Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F58B1CEC91E11EF8EE40B7D762E951A.roa
File: 8F58B1CEC91E11EF8EE40B7D762E951A.roa (raw, json)
Hash identifier: vA/QVmerYbDLcu6IrVg8p/PVa5lpAuFKlXYRlkzBimk=
Subject key identifier: CB:B6:DA:52:28:A2:17:CC:C5:D2:2C:6E:CB:5B:F6:C1:13:DD:C1:22
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013317
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F58B1CEC91E11EF8EE40B7D762E951A.roa
Signing time: Thu 02 Jan 2025 15:30:56 +0000
ROA not before: Thu 02 Jan 2025 15:30:53 +0000
ROA not after: Mon 13 Dec 2027 15:30:53 +0000
asID: 17561
IP address blocks: 154.222.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78615 (0x13317)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 15:30:53 2025 GMT
Not After : Dec 13 15:30:53 2027 GMT
Subject: CN=6776b130-15ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:59:b0:c1:51:0d:55:66:4a:18:ba:c0:00:64:
0c:7b:02:3a:c6:6d:92:be:dc:67:df:8a:09:85:67:
b6:69:7a:56:1b:37:a8:f0:f9:9b:89:5b:47:d3:e5:
01:d1:ff:ab:6a:af:ca:22:71:2b:69:ed:c8:3e:2a:
89:4b:6d:a1:ac:c6:ba:90:10:de:c0:4f:64:ae:25:
59:d8:db:d2:18:d0:ac:0c:08:f9:50:3d:19:32:61:
95:d6:8e:7f:1d:03:80:0c:ff:82:15:f1:36:18:a8:
c1:5c:de:fb:07:56:f8:2c:f1:19:27:f1:2c:00:ed:
b1:c5:ac:bb:29:1e:80:1c:75:00:1f:bd:93:0d:82:
f7:08:5f:39:92:45:80:ad:6a:61:91:17:23:23:3e:
f3:20:bf:a8:da:dc:dd:9b:f7:64:ef:51:84:db:ab:
68:df:e9:64:bc:5b:08:84:d5:6c:4a:ae:ca:23:9a:
c8:e2:03:44:15:b4:34:54:96:61:f4:77:74:89:65:
d1:a8:ab:27:f8:15:d4:28:d9:75:4f:32:7c:21:0c:
f6:cf:71:94:7d:26:9a:3c:6b:68:45:b6:00:c0:4f:
fb:99:bb:d6:9f:9a:c5:9f:98:dc:60:57:12:c2:1c:
f0:9a:6e:d3:18:6c:2d:45:38:05:40:8d:c3:be:c5:
ad:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B6:DA:52:28:A2:17:CC:C5:D2:2C:6E:CB:5B:F6:C1:13:DD:C1:22
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8F58B1CEC91E11EF8EE40B7D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.80.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:cc:ad:25:75:4c:06:b0:5a:19:39:a1:d6:cc:d4:53:29:56:
84:84:c4:0b:44:6d:ea:f8:4d:ad:5a:60:ee:7a:52:9c:e3:b6:
2b:bf:04:48:a8:bd:90:4b:1e:e8:05:c7:23:92:28:01:29:35:
09:c2:d1:83:07:42:1e:f3:74:db:31:a1:18:73:e7:f6:7c:cc:
93:60:cb:30:f8:3c:39:c7:3a:c0:a2:81:be:01:67:ba:86:c9:
9e:a4:39:6d:d6:0b:94:94:b6:ff:ee:55:bd:8d:ff:7e:ad:fc:
bb:c2:19:24:e6:ad:6b:92:60:0f:17:32:f2:e0:bf:90:4c:50:
db:c0:55:1b:c5:7c:e5:bf:97:42:96:c6:eb:02:74:20:21:a2:
c8:dc:68:a9:5e:15:5c:6e:7a:42:98:f9:01:ac:79:de:20:1f:
f8:5c:26:ca:59:ac:91:ab:23:8a:89:8e:7b:8f:dd:02:33:53:
10:97:3e:3b:b4:19:b8:30:8a:98:21:39:98:d4:93:31:4e:50:
4e:44:0d:92:aa:7a:29:fc:9c:23:46:bd:a1:50:d5:7f:27:06:
95:76:24:82:1f:7f:04:61:f4:7e:ac:49:ea:5b:55:fa:9d:71:
91:47:dc:57:d4:95:f9:3d:13:e8:16:00:b7:3b:cf:c7:6c:8b:
2d:d1:fa:bc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATMXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTUzMDUzWhcNMjcxMjEzMTUzMDUzWjAYMRYw
FAYDVQQDEw02Nzc2YjEzMC0xNWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAulmwwVENVWZKGLrAAGQMewI6xm2Svtxn34oJhWe2aXpWGzeo8PmbiVtH
0+UB0f+raq/KInErae3IPiqJS22hrMa6kBDewE9kriVZ2NvSGNCsDAj5UD0ZMmGV
1o5/HQOADP+CFfE2GKjBXN77B1b4LPEZJ/EsAO2xxay7KR6AHHUAH72TDYL3CF85
kkWArWphkRcjIz7zIL+o2tzdm/dk71GE26to3+lkvFsIhNVsSq7KI5rI4gNEFbQ0
VJZh9Hd0iWXRqKsn+BXUKNl1TzJ8IQz2z3GUfSaaPGtoRbYAwE/7mbvWn5rFn5jc
YFcSwhzwmm7TGGwtRTgFQI3DvsWtZQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMu2
2lIoohfMxdIsbstb9sET3cEiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RjU4QjFDRUM5MUUxMUVGOEVFNDBCN0Q3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt5QMA0GCSqGSIb3DQEB
CwUAA4IBAQBMzK0ldUwGsFoZOaHWzNRTKVaEhMQLRG3q+E2tWmDuelKc47YrvwRI
qL2QSx7oBccjkigBKTUJwtGDB0Ie83TbMaEYc+f2fMyTYMsw+Dw5xzrAooG+AWe6
hsmepDlt1guUlLb/7lW9jf9+rfy7whkk5q1rkmAPFzLy4L+QTFDbwFUbxXzlv5dC
lsbrAnQgIaLI3GipXhVcbnpCmPkBrHneIB/4XCbKWayRqyOKiY57j90CM1MQlz47
tBm4MIqYITmY1JMxTlBORA2Sqnop/JwjRr2hUNV/JwaVdiSCH38EYfR+rEnqW1X6
nXGRR9xX1JX5PRPoFgC3O8/HbIst0fq8
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:54:47 2025 by rpki-client