Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5CEB2DEE23F11EFA6BDF456762E951A.roa
File: A5CEB2DEE23F11EFA6BDF456762E951A.roa (raw, json)
Hash identifier: fdiPiYQkwG3O3hhw5hnlE+pbZs2l0FMtX7NN2DX4t3s=
Subject key identifier: 23:BF:71:AD:45:43:37:20:57:E0:16:55:F9:79:EF:AF:D9:65:33:CD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015027
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5CEB2DEE23F11EFA6BDF456762E951A.roa
Signing time: Mon 03 Feb 2025 15:00:46 +0000
ROA not before: Mon 03 Feb 2025 15:00:43 +0000
ROA not after: Wed 30 Apr 2025 15:00:43 +0000
asID: 150008
IP address blocks: 154.210.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86055 (0x15027)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 3 15:00:43 2025 GMT
Not After : Apr 30 15:00:43 2025 GMT
Subject: CN=67a0da1e-d333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:da:35:1b:a6:9d:17:fd:9d:2c:de:52:48:6b:
64:37:8e:a6:f4:aa:e8:13:ea:7a:e9:73:89:18:c8:
74:94:d1:92:43:84:55:91:ce:3e:32:3d:63:a9:f1:
d2:d3:3a:18:70:09:67:58:6e:e9:00:6f:e2:d4:a8:
8c:e7:e6:49:d6:6c:67:9a:d5:9c:49:51:5d:c1:de:
76:e6:d3:da:df:f2:c3:36:c3:d0:37:b6:8b:d4:b9:
d6:9c:02:fb:9a:33:f3:32:3c:d1:da:09:b5:74:e2:
ae:d6:3b:19:60:97:09:f6:40:36:bf:77:9d:96:e9:
c9:d2:c3:33:f0:68:96:63:00:b6:2e:61:d6:ab:d5:
fa:c8:93:0e:a2:5a:e3:5b:25:d2:5e:0c:fd:a1:82:
51:d1:53:99:53:01:0c:52:77:db:53:ee:f0:b9:7e:
e6:e6:e2:b8:54:15:22:9c:3b:c2:87:8d:0d:86:47:
60:15:07:b5:49:44:35:25:df:05:85:90:e1:67:a3:
37:7d:47:af:94:46:cc:79:12:06:4b:f2:d4:38:06:
20:fc:08:cc:8d:75:21:d8:41:7e:2a:b1:d8:1a:9e:
5a:df:73:ef:2d:05:93:f5:0f:54:b3:22:e4:e2:e8:
34:80:80:70:5e:93:6c:31:98:f5:e6:0c:fa:a6:6e:
88:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BF:71:AD:45:43:37:20:57:E0:16:55:F9:79:EF:AF:D9:65:33:CD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5CEB2DEE23F11EFA6BDF456762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.232.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:32:26:9c:9b:14:4c:75:c7:c3:5f:2e:dc:03:34:08:1f:b4:
ad:ea:d5:c8:2d:9f:88:1b:ce:af:28:8d:38:0b:83:37:37:e8:
ed:a0:fc:53:b0:4b:03:a5:7b:4a:27:61:d0:d5:13:08:0e:a2:
89:95:55:78:14:66:aa:a6:96:a9:fd:e9:22:18:76:60:6b:e7:
be:d0:a6:f3:c8:5a:a0:2e:2a:1a:11:43:85:22:9c:c9:86:89:
cf:df:92:12:66:11:fa:2b:41:d1:0a:3d:03:03:85:51:75:17:
84:b3:49:75:b3:67:4d:c9:df:95:af:d0:54:43:7b:34:71:e7:
f0:9e:82:33:bc:20:33:36:12:c6:6b:34:de:8e:4b:b3:2d:fc:
a9:42:92:dc:c6:d9:ed:3a:2c:e8:f2:2c:56:2c:c6:ab:bc:5d:
5b:0a:3c:83:ca:a0:af:1d:5f:a9:b6:2b:f4:34:e3:f1:4a:79:
38:43:14:9a:82:4e:74:8e:44:46:3e:4f:24:dc:2b:cf:7b:cd:
93:97:53:e9:bd:a9:c1:14:90:9b:0b:c9:9a:b0:0a:e4:2f:6c:
3f:f4:74:71:d4:8c:be:70:4e:e9:1d:f9:98:2c:43:d9:f4:cc:
72:a6:71:29:e3:ca:72:bb:0e:4c:4b:85:cc:c7:39:07:7c:a5:
a4:68:f7:85
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVAnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjAzMTUwMDQzWhcNMjUwNDMwMTUwMDQzWjAYMRYw
FAYDVQQDEw02N2EwZGExZS1kMzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxdo1G6adF/2dLN5SSGtkN46m9KroE+p66XOJGMh0lNGSQ4RVkc4+Mj1j
qfHS0zoYcAlnWG7pAG/i1KiM5+ZJ1mxnmtWcSVFdwd525tPa3/LDNsPQN7aL1LnW
nAL7mjPzMjzR2gm1dOKu1jsZYJcJ9kA2v3edlunJ0sMz8GiWYwC2LmHWq9X6yJMO
olrjWyXSXgz9oYJR0VOZUwEMUnfbU+7wuX7m5uK4VBUinDvCh40NhkdgFQe1SUQ1
Jd8FhZDhZ6M3fUevlEbMeRIGS/LUOAYg/AjMjXUh2EF+KrHYGp5a33PvLQWT9Q9U
syLk4ug0gIBwXpNsMZj15gz6pm6IbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCO/
ca1FQzcgV+AWVfl576/ZZTPNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNUNFQjJERUUyM0YxMUVGQTZCREY0NTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtLoMA0GCSqGSIb3DQEB
CwUAA4IBAQAvMiacmxRMdcfDXy7cAzQIH7St6tXILZ+IG86vKI04C4M3N+jtoPxT
sEsDpXtKJ2HQ1RMIDqKJlVV4FGaqppap/ekiGHZga+e+0KbzyFqgLioaEUOFIpzJ
honP35ISZhH6K0HRCj0DA4VRdReEs0l1s2dNyd+Vr9BUQ3s0cefwnoIzvCAzNhLG
azTejkuzLfypQpLcxtntOizo8ixWLMarvF1bCjyDyqCvHV+ptiv0NOPxSnk4QxSa
gk50jkRGPk8k3CvPe82Tl1PpvanBFJCbC8masArkL2w/9HRx1Iy+cE7pHfmYLEPZ
9MxypnEp48pyuw5MS4XMxzkHfKWkaPeF
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:49:08 2025 by rpki-client