqnpmbaqLaZzJVkPgsnhe4=
Subject key identifier: 98:B2:E2:C8:E7:EE:48:B1:6E:63:CF:EB:42:97:08:B7:3A:9D:70:22
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0165C2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89B1EE16F47A11EF8F0BD75F762E951A.roa
Signing time: Wed 26 Feb 2025 19:47:40 +0000
ROA not before: Wed 26 Feb 2025 19:47:37 +0000
ROA not after: Sat 19 Feb 2028 19:47:37 +0000
asID: 17561
IP address blocks: 154.218.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91586 (0x165c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 19:47:37 2025 GMT
Not After : Feb 19 19:47:37 2028 GMT
Subject: CN=67bf6fdc-1e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e0:f5:01:be:89:d5:38:c1:aa:97:a9:ee:e5:
f7:a0:c5:91:6e:92:fe:06:f6:92:d0:9a:cc:06:d9:
19:14:b2:db:92:4a:96:2d:75:61:1c:61:c6:7b:97:
22:5e:1b:62:98:eb:89:2d:7b:61:9a:0d:c7:75:c7:
56:04:57:3c:8e:74:ce:e0:75:49:9c:76:98:af:00:
5b:89:3e:1f:1f:42:aa:9a:26:02:c8:f5:96:32:77:
44:5a:c7:24:f7:0d:b5:d6:ab:2b:c8:a1:ca:52:57:
4d:3c:72:28:b6:ef:ea:3b:e8:8b:fb:71:5b:f4:73:
b0:8f:c6:bc:4d:9b:a8:ca:89:a1:ef:9d:ea:b6:03:
a6:e4:c8:26:16:95:9c:d0:d7:17:f3:e3:d8:e5:a1:
82:ba:22:a1:17:34:76:ca:3a:28:c2:8b:e5:a8:9a:
9d:00:ca:71:3b:7a:21:ca:b4:63:9e:2c:7b:26:90:
a8:72:0f:bd:82:4a:0f:eb:f4:2e:c3:5d:89:dc:c1:
84:08:3d:f1:f0:f5:3e:30:a8:00:78:68:43:dd:ef:
af:b6:d0:7b:24:94:89:9f:b7:ae:e6:97:96:65:46:
36:2b:cc:38:4a:d3:3d:38:93:d6:ad:28:83:39:79:
fc:fd:67:26:47:c8:f7:d7:16:72:07:5a:62:dc:2a:
d0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B2:E2:C8:E7:EE:48:B1:6E:63:CF:EB:42:97:08:B7:3A:9D:70:22
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/89B1EE16F47A11EF8F0BD75F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.52.0/24
Signature Algorithm: sha256WithRSAEncryption
77:01:ef:ed:08:34:11:8c:96:8c:8c:d2:89:be:6a:44:24:53:
b3:e7:b3:82:2a:54:c9:c3:4f:ce:3c:15:72:71:07:d4:38:a7:
cd:bf:81:e3:11:39:3e:c5:a7:1d:0d:c1:d1:15:ed:9b:7b:3d:
3b:46:f7:a3:4c:2e:c2:7c:69:c4:e3:0b:20:0a:8c:68:7c:ad:
81:11:f6:19:e3:36:0e:b4:01:99:02:23:e6:22:ed:ea:b3:73:
1d:7e:a1:c4:f2:1e:a5:f5:06:bb:f5:0b:cb:e7:a6:33:d8:65:
77:5e:2a:ea:6e:4e:5e:39:e2:0b:65:c4:c4:fc:9a:a3:8d:db:
57:69:cf:13:d4:8f:86:dd:d4:b1:a6:7e:1b:f6:06:66:0a:2b:
36:5d:6f:11:d5:05:d2:e1:62:cf:02:71:81:31:2c:1d:84:fa:
d0:3b:89:11:67:f0:af:e8:15:ee:6b:c2:3c:8e:ee:0a:48:e8:
4f:3b:9e:bc:38:78:c2:7b:78:e4:89:8e:9b:66:ca:70:ac:1f:
03:4d:05:68:71:4c:5c:08:3c:70:aa:07:cb:d9:54:2c:ad:c3:
79:1f:14:69:db:fb:67:5d:b1:5a:db:74:8c:b2:de:aa:eb:48:
d0:c9:46:36:1f:5c:4b:7d:01:61:c1:b3:4c:16:49:98:e5:b0:
22:2e:ad:5d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWXCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTk0NzM3WhcNMjgwMjE5MTk0NzM3WjAYMRYw
FAYDVQQDEw02N2JmNmZkYy0xZTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4uD1Ab6J1TjBqpep7uX3oMWRbpL+BvaS0JrMBtkZFLLbkkqWLXVhHGHG
e5ciXhtimOuJLXthmg3HdcdWBFc8jnTO4HVJnHaYrwBbiT4fH0KqmiYCyPWWMndE
Wsck9w211qsryKHKUldNPHIotu/qO+iL+3Fb9HOwj8a8TZuoyomh753qtgOm5Mgm
FpWc0NcX8+PY5aGCuiKhFzR2yjoowovlqJqdAMpxO3ohyrRjnix7JpCocg+9gkoP
6/Quw12J3MGECD3x8PU+MKgAeGhD3e+vttB7JJSJn7eu5peWZUY2K8w4StM9OJPW
rSiDOXn8/WcmR8j31xZyB1pi3CrQBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJiy
4sjn7kixbmPP60KXCLc6nXAiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84OUIxRUUxNkY0N0ExMUVGOEYwQkQ3NUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmto0MA0GCSqGSIb3DQEB
CwUAA4IBAQB3Ae/tCDQRjJaMjNKJvmpEJFOz57OCKlTJw0/OPBVycQfUOKfNv4Hj
ETk+xacdDcHRFe2bez07RvejTC7CfGnE4wsgCoxofK2BEfYZ4zYOtAGZAiPmIu3q
s3MdfqHE8h6l9Qa79QvL56Yz2GV3Xirqbk5eOeILZcTE/JqjjdtXac8T1I+G3dSx
pn4b9gZmCis2XW8R1QXS4WLPAnGBMSwdhPrQO4kRZ/Cv6BXua8I8ju4KSOhPO568
OHjCe3jkiY6bZspwrB8DTQVocUxcCDxwqgfL2VQsrcN5HxRp2/tnXbFa23SMst6q
60jQyUY2H1xLfQFhwbNMFkmY5bAiLq1d
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:58 2025 by rpki-client