Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2E36B6CC90E11EFBF5CDC97762E951A.roa
File: B2E36B6CC90E11EFBF5CDC97762E951A.roa (raw, json)
Hash identifier: FrZ4x4vuzg1kLTXKpLO4shlHE2Kl76xR/OHHDsl8vr4=
Subject key identifier: 20:B3:B8:58:2C:2E:CB:8E:9C:89:3C:5D:CD:4F:AE:94:2E:45:D6:1B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013295
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2E36B6CC90E11EFBF5CDC97762E951A.roa
Signing time: Thu 02 Jan 2025 13:37:24 +0000
ROA not before: Thu 02 Jan 2025 13:37:20 +0000
ROA not after: Mon 13 Dec 2027 13:37:20 +0000
asID: 17561
IP address blocks: 154.221.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78485 (0x13295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 13:37:20 2025 GMT
Not After : Dec 13 13:37:20 2027 GMT
Subject: CN=67769694-1e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:50:ef:8b:47:46:3e:be:7d:ae:e9:14:c9:fd:
24:5f:09:42:64:fd:91:72:96:a1:32:7e:ca:82:6e:
20:5d:29:f9:ea:b5:d1:04:2f:81:32:ed:fb:aa:b3:
f9:8c:98:61:3f:d9:f4:b2:4f:19:38:5e:d0:d5:ef:
bb:2e:c0:d5:40:be:ae:2b:40:0d:8c:84:e1:7d:07:
0d:09:01:52:2d:92:58:e7:02:47:58:09:94:49:48:
10:f6:40:a8:d5:9c:2d:69:98:7f:e8:85:7f:c4:d4:
42:03:e2:3d:a2:b1:bb:7f:a8:55:1a:23:b9:c1:df:
75:73:af:82:52:d9:96:f0:da:a7:25:d2:bc:bd:c2:
00:10:5b:2b:c2:2d:46:e0:db:75:b6:fe:c0:dc:ab:
92:3f:88:f6:ab:f2:d7:c0:49:c8:13:1f:62:f9:0a:
10:d5:9e:16:3f:36:c0:b5:0a:5c:08:6e:ba:cc:0a:
31:a9:99:f4:ba:9c:3b:ab:c7:a9:eb:95:aa:28:5d:
ee:ee:bb:ab:84:61:91:5d:3b:a3:e3:32:3d:e9:cc:
1b:b4:4c:bc:a3:8d:3e:0d:e4:d6:3c:4d:1d:d0:02:
6c:72:ce:e4:9a:79:9a:01:2c:68:2f:88:32:48:55:
bd:48:53:c7:f0:fd:43:0c:0f:69:bb:9e:5a:c8:f4:
09:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:B3:B8:58:2C:2E:CB:8E:9C:89:3C:5D:CD:4F:AE:94:2E:45:D6:1B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B2E36B6CC90E11EFBF5CDC97762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.215.0/24
Signature Algorithm: sha256WithRSAEncryption
10:f1:b3:d1:bb:dc:84:6c:fa:2a:aa:6a:5a:25:37:4b:f6:39:
5c:57:9e:2c:ee:4e:a1:fd:7e:dc:cb:54:4a:69:96:7b:38:f9:
3d:db:5d:70:29:ef:9e:d0:ad:21:42:16:3b:0e:f9:ca:cd:4b:
a2:12:3c:66:77:28:f3:60:0e:c8:03:21:c8:4d:10:c9:00:e8:
e9:ae:ce:4a:80:50:f3:83:9a:bf:68:80:cc:2f:d2:9c:54:73:
17:f4:50:2a:5c:7f:38:d9:93:8a:39:66:cb:6b:6a:16:64:7a:
c0:f7:f3:eb:c8:e7:4b:07:e8:ae:4f:d8:8f:8d:d2:f0:95:cc:
b4:88:04:9f:7f:6e:5b:ea:3a:0a:d0:ae:4f:be:f4:25:14:a3:
0f:72:ea:29:5c:3c:57:cc:a7:24:59:cc:07:ce:a4:6a:ea:17:
d9:a8:b7:80:eb:99:74:2e:33:ed:d1:0a:88:46:10:00:c9:6d:
ac:71:31:d3:88:79:ee:5b:72:45:6b:e2:cb:1d:4a:e5:42:87:
59:4c:9f:8f:8f:c7:53:5a:53:d7:e6:69:c7:87:3b:f1:c1:9e:
a1:86:c1:ca:92:f5:90:44:7f:d4:a4:2d:56:9b:fc:09:3e:00:
3c:a2:eb:75:ce:b9:1f:4e:d7:23:dd:63:30:86:c9:0b:a7:cf:
bc:fe:89:b0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATKVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTMzNzIwWhcNMjcxMjEzMTMzNzIwWjAYMRYw
FAYDVQQDEw02Nzc2OTY5NC0xZThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuVDvi0dGPr59rukUyf0kXwlCZP2RcpahMn7Kgm4gXSn56rXRBC+BMu37
qrP5jJhhP9n0sk8ZOF7Q1e+7LsDVQL6uK0ANjIThfQcNCQFSLZJY5wJHWAmUSUgQ
9kCo1ZwtaZh/6IV/xNRCA+I9orG7f6hVGiO5wd91c6+CUtmW8NqnJdK8vcIAEFsr
wi1G4Nt1tv7A3KuSP4j2q/LXwEnIEx9i+QoQ1Z4WPzbAtQpcCG66zAoxqZn0upw7
q8ep65WqKF3u7rurhGGRXTuj4zI96cwbtEy8o40+DeTWPE0d0AJscs7kmnmaASxo
L4gySFW9SFPH8P1DDA9pu55ayPQJqwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCCz
uFgsLsuOnIk8Xc1PrpQuRdYbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CMkUzNkI2Q0M5MEUxMUVGQkY1Q0RDOTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3XMA0GCSqGSIb3DQEB
CwUAA4IBAQAQ8bPRu9yEbPoqqmpaJTdL9jlcV54s7k6h/X7cy1RKaZZ7OPk9211w
Ke+e0K0hQhY7DvnKzUuiEjxmdyjzYA7IAyHITRDJAOjprs5KgFDzg5q/aIDML9Kc
VHMX9FAqXH842ZOKOWbLa2oWZHrA9/PryOdLB+iuT9iPjdLwlcy0iASff25b6joK
0K5PvvQlFKMPcuopXDxXzKckWcwHzqRq6hfZqLeA65l0LjPt0QqIRhAAyW2scTHT
iHnuW3JFa+LLHUrlQodZTJ+Pj8dTWlPX5mnHhzvxwZ6hhsHKkvWQRH/UpC1Wm/wJ
PgA8out1zrkfTtcj3WMwhskLp8+8/omw
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:13:22 2025 by rpki-client