Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE4B065EC54E11EFBE628C42762E951A.roa
File: BE4B065EC54E11EFBE628C42762E951A.roa (raw, json)
Hash identifier: +9rAzmCImt62uWShjmkU3HvPm5AtJY69VZX+uKfDyPQ=
Subject key identifier: 53:BD:50:6D:99:57:24:B0:0B:DB:E9:93:A0:6F:2E:DD:0C:CD:9D:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012CFB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE4B065EC54E11EFBE628C42762E951A.roa
Signing time: Sat 28 Dec 2024 19:05:46 +0000
ROA not before: Sat 28 Dec 2024 19:05:43 +0000
ROA not after: Fri 12 Dec 2025 19:05:43 +0000
asID: 984
IP address blocks: 154.210.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77051 (0x12cfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 19:05:43 2024 GMT
Not After : Dec 12 19:05:43 2025 GMT
Subject: CN=67704c0a-ba37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:08:10:91:a9:58:d7:2e:3b:fd:3f:b9:75:cf:
a2:c5:c3:9f:4b:cd:d7:07:40:3b:39:fc:59:60:f5:
e1:ce:b7:41:d2:13:d5:cb:16:a5:64:b1:c0:ea:a5:
19:6e:e1:73:c9:d3:1a:6f:62:28:f2:2c:7c:a7:bb:
9d:72:cb:ec:5f:1e:4b:1f:3e:5a:e9:f8:6f:1d:00:
f2:77:a0:d0:c3:9e:17:25:30:94:e9:67:cb:d6:e4:
dd:1d:10:08:5a:67:b6:12:de:cc:12:36:10:a9:69:
ed:89:0d:d2:c4:e9:d8:86:23:19:fa:08:34:97:ef:
c5:b3:40:10:fa:5a:5c:a6:e6:e2:e3:19:40:e2:ac:
75:7a:ee:1d:26:46:63:11:3c:cb:e3:46:fd:fb:d4:
21:a0:7b:c0:45:a0:65:46:f7:48:41:26:e8:a5:d2:
72:3c:70:97:39:4d:c0:97:67:5e:e1:73:93:3a:65:
22:ef:3e:79:4c:1c:45:d2:68:af:6f:7b:c6:6e:c2:
03:48:44:25:8f:57:15:e8:e9:b2:c6:d8:60:76:a3:
23:a7:f3:6c:35:2f:88:ae:50:2d:49:ef:da:1a:c0:
d3:1f:00:26:97:89:e0:55:5f:9a:c3:ec:8a:2e:2b:
ee:5b:6c:16:43:43:27:9b:bf:43:8a:93:0c:8d:e0:
45:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BD:50:6D:99:57:24:B0:0B:DB:E9:93:A0:6F:2E:DD:0C:CD:9D:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BE4B065EC54E11EFBE628C42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.7.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:53:4f:1d:a8:7e:ce:be:c1:da:dc:ab:3b:be:da:81:8e:78:
bc:c2:0d:30:56:b1:89:64:0a:0b:e9:a3:8b:d0:ac:eb:0a:f1:
03:0c:18:f3:6a:36:74:4e:98:f2:29:e2:ab:33:24:db:93:f1:
54:06:c1:4b:e7:8d:e1:dc:c1:3f:48:58:aa:26:91:7b:2b:37:
c4:90:b5:a6:71:b9:f4:80:53:f1:a3:fb:e2:b2:60:0e:73:ab:
93:62:19:6f:3b:04:ce:10:6d:87:b1:13:ba:75:9d:ef:d6:37:
96:78:91:19:de:40:31:33:32:ee:30:5d:9e:ad:12:d8:3d:9d:
e2:60:e3:df:86:06:ef:0e:8d:73:2f:e5:09:d7:7e:a7:43:0b:
b2:ee:79:45:58:0f:d0:a0:07:65:c3:3d:7f:01:77:86:c1:cc:
82:fa:d3:4a:42:08:76:5c:29:b0:a2:4a:7f:b2:c3:b0:e9:f0:
d2:97:2b:12:11:42:bf:d1:8d:db:05:a1:7d:6f:2d:7d:f8:b5:
a0:13:9d:4a:02:cc:c0:d4:ce:c5:88:86:9a:c1:89:4c:3c:f9:
81:f3:c1:39:ad:49:39:cd:2c:23:0a:0a:8e:41:da:8c:b2:7b:
00:4d:68:fc:cd:78:8e:62:f2:f8:6d:e3:e2:04:8f:e3:6b:a4:
b4:20:4d:e0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASz7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTkwNTQzWhcNMjUxMjEyMTkwNTQzWjAYMRYw
FAYDVQQDEw02NzcwNGMwYS1iYTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwwgQkalY1y47/T+5dc+ixcOfS83XB0A7OfxZYPXhzrdB0hPVyxalZLHA
6qUZbuFzydMab2Io8ix8p7udcsvsXx5LHz5a6fhvHQDyd6DQw54XJTCU6WfL1uTd
HRAIWme2Et7MEjYQqWntiQ3SxOnYhiMZ+gg0l+/Fs0AQ+lpcpubi4xlA4qx1eu4d
JkZjETzL40b9+9QhoHvARaBlRvdIQSbopdJyPHCXOU3Al2de4XOTOmUi7z55TBxF
0mivb3vGbsIDSEQlj1cV6OmyxthgdqMjp/NsNS+IrlAtSe/aGsDTHwAml4ngVV+a
w+yKLivuW2wWQ0Mnm79DipMMjeBFuwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFO9
UG2ZVySwC9vpk6BvLt0MzZ0AMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRTRCMDY1RUM1NEUxMUVGQkU2MjhDNDI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtIHMA0GCSqGSIb3DQEB
CwUAA4IBAQCmU08dqH7OvsHa3Ks7vtqBjni8wg0wVrGJZAoL6aOL0KzrCvEDDBjz
ajZ0TpjyKeKrMyTbk/FUBsFL543h3ME/SFiqJpF7KzfEkLWmcbn0gFPxo/vismAO
c6uTYhlvOwTOEG2HsRO6dZ3v1jeWeJEZ3kAxMzLuMF2erRLYPZ3iYOPfhgbvDo1z
L+UJ136nQwuy7nlFWA/QoAdlwz1/AXeGwcyC+tNKQgh2XCmwokp/ssOw6fDSlysS
EUK/0Y3bBaF9by19+LWgE51KAszA1M7FiIaawYlMPPmB88E5rUk5zSwjCgqOQdqM
snsATWj8zXiOYvL4bePiBI/ja6S0IE3g
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:49:17 2025 by rpki-client