Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFFEDF82C0C811EFB93F4271762E951A.roa
File: BFFEDF82C0C811EFB93F4271762E951A.roa (raw, json)
Hash identifier: 1RpNsZcx5QbZ1APTfcjru7XBwZ6O1iBLUDV7yLH9b+k=
Subject key identifier: 81:2D:61:1E:95:58:88:C6:13:71:FE:4D:13:2E:40:CF:BA:F7:36:40
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011DDA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFFEDF82C0C811EFB93F4271762E951A.roa
Signing time: Mon 23 Dec 2024 00:56:32 +0000
ROA not before: Mon 23 Dec 2024 00:00:28 +0000
ROA not after: Wed 10 Dec 2025 00:00:28 +0000
asID: 984
IP address blocks: 154.82.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73178 (0x11dda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 00:00:28 2024 GMT
Not After : Dec 10 00:00:28 2025 GMT
Subject: CN=6768b540-3bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c2:84:38:7f:68:67:d2:9a:39:56:93:62:dd:
8c:6d:f6:76:bd:f5:5b:e6:81:d1:9d:1f:a7:40:f8:
b1:76:05:4a:ee:5e:76:84:05:42:a3:0a:bc:6b:0e:
02:b4:19:c5:05:88:c7:c6:9e:be:c1:fd:05:76:01:
d6:39:33:00:64:52:63:d7:76:d9:13:7a:9f:a5:d2:
3c:70:9f:af:98:ca:84:7c:85:be:96:7b:a5:8f:cd:
27:43:e8:37:b0:ac:d9:4a:f1:69:e7:48:a1:28:df:
bc:d1:5a:ee:3e:2e:da:d6:9e:7e:10:87:b5:2c:42:
6d:e5:a4:3a:1e:f6:d6:89:72:29:12:d4:e0:20:eb:
0f:f0:22:25:79:14:d2:3b:49:8f:1a:14:d7:96:81:
e1:b2:5f:e9:8b:9b:f6:d1:08:43:f2:16:e9:4c:d5:
55:81:3b:74:69:2b:c3:37:72:fc:15:3b:50:7c:0c:
02:e9:2c:3c:ca:c0:09:de:0c:7c:ab:35:1b:6e:11:
57:96:f7:07:65:f6:fa:74:9e:52:5f:87:2a:ff:eb:
0c:c5:55:47:03:c3:ca:80:7a:83:07:19:92:48:c2:
93:39:25:03:5a:32:ad:5a:70:d4:8b:e0:83:0e:4b:
20:8b:d7:3e:b4:c8:d8:97:9c:70:9a:d4:8e:c7:41:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2D:61:1E:95:58:88:C6:13:71:FE:4D:13:2E:40:CF:BA:F7:36:40
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFFEDF82C0C811EFB93F4271762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.224.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c8:ce:8d:eb:d5:fd:fc:f0:6c:f6:ad:68:80:d3:fe:00:43:
18:65:6a:60:cb:c7:c7:75:b3:fb:53:46:84:14:58:d6:07:08:
20:49:82:d9:6d:1d:4b:13:a0:31:da:c2:4e:2a:16:74:d1:16:
22:66:77:26:ea:d2:4f:ce:b5:cd:fb:65:a8:1b:16:fb:c9:c9:
7a:0e:21:aa:7b:75:e7:31:75:0d:f9:68:4f:3c:3d:54:6a:de:
69:fa:50:24:04:3c:41:ea:c2:8d:d4:f4:47:6e:8f:54:e1:6e:
a4:de:32:1b:7b:67:2e:69:1e:09:76:41:90:76:ba:b4:6a:b3:
05:7c:ab:f7:fb:ef:7c:21:20:bd:bf:a7:fd:c2:54:9d:6d:1e:
e3:22:ea:22:6e:e1:25:9e:92:90:2d:5a:84:67:12:44:e8:5e:
e7:97:b8:47:92:73:9c:84:0d:69:2b:38:94:ea:4a:51:fa:ed:
d9:2e:04:e6:b9:e7:36:f0:1a:ad:fa:ac:64:56:5f:f4:2c:a1:
59:d0:d6:f4:e4:d6:7c:8f:ef:a4:22:0f:21:2b:11:fb:48:13:
2c:c4:5c:29:ef:10:5e:0c:91:4f:d3:68:0e:86:16:20:d0:f2:
a6:f1:40:ce:6f:94:85:7c:82:c6:19:c7:ae:27:4a:77:a5:03:
a0:4a:b5:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR3aMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDAwMDI4WhcNMjUxMjEwMDAwMDI4WjAYMRYw
FAYDVQQDEw02NzY4YjU0MC0zYmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzMKEOH9oZ9KaOVaTYt2MbfZ2vfVb5oHRnR+nQPixdgVK7l52hAVCowq8
aw4CtBnFBYjHxp6+wf0FdgHWOTMAZFJj13bZE3qfpdI8cJ+vmMqEfIW+lnulj80n
Q+g3sKzZSvFp50ihKN+80VruPi7a1p5+EIe1LEJt5aQ6HvbWiXIpEtTgIOsP8CIl
eRTSO0mPGhTXloHhsl/pi5v20QhD8hbpTNVVgTt0aSvDN3L8FTtQfAwC6Sw8ysAJ
3gx8qzUbbhFXlvcHZfb6dJ5SX4cq/+sMxVVHA8PKgHqDBxmSSMKTOSUDWjKtWnDU
i+CDDksgi9c+tMjYl5xwmtSOx0G6lQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIEt
YR6VWIjGE3H+TRMuQM+69zZAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRkZFREY4MkMwQzgxMUVGQjkzRjQyNzE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLgMA0GCSqGSIb3DQEB
CwUAA4IBAQBfyM6N69X9/PBs9q1ogNP+AEMYZWpgy8fHdbP7U0aEFFjWBwggSYLZ
bR1LE6Ax2sJOKhZ00RYiZncm6tJPzrXN+2WoGxb7ycl6DiGqe3XnMXUN+WhPPD1U
at5p+lAkBDxB6sKN1PRHbo9U4W6k3jIbe2cuaR4JdkGQdrq0arMFfKv3++98ISC9
v6f9wlSdbR7jIuoibuElnpKQLVqEZxJE6F7nl7hHknOchA1pKziU6kpR+u3ZLgTm
uec28Bqt+qxkVl/0LKFZ0Nb05NZ8j++kIg8hKxH7SBMsxFwp7xBeDJFP02gOhhYg
0PKm8UDOb5SFfILGGceuJ0p3pQOgSrWo
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:15:01 2025 by rpki-client