Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91034CA8070011F0A2504584762E951A.roa
File: 91034CA8070011F0A2504584762E951A.roa (raw, json)
Hash identifier: 0kmkeoVnu5ZN1ClJTRKu9b1IEbKGgYKVN1+y0suMr8I=
Subject key identifier: 00:67:05:EB:92:C3:8A:70:2A:7E:2A:0B:55:A7:A0:C8:4B:DB:34:EB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01756C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91034CA8070011F0A2504584762E951A.roa
Signing time: Sat 22 Mar 2025 09:32:26 +0000
ROA not before: Sat 22 Mar 2025 09:32:23 +0000
ROA not after: Wed 09 Apr 2025 09:32:23 +0000
asID: 39600
IP address blocks: 154.94.33.0/24 maxlen: 24
154.94.40.0/24 maxlen: 24
154.94.51.0/24 maxlen: 24
154.94.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95596 (0x1756c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 22 09:32:23 2025 GMT
Not After : Apr 9 09:32:23 2025 GMT
Subject: CN=67de83aa-1603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:35:87:ff:f1:78:97:24:fe:e9:5a:ee:4a:87:
8e:d6:5a:53:ce:f0:20:8d:c0:8e:34:97:0b:8f:3f:
4c:3b:b0:ab:1b:80:8f:17:5d:6e:20:f5:bf:ad:c1:
26:31:07:48:a6:ee:e1:75:b5:72:ed:64:18:eb:0e:
b2:66:ca:74:e5:f6:15:b5:78:46:9c:01:9c:f8:d5:
06:02:0a:9c:45:5a:cd:8e:8a:b0:96:ef:26:e4:18:
af:d4:fb:0b:32:c5:11:b9:18:6f:b8:a1:28:88:2e:
cd:ee:95:dc:16:6c:c2:31:dd:b6:2f:c3:8e:36:e3:
a8:16:36:b7:68:ca:54:9d:ec:10:27:16:95:9d:3b:
9a:35:bc:76:e4:e1:d9:d5:ea:46:46:e1:73:0c:9b:
83:13:a8:40:9e:b4:ae:60:c5:58:99:ea:82:38:fa:
8b:7e:73:fd:86:f2:7b:18:eb:f1:88:14:2c:6b:90:
a8:86:b2:a9:da:6a:45:a0:a4:46:65:2c:56:2e:57:
6b:a9:cb:9f:13:c4:c3:0b:f8:e6:e1:7f:90:34:4a:
ab:22:f7:5a:dc:bf:5a:c7:5e:2b:bc:bd:fb:c6:ec:
52:6e:65:dc:6c:9c:35:6c:0a:25:64:8b:7b:de:a6:
bb:c5:74:eb:18:1d:55:7a:1d:88:9a:bc:8e:8c:3b:
a3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:67:05:EB:92:C3:8A:70:2A:7E:2A:0B:55:A7:A0:C8:4B:DB:34:EB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/91034CA8070011F0A2504584762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.33.0/24
154.94.40.0/24
154.94.51.0/24
154.94.59.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:2c:17:28:45:f9:bb:6c:9c:e1:3b:2f:47:10:2f:e9:f9:fb:
b3:da:05:d5:34:a4:2f:d0:9c:2e:42:8a:24:0a:56:b3:d6:dd:
b3:45:e5:3d:32:9d:ae:69:d1:9d:eb:6a:6e:9f:e9:43:ae:ea:
89:72:41:7b:2f:82:41:c7:97:52:62:36:50:e9:bb:ed:54:f7:
5c:c0:db:d2:94:6e:08:a3:61:fe:a5:1e:42:7d:0d:68:ab:98:
27:a0:d9:87:de:a5:a1:ab:1a:8a:b3:a7:db:70:d2:f3:4f:5d:
ca:1d:16:66:7f:64:eb:4c:b3:b2:fb:37:77:92:20:83:20:5e:
e8:a8:28:5b:b7:46:73:98:43:9c:57:b6:97:c9:05:01:ee:11:
5b:18:d3:70:bc:21:13:33:07:70:be:fd:74:9b:8d:d8:61:e1:
90:25:99:ba:15:38:b0:62:64:f9:b0:7e:9d:a7:20:de:3c:6b:
c3:36:e7:8a:dd:ac:26:44:d6:b2:bb:94:54:b1:18:fa:32:c6:
ae:3f:7f:e7:76:bc:41:51:d7:6c:26:a6:7b:bf:fb:38:dc:49:
fc:5c:2b:27:3b:bb:10:91:8a:b8:26:ac:25:20:5a:9a:2e:2b:
59:d8:a9:0c:d2:b0:8f:ad:82:01:7f:cf:0d:b9:ad:fd:73:f0:
c6:7a:69:b2
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAXVsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzIyMDkzMjIzWhcNMjUwNDA5MDkzMjIzWjAYMRYw
FAYDVQQDEw02N2RlODNhYS0xNjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtDWH//F4lyT+6VruSoeO1lpTzvAgjcCONJcLjz9MO7CrG4CPF11uIPW/
rcEmMQdIpu7hdbVy7WQY6w6yZsp05fYVtXhGnAGc+NUGAgqcRVrNjoqwlu8m5Biv
1PsLMsURuRhvuKEoiC7N7pXcFmzCMd22L8OONuOoFja3aMpUnewQJxaVnTuaNbx2
5OHZ1epGRuFzDJuDE6hAnrSuYMVYmeqCOPqLfnP9hvJ7GOvxiBQsa5CohrKp2mpF
oKRGZSxWLldrqcufE8TDC/jm4X+QNEqrIvda3L9ax14rvL37xuxSbmXcbJw1bAol
ZIt73qa7xXTrGB1Veh2ImryOjDujzwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFABn
BeuSw4pwKn4qC1WnoMhL2zTrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MTAzNENBODA3MDAxMUYwQTI1MDQ1ODQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAml4hAwQAml4oAwQAml4z
AwQAml47MA0GCSqGSIb3DQEBCwUAA4IBAQCyLBcoRfm7bJzhOy9HEC/p+fuz2gXV
NKQv0JwuQookClaz1t2zReU9Mp2uadGd62pun+lDruqJckF7L4JBx5dSYjZQ6bvt
VPdcwNvSlG4Io2H+pR5CfQ1oq5gnoNmH3qWhqxqKs6fbcNLzT13KHRZmf2TrTLOy
+zd3kiCDIF7oqChbt0ZzmEOcV7aXyQUB7hFbGNNwvCETMwdwvv10m43YYeGQJZm6
FTiwYmT5sH6dpyDePGvDNueK3awmRNayu5RUsRj6MsauP3/ndrxBUddsJqZ7v/s4
3En8XCsnO7sQkYq4JqwlIFqaLitZ2KkM0rCPrYIBf88Nua39c/DGemmy
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:23:06 2025 by rpki-client