Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD294940ED1511EF9D45BEA3762E951A.roa
File: BD294940ED1511EF9D45BEA3762E951A.roa (raw, json)
Hash identifier: l4LrZ8ONbQmUvji21Txzi2G7u+yAG+HVf1VWNdhEuFw=
Subject key identifier: 3B:51:41:A1:0E:E0:13:B8:0E:6B:0B:EF:CD:C4:74:9C:B2:D0:D5:71
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0157F3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD294940ED1511EF9D45BEA3762E951A.roa
Signing time: Mon 17 Feb 2025 09:58:29 +0000
ROA not before: Mon 17 Feb 2025 09:58:26 +0000
ROA not after: Sat 23 Aug 2025 09:58:26 +0000
asID: 152920
IP address blocks: 154.208.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88051 (0x157f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 17 09:58:26 2025 GMT
Not After : Aug 23 09:58:26 2025 GMT
Subject: CN=67b30845-8cad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:50:7e:1c:78:a8:00:f0:e2:ee:e2:4c:46:0b:
d1:95:94:8d:e2:ca:2c:7c:5d:8a:43:13:84:90:62:
c5:c0:65:87:83:e0:fa:fa:54:80:0f:56:06:da:f2:
0a:61:8c:e4:6a:cb:d6:a9:f7:36:24:98:00:8c:26:
b4:8f:a0:a1:01:4e:d3:4a:82:9d:60:e7:5e:8c:bb:
7c:e5:ab:92:09:b6:ed:dc:01:53:80:5d:99:2c:df:
c5:80:da:a9:66:af:ba:fb:b7:7a:fd:98:0a:f8:d7:
9e:db:15:26:ff:8e:80:13:af:80:35:58:e7:cc:45:
d2:08:e6:e4:fc:88:5f:b7:b1:93:7f:cb:5f:17:1a:
33:0e:b7:e1:97:45:e5:a5:18:84:06:b0:5e:b2:69:
74:95:d1:b9:2e:c7:b4:5a:5f:44:d5:8e:17:2f:a8:
5e:f1:c1:49:a9:4c:bd:cc:3b:1b:8a:0f:b1:1a:0e:
5d:f4:d8:39:e8:3c:c8:19:a2:0e:c7:2b:3a:ba:3f:
bf:ef:cd:59:50:2b:4c:9d:0e:b9:24:36:1e:a5:56:
3d:45:a2:29:4b:e7:82:dd:27:20:fa:a3:e3:d2:4b:
d7:cd:03:b9:cb:7a:75:31:01:25:06:18:bc:6c:5a:
04:e1:16:21:27:cd:b1:0c:cf:ec:c9:0e:86:89:ef:
a0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:51:41:A1:0E:E0:13:B8:0E:6B:0B:EF:CD:C4:74:9C:B2:D0:D5:71
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BD294940ED1511EF9D45BEA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.140.0/22
Signature Algorithm: sha256WithRSAEncryption
af:22:1f:0d:ed:05:ee:82:c8:04:c0:b9:4d:3c:c6:7b:9e:31:
04:c8:aa:ce:c3:08:49:7c:43:1e:33:dd:ef:d9:ee:04:c0:af:
e1:c4:a1:af:2f:f4:c1:94:32:8c:b1:15:d8:f3:8c:42:37:55:
0c:de:bb:1c:b6:b0:b5:73:77:4b:15:30:76:59:90:89:82:cc:
b4:ac:e8:ae:2e:b3:d1:e1:a0:22:24:06:99:2e:8c:8d:d6:a4:
0f:9e:4c:0e:92:b2:3f:4f:e9:78:49:fc:de:8e:08:c0:76:4f:
07:3f:27:c7:b4:a7:4f:1a:64:71:d8:56:94:eb:59:7a:c1:92:
87:0d:8c:19:5d:dc:a7:09:2e:c9:06:21:90:41:3d:a0:38:58:
e1:bf:d6:00:ff:bd:02:8a:b4:b7:ea:a4:96:c6:11:1b:3e:16:
8a:ae:27:96:c8:fb:83:c4:43:e9:83:c6:2c:f8:0e:2d:bc:4e:
cf:16:1f:69:2c:3d:63:0f:e2:60:fe:12:d3:f9:fa:be:4e:ff:
8c:05:54:be:5f:2f:4b:09:9f:46:0a:a8:48:b5:3e:0b:81:35:
0f:8d:07:b6:2a:3f:c1:13:49:2a:19:bf:01:37:a6:d5:22:5d:
fc:b6:fb:1a:f9:cc:69:f4:d4:b5:9b:e5:ed:37:f5:85:fa:9a:
61:4c:bf:b9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVfzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjE3MDk1ODI2WhcNMjUwODIzMDk1ODI2WjAYMRYw
FAYDVQQDEw02N2IzMDg0NS04Y2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzlB+HHioAPDi7uJMRgvRlZSN4sosfF2KQxOEkGLFwGWHg+D6+lSAD1YG
2vIKYYzkasvWqfc2JJgAjCa0j6ChAU7TSoKdYOdejLt85auSCbbt3AFTgF2ZLN/F
gNqpZq+6+7d6/ZgK+Nee2xUm/46AE6+ANVjnzEXSCObk/Ihft7GTf8tfFxozDrfh
l0XlpRiEBrBesml0ldG5Lse0Wl9E1Y4XL6he8cFJqUy9zDsbig+xGg5d9Ng56DzI
GaIOxys6uj+/781ZUCtMnQ65JDYepVY9RaIpS+eC3Scg+qPj0kvXzQO5y3p1MQEl
Bhi8bFoE4RYhJ82xDM/syQ6Gie+gPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDtR
QaEO4BO4DmsL783EdJyy0NVxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRDI5NDk0MEVEMTUxMUVGOUQ0NUJFQTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtCMMA0GCSqGSIb3DQEB
CwUAA4IBAQCvIh8N7QXugsgEwLlNPMZ7njEEyKrOwwhJfEMeM93v2e4EwK/hxKGv
L/TBlDKMsRXY84xCN1UM3rsctrC1c3dLFTB2WZCJgsy0rOiuLrPR4aAiJAaZLoyN
1qQPnkwOkrI/T+l4SfzejgjAdk8HPyfHtKdPGmRx2FaU61l6wZKHDYwZXdynCS7J
BiGQQT2gOFjhv9YA/70CirS36qSWxhEbPhaKrieWyPuDxEPpg8Ys+A4tvE7PFh9p
LD1jD+Jg/hLT+fq+Tv+MBVS+Xy9LCZ9GCqhItT4LgTUPjQe2Kj/BE0kqGb8BN6bV
Il38tvsa+cxp9NS1m+XtN/WF+pphTL+5
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:26:56 2025 by rpki-client