Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2F2BC3A0CB111F09CA21857762E951A.roa
File: A2F2BC3A0CB111F09CA21857762E951A.roa (raw, json)
Hash identifier: mI+G0gMUjtJzNzPN3MXAnfj376eT2o5ZHBQatP5/tZ0=
Subject key identifier: AA:B5:9C:D5:42:D7:6C:AF:64:D6:16:68:BE:06:A1:8C:30:8D:91:2A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176B1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2F2BC3A0CB111F09CA21857762E951A.roa
Signing time: Sat 29 Mar 2025 15:22:33 +0000
ROA not before: Sat 29 Mar 2025 15:22:29 +0000
ROA not after: Sun 06 Apr 2025 15:22:29 +0000
asID: 23930
IP address blocks: 154.206.4.0/24 maxlen: 24
154.206.5.0/24 maxlen: 24
154.206.6.0/24 maxlen: 24
154.206.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 15:22:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95921 (0x176b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 15:22:29 2025 GMT
Not After : Apr 6 15:22:29 2025 GMT
Subject: CN=67e81039-e1fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:75:36:a4:1b:2f:ea:13:e3:8b:4d:dd:70:62:
5b:38:f3:ee:1f:0c:ce:b0:d6:12:c8:14:a3:39:4d:
ce:d2:f0:66:bb:9c:49:95:cc:01:1e:5c:0b:4d:0f:
ec:b3:6b:5c:f8:e3:45:a5:8b:c0:3c:f2:aa:5f:29:
90:b1:61:bb:58:3a:6e:62:0e:22:1e:59:e8:e4:76:
a8:c8:df:6a:2a:9a:fd:09:d2:24:e0:d3:03:46:0b:
81:12:36:cf:04:84:5e:12:56:22:3b:67:b3:33:e6:
5a:3f:64:33:89:1c:bc:ff:d8:79:ca:0c:d7:f8:3c:
9d:99:de:90:1b:b2:2d:a4:c6:e5:1e:67:1a:f9:70:
33:49:b9:55:cb:c6:04:c5:57:4a:59:fc:eb:2c:f9:
be:7a:48:c0:46:89:31:71:cb:b1:a6:a2:b9:bf:04:
9b:cb:ee:8e:51:ae:39:33:6a:d5:7d:bb:08:48:3c:
50:1a:e7:14:7f:e5:ad:de:ab:01:5f:ab:19:d2:77:
7e:c6:ea:d8:ad:a6:44:4f:6a:1f:9f:e3:a4:db:fe:
66:6a:1b:05:12:d0:cd:2f:4a:92:7d:bb:db:95:81:
24:bc:a7:ca:de:9f:56:9a:d0:9d:18:80:40:bd:0d:
b9:47:fc:0a:fd:64:66:35:64:00:b6:0f:f5:ac:8d:
34:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B5:9C:D5:42:D7:6C:AF:64:D6:16:68:BE:06:A1:8C:30:8D:91:2A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2F2BC3A0CB111F09CA21857762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.4.0/22
Signature Algorithm: sha256WithRSAEncryption
af:4c:a1:94:52:68:72:63:e5:c7:09:ee:a4:af:d0:ac:22:86:
5a:93:a6:ac:34:e0:b5:e0:1c:cf:e8:39:67:b4:91:61:7b:e6:
24:67:6d:aa:fa:db:cc:61:69:03:17:70:22:7c:43:91:d3:18:
61:2a:3a:86:9c:93:37:1f:09:ab:f5:d2:36:f7:43:3d:2c:e9:
81:2b:44:fd:c3:0b:6e:4b:89:d5:93:71:f1:0c:9f:a2:28:a3:
84:92:29:ef:06:a1:3c:0a:d4:70:5b:7d:a1:7a:08:69:f4:55:
b5:5d:ab:85:2c:78:db:4b:f6:2c:bd:f2:25:17:44:43:7f:57:
09:7f:01:60:87:e5:5e:20:52:21:fa:68:35:ff:50:62:38:53:
55:ba:d8:fa:fa:75:2d:fd:b6:a0:03:af:70:66:cc:e4:f8:16:
0e:e2:43:33:bd:a7:e8:00:2d:c1:4e:13:4f:ca:29:3b:bb:99:
dd:08:a4:d5:00:05:16:1d:d2:40:27:bc:7d:37:10:f4:1e:ec:
e5:38:56:bc:5d:f8:87:25:7c:a5:9b:82:20:eb:51:47:a0:92:
f0:3d:0f:ea:04:57:01:18:df:9a:83:c3:06:89:25:c7:f6:33:
30:e2:a5:35:97:1c:ce:0e:59:f0:c3:77:26:4b:81:a8:50:8d:
ef:72:9d:f0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXaxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTUyMjI5WhcNMjUwNDA2MTUyMjI5WjAYMRYw
FAYDVQQDEw02N2U4MTAzOS1lMWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzHU2pBsv6hPji03dcGJbOPPuHwzOsNYSyBSjOU3O0vBmu5xJlcwBHlwL
TQ/ss2tc+ONFpYvAPPKqXymQsWG7WDpuYg4iHlno5HaoyN9qKpr9CdIk4NMDRguB
EjbPBIReElYiO2ezM+ZaP2QziRy8/9h5ygzX+Dydmd6QG7ItpMblHmca+XAzSblV
y8YExVdKWfzrLPm+ekjARokxccuxpqK5vwSby+6OUa45M2rVfbsISDxQGucUf+Wt
3qsBX6sZ0nd+xurYraZET2ofn+Ok2/5mahsFEtDNL0qSfbvblYEkvKfK3p9WmtCd
GIBAvQ25R/wK/WRmNWQAtg/1rI002wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKq1
nNVC12yvZNYWaL4GoYwwjZEqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMkYyQkMzQTBDQjExMUYwOUNBMjE4NTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms4EMA0GCSqGSIb3DQEB
CwUAA4IBAQCvTKGUUmhyY+XHCe6kr9CsIoZak6asNOC14BzP6DlntJFhe+YkZ22q
+tvMYWkDF3AifEOR0xhhKjqGnJM3Hwmr9dI290M9LOmBK0T9wwtuS4nVk3HxDJ+i
KKOEkinvBqE8CtRwW32heghp9FW1XauFLHjbS/YsvfIlF0RDf1cJfwFgh+VeIFIh
+mg1/1BiOFNVutj6+nUt/bagA69wZszk+BYO4kMzvafoAC3BThNPyik7u5ndCKTV
AAUWHdJAJ7x9NxD0HuzlOFa8XfiHJXylm4Ig61FHoJLwPQ/qBFcBGN+ag8MGiSXH
9jMw4qU1lxzODlnww3cmS4GoUI3vcp3w
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:51:52 2025 by rpki-client