Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9925633CC26611EF86F3B74B762E951A.roa
File: 9925633CC26611EF86F3B74B762E951A.roa (raw, json)
Hash identifier: 6a/Q+wLi6ASh09yYeFt3Bm7MnSQ/XgIO1/MymMjYxMQ=
Subject key identifier: B1:EF:38:3F:C8:50:DF:CC:00:D7:D8:3B:88:C2:DC:67:19:ED:81:DD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0123F0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9925633CC26611EF86F3B74B762E951A.roa
Signing time: Wed 25 Dec 2024 02:18:58 +0000
ROA not before: Wed 25 Dec 2024 02:18:55 +0000
ROA not after: Wed 10 Dec 2025 02:18:55 +0000
asID: 984
IP address blocks: 154.199.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74736 (0x123f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 02:18:55 2024 GMT
Not After : Dec 10 02:18:55 2025 GMT
Subject: CN=676b6b92-8ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2a:a0:80:97:08:7b:2b:a1:63:bd:f4:f5:9a:
97:6a:ac:12:a6:a1:85:ce:8e:33:b5:db:4b:cf:62:
58:38:56:bc:18:ff:93:30:fb:65:dd:e3:a8:c7:f5:
26:e5:d3:00:5c:3f:b3:2d:52:ea:88:87:d1:50:6d:
f2:de:67:be:a7:69:be:cd:7f:3f:7c:b0:39:b0:5c:
ea:07:80:e1:2b:1a:28:b0:5d:2b:fa:1f:65:32:58:
9b:3e:f6:18:9c:b6:93:40:96:bd:7f:19:13:c0:f7:
b7:7f:e7:01:ca:5c:ac:d3:27:68:5e:4e:ae:2b:98:
fe:f7:5e:b7:1a:6a:fb:61:d6:70:ad:d7:c3:3e:c4:
39:5b:7c:33:59:b0:5a:07:c5:9f:bc:cd:4e:2b:68:
36:53:de:e2:4f:e1:54:5d:92:2a:15:2d:87:95:a4:
75:56:d0:82:2c:76:51:83:0d:e9:ce:b8:75:2c:a5:
51:16:1e:db:7f:d4:87:3a:9d:10:4e:8c:47:82:cd:
ba:92:e4:04:45:a7:d3:1b:6d:a7:b0:64:e7:a5:47:
9c:7e:3d:36:04:72:57:5f:ba:92:0a:e3:a8:a6:d8:
05:7e:40:45:de:40:a5:f1:00:39:7f:63:72:18:d1:
e9:fd:be:06:5f:1f:6d:dc:a2:94:a6:fa:63:b1:35:
40:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:EF:38:3F:C8:50:DF:CC:00:D7:D8:3B:88:C2:DC:67:19:ED:81:DD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9925633CC26611EF86F3B74B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.201.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:d8:dc:61:ae:5e:fd:64:4c:60:76:7f:ee:43:07:8a:e3:39:
b9:9e:af:28:9d:b2:5c:af:a8:99:e7:29:78:89:50:8b:3e:ea:
11:04:5e:06:bc:b1:21:6d:6f:9a:df:7e:ef:2a:83:66:6e:b9:
c0:00:e6:3c:3f:ea:ff:c5:fa:2c:e3:48:86:95:65:03:50:33:
e0:81:05:25:99:c0:64:ce:ef:cb:2a:7b:b4:2e:d1:32:da:3a:
79:c6:b7:9b:b2:aa:b4:e1:33:04:cd:ef:7e:e7:7e:ac:b0:ea:
c0:18:fe:2b:ed:65:0b:7f:e0:1a:cd:7f:6e:0b:9f:2a:02:3d:
3d:e3:1b:04:28:af:55:ed:98:3a:c2:b2:1b:1d:3f:a1:c2:17:
65:8d:c4:66:48:8a:a0:ce:0b:02:28:71:b5:e5:f3:11:80:27:
39:3b:61:a7:dd:8d:3e:de:10:68:e5:c7:55:8e:e6:90:f6:22:
ca:63:88:24:75:30:e1:39:3e:5f:43:0a:ff:b8:d3:0c:69:b5:
29:a8:3a:b2:52:e5:72:9d:81:97:df:cf:fc:fa:e9:79:75:ff:
bc:f0:21:98:39:88:54:72:7b:d3:4a:1c:4c:ad:6a:ff:1c:42:
8f:af:35:36:14:91:60:8b:ba:72:08:e1:cb:61:60:ed:e4:eb:
64:48:f5:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASPwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDIxODU1WhcNMjUxMjEwMDIxODU1WjAYMRYw
FAYDVQQDEw02NzZiNmI5Mi04Y2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAviqggJcIeyuhY7309ZqXaqwSpqGFzo4ztdtLz2JYOFa8GP+TMPtl3eOo
x/Um5dMAXD+zLVLqiIfRUG3y3me+p2m+zX8/fLA5sFzqB4DhKxoosF0r+h9lMlib
PvYYnLaTQJa9fxkTwPe3f+cBylys0ydoXk6uK5j+9163Gmr7YdZwrdfDPsQ5W3wz
WbBaB8WfvM1OK2g2U97iT+FUXZIqFS2HlaR1VtCCLHZRgw3pzrh1LKVRFh7bf9SH
Op0QToxHgs26kuQERafTG22nsGTnpUecfj02BHJXX7qSCuOoptgFfkBF3kCl8QA5
f2NyGNHp/b4GXx9t3KKUpvpjsTVAdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLHv
OD/IUN/MANfYO4jC3GcZ7YHdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85OTI1NjMzQ0MyNjYxMUVGODZGM0I3NEI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsfJMA0GCSqGSIb3DQEB
CwUAA4IBAQBf2Nxhrl79ZExgdn/uQweK4zm5nq8onbJcr6iZ5yl4iVCLPuoRBF4G
vLEhbW+a337vKoNmbrnAAOY8P+r/xfos40iGlWUDUDPggQUlmcBkzu/LKnu0LtEy
2jp5xrebsqq04TMEze9+536ssOrAGP4r7WULf+AazX9uC58qAj094xsEKK9V7Zg6
wrIbHT+hwhdljcRmSIqgzgsCKHG15fMRgCc5O2Gn3Y0+3hBo5cdVjuaQ9iLKY4gk
dTDhOT5fQwr/uNMMabUpqDqyUuVynYGX38/8+ul5df+88CGYOYhUcnvTShxMrWr/
HEKPrzU2FJFgi7pyCOHLYWDt5OtkSPUc
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:46 2025 by rpki-client