Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD7369A0F61511EF86EAFE64762E951A.roa
File: AD7369A0F61511EF86EAFE64762E951A.roa (raw, json)
Hash identifier: Q2TiTEO+ocy/GC1hTMk2px2MAUsqYP1B4SoD+Lmur+8=
Subject key identifier: 54:36:3E:65:A2:FA:60:1F:B3:50:18:82:F2:D4:37:A2:D3:03:D0:FA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016C0B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD7369A0F61511EF86EAFE64762E951A.roa
Signing time: Fri 28 Feb 2025 20:50:44 +0000
ROA not before: Fri 28 Feb 2025 20:50:40 +0000
ROA not after: Sun 13 Apr 2025 20:50:40 +0000
asID: 138915
IP address blocks: 154.206.70.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93195 (0x16c0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 28 20:50:40 2025 GMT
Not After : Apr 13 20:50:40 2025 GMT
Subject: CN=67c221a4-d569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7c:98:82:6e:12:a9:ab:dc:76:fc:32:0f:d9:
bc:da:31:11:4f:be:a0:43:09:a4:a8:01:cd:f2:b3:
97:1a:15:da:c7:1b:95:2e:24:91:1a:7e:be:be:a8:
23:1e:2c:94:77:e8:e1:8a:5f:4f:14:97:27:cf:a0:
81:af:84:9d:72:13:ee:ed:ff:17:16:52:d6:3c:37:
d9:ae:db:e1:f4:2c:d9:1b:8d:89:5d:23:92:a0:67:
ed:fe:d7:bd:f3:be:25:dd:85:36:bb:23:30:96:17:
e7:98:9f:6d:0f:bf:c4:44:e5:0a:19:07:97:ae:65:
ce:0a:bc:ba:55:7a:10:2b:4a:e9:f0:4d:37:17:ba:
53:0e:8c:35:71:6a:33:c6:13:3d:9f:53:5c:7a:bf:
ca:0f:39:8b:04:39:f3:da:01:c6:00:c9:40:5c:fb:
4b:97:a6:bd:17:6c:99:cd:d3:a1:1b:ba:53:78:98:
01:f4:40:82:56:47:e8:49:61:e0:1b:81:53:76:06:
92:29:e3:4a:87:61:03:92:fb:97:ee:86:7f:45:db:
c4:87:ad:b0:a5:c6:d9:9a:37:6e:a1:15:ae:80:54:
d0:0e:56:3b:a6:ed:af:83:39:1d:d9:e7:6d:4a:96:
e7:66:ea:0e:7e:01:1c:6e:c6:0a:bc:f4:31:cf:4f:
bf:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:36:3E:65:A2:FA:60:1F:B3:50:18:82:F2:D4:37:A2:D3:03:D0:FA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/AD7369A0F61511EF86EAFE64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.70.0/23
Signature Algorithm: sha256WithRSAEncryption
32:2b:4b:1d:93:4d:a1:9f:9f:58:d8:fb:bf:d2:7f:28:a2:54:
cc:0d:f6:16:47:12:23:4e:85:cf:37:40:ea:8d:71:b2:94:d4:
2d:5b:3e:1d:03:d6:ef:c7:eb:e5:47:c2:e4:b6:60:8d:53:04:
af:7e:72:55:8f:7f:55:cc:9e:c8:c3:da:5b:5b:7e:e1:3b:af:
96:5e:2d:0b:e0:f6:f6:7f:91:e0:84:b4:f0:a6:df:2d:38:23:
ee:64:ad:c7:a3:ef:fc:21:4f:8d:8e:e1:97:39:77:cf:14:c9:
d2:22:98:6c:3c:e3:e2:2c:95:0a:4d:e4:b4:72:e9:6b:d6:8f:
f3:1d:f0:14:42:90:00:eb:f8:52:a9:29:10:60:28:fe:27:b1:
d8:9a:08:81:be:1d:eb:3c:3d:20:f5:26:45:a7:f4:6a:c2:5c:
fb:32:3f:f6:ad:f7:80:6d:a2:b8:42:36:15:db:02:34:40:ad:
31:5b:50:88:33:eb:03:14:2a:d7:43:3f:21:85:95:3b:c3:27:
e5:5c:2a:fa:67:27:fc:89:54:c1:af:30:6d:87:20:e0:00:9f:
4d:07:54:10:18:c3:8d:32:34:14:a4:06:9f:5e:b4:f1:f4:07:
48:4b:3a:97:04:00:ea:b0:12:90:ee:18:19:6b:00:64:6e:de:
f8:7e:79:c2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWwLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI4MjA1MDQwWhcNMjUwNDEzMjA1MDQwWjAYMRYw
FAYDVQQDEw02N2MyMjFhNC1kNTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5nyYgm4SqavcdvwyD9m82jERT76gQwmkqAHN8rOXGhXaxxuVLiSRGn6+
vqgjHiyUd+jhil9PFJcnz6CBr4SdchPu7f8XFlLWPDfZrtvh9CzZG42JXSOSoGft
/te9874l3YU2uyMwlhfnmJ9tD7/EROUKGQeXrmXOCry6VXoQK0rp8E03F7pTDow1
cWozxhM9n1Ncer/KDzmLBDnz2gHGAMlAXPtLl6a9F2yZzdOhG7pTeJgB9ECCVkfo
SWHgG4FTdgaSKeNKh2EDkvuX7oZ/RdvEh62wpcbZmjduoRWugFTQDlY7pu2vgzkd
2edtSpbnZuoOfgEcbsYKvPQxz0+/FQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFQ2
PmWi+mAfs1AYgvLUN6LTA9D6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BRDczNjlBMEY2MTUxMUVGODZFQUZFNjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBms5GMA0GCSqGSIb3DQEB
CwUAA4IBAQAyK0sdk02hn59Y2Pu/0n8oolTMDfYWRxIjToXPN0DqjXGylNQtWz4d
A9bvx+vlR8LktmCNUwSvfnJVj39VzJ7Iw9pbW37hO6+WXi0L4Pb2f5HghLTwpt8t
OCPuZK3Ho+/8IU+NjuGXOXfPFMnSIphsPOPiLJUKTeS0culr1o/zHfAUQpAA6/hS
qSkQYCj+J7HYmgiBvh3rPD0g9SZFp/Rqwlz7Mj/2rfeAbaK4QjYV2wI0QK0xW1CI
M+sDFCrXQz8hhZU7wyflXCr6Zyf8iVTBrzBthyDgAJ9NB1QQGMONMjQUpAafXrTx
9AdISzqXBADqsBKQ7hgZawBkbt74fnnC
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:47:09 2025 by rpki-client