Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BEC9DCF0DB1411EF8BF96587762E951A.roa
File: BEC9DCF0DB1411EF8BF96587762E951A.roa (raw, json)
Hash identifier: Cx6zAM5zUx5sgSpJRbaRLYOqksPKGoLivtRGIwm2+uA=
Subject key identifier: 21:CC:AE:37:6E:B1:30:8E:8E:B8:34:69:77:94:C8:5C:E7:E8:2D:BE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014929
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BEC9DCF0DB1411EF8BF96587762E951A.roa
Signing time: Sat 25 Jan 2025 12:06:02 +0000
ROA not before: Sat 25 Jan 2025 12:05:58 +0000
ROA not after: Mon 02 Feb 2026 12:05:58 +0000
asID: 132839
IP address blocks: 154.92.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84265 (0x14929)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 25 12:05:58 2025 GMT
Not After : Feb 2 12:05:58 2026 GMT
Subject: CN=6794d3aa-24f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:ab:32:ab:5f:60:9d:a6:fd:7f:a6:2a:89:76:
a9:58:61:ab:66:62:72:56:d8:44:f9:b3:88:8a:94:
71:7c:27:f2:cd:df:bc:8a:0c:2e:78:0b:dc:d2:6c:
d5:77:3e:a1:8b:31:0a:3d:47:f9:4a:e5:36:f3:17:
7c:f5:d8:bc:31:cb:b9:b8:ab:e2:78:9c:1e:76:e4:
f4:63:cf:75:2e:d9:da:3b:89:32:70:bb:1f:77:77:
ed:64:93:ea:ec:00:ba:3c:e6:bd:61:e6:bf:af:80:
0b:42:30:d9:f0:f5:25:ac:c1:61:d8:68:65:54:9f:
54:05:16:10:cf:9b:50:31:52:cd:bf:4a:32:a4:2f:
86:a5:60:54:78:2d:b3:09:e0:fc:e3:11:8c:8b:a8:
89:4a:fe:d5:b4:8c:80:ee:4e:49:65:b3:a7:f7:a3:
d8:3c:21:a9:f1:32:5c:69:0e:a6:61:79:a4:01:9f:
e1:36:19:8c:4f:c4:99:26:27:19:cf:c4:86:08:8f:
88:d6:74:2c:67:82:55:ee:70:5e:03:54:c8:b5:6b:
63:42:ac:3d:f0:1f:d1:49:19:4f:ab:af:5e:90:e3:
f8:be:4e:c2:f4:c7:f0:0e:2a:48:4b:51:02:b5:27:
8f:c2:81:c5:2f:a7:cd:db:87:15:7d:0d:bb:82:8a:
98:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CC:AE:37:6E:B1:30:8E:8E:B8:34:69:77:94:C8:5C:E7:E8:2D:BE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BEC9DCF0DB1411EF8BF96587762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.92.32.0/19
Signature Algorithm: sha256WithRSAEncryption
63:3b:9a:55:89:0c:c4:e1:00:ab:7b:b2:df:11:36:a4:2d:93:
9e:8d:20:7c:d5:37:86:6c:f0:b5:59:57:15:eb:46:b5:92:a5:
d0:a0:ec:29:23:97:b0:19:e4:99:c4:94:f6:ce:4d:05:4c:a8:
39:38:f1:39:7f:06:8b:5a:99:7f:0b:4b:02:1b:03:cc:bf:4d:
01:67:84:8b:4d:dd:b4:42:98:34:49:28:25:aa:62:5e:9b:18:
e1:9f:98:4c:99:84:64:d5:9b:bb:d0:38:3d:9e:0e:b4:18:fa:
11:ad:05:96:eb:82:ad:af:56:cd:b0:ef:44:da:73:43:a7:0d:
f0:1f:6f:7e:dc:f6:57:4b:30:b9:9e:f8:a0:4c:98:f9:eb:dc:
b7:1b:1a:04:f3:9e:08:97:9e:3b:7b:e7:82:78:d1:93:6b:26:
9d:e2:21:66:00:dd:f7:4f:c4:78:6b:03:d8:a5:45:5a:08:93:
ac:52:d7:32:41:83:f2:6d:36:5b:ee:0c:0a:4d:b2:ea:67:e6:
af:1b:c2:24:47:bc:95:dc:5c:ca:51:01:bd:4c:e9:af:b2:ff:
d7:9c:4f:f2:0f:e9:06:56:73:f3:27:7c:45:bf:ee:e1:62:58:
c0:df:12:84:f1:d6:4c:81:50:e0:a1:11:79:a8:a3:7b:02:b5:
d9:41:c6:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUkpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI1MTIwNTU4WhcNMjYwMjAyMTIwNTU4WjAYMRYw
FAYDVQQDEw02Nzk0ZDNhYS0yNGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA96syq19gnab9f6YqiXapWGGrZmJyVthE+bOIipRxfCfyzd+8igwueAvc
0mzVdz6hizEKPUf5SuU28xd89di8Mcu5uKvieJweduT0Y891LtnaO4kycLsfd3ft
ZJPq7AC6POa9Yea/r4ALQjDZ8PUlrMFh2GhlVJ9UBRYQz5tQMVLNv0oypC+GpWBU
eC2zCeD84xGMi6iJSv7VtIyA7k5JZbOn96PYPCGp8TJcaQ6mYXmkAZ/hNhmMT8SZ
JicZz8SGCI+I1nQsZ4JV7nBeA1TItWtjQqw98B/RSRlPq69ekOP4vk7C9MfwDipI
S1ECtSePwoHFL6fN24cVfQ27goqYTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCHM
rjdusTCOjrg0aXeUyFzn6C2+MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRUM5RENGMERCMTQxMUVGOEJGOTY1ODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlwgMA0GCSqGSIb3DQEB
CwUAA4IBAQBjO5pViQzE4QCre7LfETakLZOejSB81TeGbPC1WVcV60a1kqXQoOwp
I5ewGeSZxJT2zk0FTKg5OPE5fwaLWpl/C0sCGwPMv00BZ4SLTd20Qpg0SSglqmJe
mxjhn5hMmYRk1Zu70Dg9ng60GPoRrQWW64Ktr1bNsO9E2nNDpw3wH29+3PZXSzC5
nvigTJj569y3GxoE854Il547e+eCeNGTayad4iFmAN33T8R4awPYpUVaCJOsUtcy
QYPybTZb7gwKTbLqZ+avG8IkR7yV3FzKUQG9TOmvsv/XnE/yD+kGVnPzJ3xFv+7h
YljA3xKE8dZMgVDgoRF5qKN7ArXZQcZz
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:27 2025 by rpki-client