Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCDFC93CC3DA11EFAEA36C80762E951A.roa
File: BCDFC93CC3DA11EFAEA36C80762E951A.roa (raw, json)
Hash identifier: ZrewOZSHGXvik5PJVThLTTiCXBhsdfAN1vSYRssA9Ww=
Subject key identifier: 99:7C:CC:24:02:99:AE:AF:1A:EE:C9:E7:78:A4:8F:90:2D:DE:D6:0C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0128A2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCDFC93CC3DA11EFAEA36C80762E951A.roa
Signing time: Thu 26 Dec 2024 22:42:51 +0000
ROA not before: Thu 26 Dec 2024 22:42:47 +0000
ROA not after: Fri 12 Dec 2025 22:42:47 +0000
asID: 984
IP address blocks: 154.85.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75938 (0x128a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 22:42:47 2024 GMT
Not After : Dec 12 22:42:47 2025 GMT
Subject: CN=676ddbeb-ff5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:56:a3:fe:1b:f5:64:28:54:dc:15:9a:3c:ca:
3a:9d:07:d7:57:60:e1:c3:32:80:8c:1c:f1:8e:1d:
99:73:36:d5:78:cc:8f:1a:f9:27:20:17:49:c5:d9:
01:17:01:d7:4a:9a:44:b1:70:c3:7f:42:15:1a:1d:
48:83:fc:87:be:a2:1c:36:ce:7c:2b:fb:6e:58:10:
39:42:ca:34:16:77:fb:8d:51:37:43:ee:4a:6d:71:
f2:40:36:93:a0:25:10:3c:f7:cb:b4:37:10:39:23:
fe:9e:86:f8:f7:0c:ea:2d:00:8c:cc:ac:d5:b8:fd:
e2:64:dd:53:88:8c:b7:ba:23:46:72:7b:d5:df:82:
48:29:f6:6e:18:81:82:44:8b:42:93:d1:a3:24:53:
7b:bb:09:e4:53:a4:33:24:12:d7:2c:2e:b2:f8:2c:
75:81:6e:4c:99:f7:69:c0:fc:d1:82:27:b2:b2:91:
11:d2:2e:87:7d:1a:84:02:22:6c:0f:23:74:af:e3:
ac:a3:fa:65:a9:87:9e:72:6c:d8:b6:da:ad:0e:32:
bc:28:b2:76:38:eb:00:84:15:57:4f:74:c6:a6:ae:
ff:10:8a:76:53:20:c5:65:c6:0e:75:5a:f7:74:b1:
e6:17:a7:f6:82:2a:58:5a:d6:ac:d4:f0:be:79:e9:
a4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7C:CC:24:02:99:AE:AF:1A:EE:C9:E7:78:A4:8F:90:2D:DE:D6:0C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BCDFC93CC3DA11EFAEA36C80762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.27.0/24
Signature Algorithm: sha256WithRSAEncryption
57:e4:b5:93:dc:53:34:1f:22:1d:02:f4:b5:32:18:b2:f1:2f:
32:83:0d:0e:da:ab:e1:25:4a:6c:72:73:51:9d:5d:c1:49:74:
a1:f2:fe:2d:0c:2d:0f:61:5f:e8:64:e7:3e:6f:7d:ad:02:9c:
96:4b:0d:4d:12:b7:db:9c:a6:6c:66:67:ed:04:71:6b:66:af:
1f:40:7c:13:12:ff:ef:b8:94:49:4c:48:20:3c:84:eb:6d:1b:
77:7f:b1:e1:e3:5c:97:91:be:19:bd:c5:58:f6:45:ac:fd:fd:
91:7b:d4:9f:46:41:d2:07:72:ac:97:1c:92:18:d0:6c:49:42:
0b:c7:c1:f0:47:85:4d:b2:7f:6c:6f:bc:46:45:c8:a5:4a:83:
01:0c:1e:b0:9c:18:4b:b3:a5:7d:28:f5:1c:f9:b1:27:b8:ef:
31:93:7a:23:24:54:fe:c3:7d:e4:45:f8:79:c2:a6:93:f2:a5:
b0:93:67:50:25:2f:80:ff:5a:81:86:d6:ab:d7:89:95:92:de:
27:c1:95:92:e5:53:fb:da:cc:e4:54:1a:a5:6b:1e:91:0d:27:
e2:87:82:03:d8:d3:b4:84:35:81:de:96:f6:f9:a8:ea:ea:2a:
92:bd:b6:fb:d8:07:e6:a1:b7:e8:86:6b:ad:b2:76:c4:15:be:
70:80:5c:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASiiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MjI0MjQ3WhcNMjUxMjEyMjI0MjQ3WjAYMRYw
FAYDVQQDEw02NzZkZGJlYi1mZjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxVaj/hv1ZChU3BWaPMo6nQfXV2DhwzKAjBzxjh2ZczbVeMyPGvknIBdJ
xdkBFwHXSppEsXDDf0IVGh1Ig/yHvqIcNs58K/tuWBA5Qso0Fnf7jVE3Q+5KbXHy
QDaToCUQPPfLtDcQOSP+nob49wzqLQCMzKzVuP3iZN1TiIy3uiNGcnvV34JIKfZu
GIGCRItCk9GjJFN7uwnkU6QzJBLXLC6y+Cx1gW5MmfdpwPzRgieyspER0i6HfRqE
AiJsDyN0r+Oso/plqYeecmzYttqtDjK8KLJ2OOsAhBVXT3TGpq7/EIp2UyDFZcYO
dVr3dLHmF6f2gipYWtas1PC+eemkvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJl8
zCQCma6vGu7J53ikj5At3tYMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQ0RGQzkzQ0MzREExMUVGQUVBMzZDODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlUbMA0GCSqGSIb3DQEB
CwUAA4IBAQBX5LWT3FM0HyIdAvS1Mhiy8S8ygw0O2qvhJUpscnNRnV3BSXSh8v4t
DC0PYV/oZOc+b32tApyWSw1NErfbnKZsZmftBHFrZq8fQHwTEv/vuJRJTEggPITr
bRt3f7Hh41yXkb4ZvcVY9kWs/f2Re9SfRkHSB3KslxySGNBsSUILx8HwR4VNsn9s
b7xGRcilSoMBDB6wnBhLs6V9KPUc+bEnuO8xk3ojJFT+w33kRfh5wqaT8qWwk2dQ
JS+A/1qBhtar14mVkt4nwZWS5VP72szkVBqlax6RDSfih4ID2NO0hDWB3pb2+ajq
6iqSvbb72AfmobfohmutsnbEFb5wgFx4
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:18:46 2025 by rpki-client