Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCC6EE52CDDB11EFA199A5A8762E951A.roa
File: BCC6EE52CDDB11EFA199A5A8762E951A.roa (raw, json)
Hash identifier: anTiIZx6d1QWvjdOZq/FjA8vXu3phdi2+876seGWS1U=
Subject key identifier: 3A:45:FC:E0:1E:76:FB:E0:4A:DE:89:D7:8E:9D:82:79:04:1A:C7:A2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013797
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCC6EE52CDDB11EFA199A5A8762E951A.roa
Signing time: Wed 08 Jan 2025 16:15:12 +0000
ROA not before: Wed 08 Jan 2025 16:15:08 +0000
ROA not after: Sat 03 Jan 2026 16:15:08 +0000
asID: 984
IP address blocks: 154.89.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79767 (0x13797)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 16:15:08 2025 GMT
Not After : Jan 3 16:15:08 2026 GMT
Subject: CN=677ea490-5cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6e:32:8d:a2:c9:ef:66:d6:85:8c:ce:16:b6:
f8:f7:17:3f:32:f7:d3:1c:e6:a4:d4:3b:c9:68:bb:
11:f3:4d:d1:ec:60:1b:ed:5c:29:3f:4d:4c:e4:ae:
1b:b8:11:33:63:78:54:fa:45:64:c0:ae:eb:f0:61:
e6:e3:05:bd:ea:26:58:47:fe:50:bd:70:e1:c3:c2:
2c:d7:5f:a1:69:0b:31:8f:64:af:b4:a9:17:dc:86:
95:9a:28:d4:b2:0a:fa:a4:45:87:ad:99:c3:f3:d2:
6f:37:fb:f9:7b:6e:4f:f1:b2:3e:9e:6c:91:63:be:
bd:c8:6b:8e:32:36:aa:d7:62:85:0d:69:8a:84:af:
4c:84:2e:e9:60:52:26:a1:b9:c9:bf:79:b6:64:97:
9d:fe:1c:a6:02:aa:05:3b:f1:bf:9d:87:ce:44:10:
73:3b:22:36:4a:97:2c:eb:d5:1b:b4:74:3a:15:a8:
48:29:f6:37:ee:e8:89:b4:56:99:30:d5:0f:aa:71:
1e:da:c1:72:5e:21:52:5c:b1:2c:12:1f:2c:1f:ec:
7f:8b:ee:ea:08:f7:44:54:24:22:b7:c2:ef:e5:85:
06:7e:a2:ff:c4:6f:41:ad:90:f3:33:52:10:f8:7c:
99:33:de:86:01:3e:f3:d6:62:c0:e4:4d:61:f3:63:
56:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:45:FC:E0:1E:76:FB:E0:4A:DE:89:D7:8E:9D:82:79:04:1A:C7:A2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCC6EE52CDDB11EFA199A5A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.154.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:2f:71:fe:83:1b:c2:6a:05:65:da:15:b5:73:56:ca:b6:c6:
3f:73:a1:bb:85:bf:b2:ce:b0:1b:f5:6e:00:dc:a0:51:85:31:
81:6d:19:44:8a:82:01:b5:28:e9:a0:fc:b1:f7:82:3e:b6:7f:
23:81:5a:ff:b7:97:6b:47:17:21:0c:81:1a:c6:6f:54:2f:2e:
79:ac:57:e5:b8:e3:cd:00:38:fd:03:c9:83:fb:db:79:f5:e9:
b9:cf:7e:e6:d8:32:e6:0a:27:74:18:6e:b1:1c:b5:05:f6:f1:
97:aa:f3:39:ab:39:8b:55:46:fa:c0:4c:eb:e9:27:58:20:e3:
5d:3a:2d:23:22:5c:4e:59:77:68:8f:70:c4:8c:e0:74:9c:24:
86:a0:b5:c8:55:84:d4:50:5f:3e:2e:c2:66:ec:8e:43:fa:88:
9a:d1:93:62:3d:2a:e9:fb:61:e0:94:0d:55:e6:0c:ed:3b:2c:
ff:a3:02:84:56:d3:cd:77:3d:7f:e4:98:f8:fc:8c:88:7b:39:
ab:47:d5:1c:c2:7a:3e:94:33:3d:64:27:df:fb:ec:80:fa:e6:
ba:1d:c2:b1:24:c3:ae:07:af:0e:6e:ad:b1:55:d4:c4:65:d9:
90:bc:1a:ae:4a:3b:04:f2:69:13:b2:64:3b:9f:30:d2:21:ee:
69:89:97:39
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATeXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTYxNTA4WhcNMjYwMTAzMTYxNTA4WjAYMRYw
FAYDVQQDEw02NzdlYTQ5MC01Y2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv24yjaLJ72bWhYzOFrb49xc/MvfTHOak1DvJaLsR803R7GAb7VwpP01M
5K4buBEzY3hU+kVkwK7r8GHm4wW96iZYR/5QvXDhw8Is11+haQsxj2SvtKkX3IaV
mijUsgr6pEWHrZnD89JvN/v5e25P8bI+nmyRY769yGuOMjaq12KFDWmKhK9MhC7p
YFImobnJv3m2ZJed/hymAqoFO/G/nYfORBBzOyI2Spcs69UbtHQ6FahIKfY37uiJ
tFaZMNUPqnEe2sFyXiFSXLEsEh8sH+x/i+7qCPdEVCQit8Lv5YUGfqL/xG9BrZDz
M1IQ+HyZM96GAT7z1mLA5E1h82NW3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDpF
/OAedvvgSt6J146dgnkEGseiMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQ0M2RUU1MkNEREIxMUVGQTE5OUE1QTg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlmaMA0GCSqGSIb3DQEB
CwUAA4IBAQCeL3H+gxvCagVl2hW1c1bKtsY/c6G7hb+yzrAb9W4A3KBRhTGBbRlE
ioIBtSjpoPyx94I+tn8jgVr/t5drRxchDIEaxm9ULy55rFfluOPNADj9A8mD+9t5
9em5z37m2DLmCid0GG6xHLUF9vGXqvM5qzmLVUb6wEzr6SdYIONdOi0jIlxOWXdo
j3DEjOB0nCSGoLXIVYTUUF8+LsJm7I5D+oia0ZNiPSrp+2HglA1V5gztOyz/owKE
VtPNdz1/5Jj4/IyIezmrR9Ucwno+lDM9ZCff++yA+ua6HcKxJMOuB68Obq2xVdTE
ZdmQvBquSjsE8mkTsmQ7nzDSIe5piZc5
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:01:39 2025 by rpki-client