Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF3F4872F4BA11EFAF1E82A5762E951A.roa
File: BF3F4872F4BA11EFAF1E82A5762E951A.roa (raw, json)
Hash identifier: aPFffRYizeZZk+sSwxbaXzXU0OUoTGIiNum+RCiKPY8=
Subject key identifier: 84:03:37:D6:72:D6:17:43:A5:7B:9B:BC:9B:5D:6A:2D:E8:BC:1F:56
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01662C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF3F4872F4BA11EFAF1E82A5762E951A.roa
Signing time: Thu 27 Feb 2025 03:27:18 +0000
ROA not before: Thu 27 Feb 2025 03:27:14 +0000
ROA not after: Thu 19 Feb 2026 03:27:14 +0000
asID: 984
IP address blocks: 154.200.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 14:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91692 (0x1662c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 27 03:27:14 2025 GMT
Not After : Feb 19 03:27:14 2026 GMT
Subject: CN=67bfdb96-febd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:19:e3:22:3d:8e:6b:e1:46:95:0a:f1:12:a4:
ca:a3:c9:b8:5a:5c:34:d1:16:70:3d:dc:19:cd:ab:
69:70:cb:15:65:43:7e:d4:b1:5e:a1:0e:7d:11:24:
fd:2e:63:a5:cc:0e:b4:04:a7:c7:3b:69:b6:c0:50:
b8:89:75:ed:d2:91:ff:51:bc:9c:91:82:d7:7c:d1:
73:64:b5:eb:f7:65:b5:0c:82:fd:e5:3e:5f:48:2b:
5d:5b:ea:9f:94:47:01:8e:c4:c3:3e:0e:8b:cc:75:
1e:b4:7b:0c:cb:6e:ae:c2:24:61:90:91:56:f7:7c:
d5:25:fd:a0:30:5f:48:20:82:40:21:b5:9e:2b:e9:
69:63:d7:81:9b:79:53:2c:17:d5:30:b7:e4:20:c3:
be:cb:ae:5f:1c:21:59:15:15:3a:f5:c2:93:7c:4f:
bf:ac:86:46:c9:ff:42:e7:a2:b9:3d:69:5d:db:23:
4a:df:91:df:6f:b9:02:27:4b:0d:6f:c2:2d:49:ed:
d6:e9:f5:13:66:95:20:69:7a:b7:27:5c:00:9c:df:
6e:66:7a:e4:05:58:b4:83:cf:38:e1:d9:08:c7:ed:
dd:2e:13:d3:55:59:c4:40:7b:1d:04:bc:f8:97:5a:
0f:58:3d:4a:c2:ab:e3:b9:2b:7d:f1:da:b5:09:3b:
ad:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:03:37:D6:72:D6:17:43:A5:7B:9B:BC:9B:5D:6A:2D:E8:BC:1F:56
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF3F4872F4BA11EFAF1E82A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.77.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:31:c1:1a:9d:18:f3:ef:80:01:30:bc:03:b7:2e:50:d3:6c:
aa:fc:c6:58:03:fb:53:3c:35:ac:80:e4:39:c3:84:83:6d:7c:
b6:df:b9:ec:bc:14:b8:f1:67:8c:77:30:05:d0:6f:52:0d:60:
ea:97:a3:4b:f4:d7:d0:f7:4b:b9:6a:86:4e:1e:5f:f3:21:ee:
ba:c2:9e:b3:59:f0:bd:91:ac:46:79:13:78:f9:fc:9a:f1:0b:
fa:fd:1b:5d:88:3e:7b:5b:1b:01:54:46:c7:32:67:81:04:d2:
a5:5d:ae:a9:fa:22:f3:8e:17:9c:74:f3:d6:21:10:48:1f:c6:
af:57:5c:ba:ce:91:42:3f:a1:1f:9d:bd:15:a4:2c:87:dc:3b:
a3:e2:96:88:4c:ad:2f:51:29:b0:cc:d6:73:9c:e0:0d:b2:1c:
3d:d9:e1:46:cf:0e:92:a8:1b:8c:77:7e:c5:46:09:f3:4b:09:
c8:93:25:2c:d5:6e:dc:66:cf:5b:4d:35:9b:cd:7a:bc:91:d7:
1c:62:d3:ee:2f:84:2d:5a:58:36:30:ed:6d:cf:68:ed:a6:74:
f2:b9:1a:2f:d8:1e:9c:bf:33:f4:41:b1:dd:d3:15:c7:b1:c8:
77:7d:7c:d2:ea:61:c7:45:be:a6:1e:89:4b:98:d9:3d:ab:a7:
8c:cb:15:83
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWYsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI3MDMyNzE0WhcNMjYwMjE5MDMyNzE0WjAYMRYw
FAYDVQQDEw02N2JmZGI5Ni1mZWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvRnjIj2Oa+FGlQrxEqTKo8m4Wlw00RZwPdwZzatpcMsVZUN+1LFeoQ59
EST9LmOlzA60BKfHO2m2wFC4iXXt0pH/UbyckYLXfNFzZLXr92W1DIL95T5fSCtd
W+qflEcBjsTDPg6LzHUetHsMy26uwiRhkJFW93zVJf2gMF9IIIJAIbWeK+lpY9eB
m3lTLBfVMLfkIMO+y65fHCFZFRU69cKTfE+/rIZGyf9C56K5PWld2yNK35Hfb7kC
J0sNb8ItSe3W6fUTZpUgaXq3J1wAnN9uZnrkBVi0g8844dkIx+3dLhPTVVnEQHsd
BLz4l1oPWD1KwqvjuSt98dq1CTutkQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIQD
N9Zy1hdDpXubvJtdai3ovB9WMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjNGNDg3MkY0QkExMUVGQUYxRTgyQTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmshNMA0GCSqGSIb3DQEB
CwUAA4IBAQCKMcEanRjz74ABMLwDty5Q02yq/MZYA/tTPDWsgOQ5w4SDbXy237ns
vBS48WeMdzAF0G9SDWDql6NL9NfQ90u5aoZOHl/zIe66wp6zWfC9kaxGeRN4+fya
8Qv6/RtdiD57WxsBVEbHMmeBBNKlXa6p+iLzjhecdPPWIRBIH8avV1y6zpFCP6Ef
nb0VpCyH3Duj4paITK0vUSmwzNZznOANshw92eFGzw6SqBuMd37FRgnzSwnIkyUs
1W7cZs9bTTWbzXq8kdccYtPuL4QtWlg2MO1tz2jtpnTyuRov2B6cvzP0QbHd0xXH
sch3fXzS6mHHRb6mHolLmNk9q6eMyxWD
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:46:35 2025 by rpki-client