Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C863DFD4C25C11EF9153F481762E951A.roa
File: C863DFD4C25C11EF9153F481762E951A.roa (raw, json)
Hash identifier: iBqTGfil1UjmbePlM3E+OHlXj1zw0XLL1kPJFxzJfsk=
Subject key identifier: CD:16:0B:C9:F1:2B:98:AB:5B:AA:8A:E3:D5:6E:BA:C1:AF:0C:A1:F7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012380
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C863DFD4C25C11EF9153F481762E951A.roa
Signing time: Wed 25 Dec 2024 01:08:43 +0000
ROA not before: Wed 25 Dec 2024 01:08:39 +0000
ROA not after: Wed 10 Dec 2025 01:08:39 +0000
asID: 984
IP address blocks: 154.199.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74624 (0x12380)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 01:08:39 2024 GMT
Not After : Dec 10 01:08:39 2025 GMT
Subject: CN=676b5b1b-caf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ff:fa:8f:0e:69:1a:d0:18:f0:57:58:f3:52:
10:2e:47:72:f1:a7:99:d7:09:25:4c:af:9a:76:0c:
0e:ac:b9:ba:e7:23:3a:e3:0f:ac:e7:a7:90:a3:14:
34:c8:06:43:21:87:6f:87:ca:b3:f4:0f:e9:f3:d5:
a6:5d:ba:b3:b5:ca:82:cc:2b:14:12:05:2e:0b:0a:
cd:a0:0b:ec:ac:06:65:3b:80:2e:62:d5:69:1c:bd:
1d:df:35:e6:38:c4:82:bc:94:9e:7d:6b:4e:25:9d:
5d:38:31:a5:91:c6:6f:dd:ec:70:7e:55:4b:5a:e7:
a9:74:d7:d1:eb:73:e3:89:d0:97:ec:d2:b0:4c:a9:
6a:70:2a:eb:be:71:af:83:ac:e5:b7:31:d7:76:61:
b3:1d:7b:8e:30:0c:ed:57:d4:12:dc:30:f0:5a:2c:
1c:36:cb:1a:67:28:4a:00:5d:dc:27:64:f6:cc:c6:
66:e4:59:8b:1d:a7:4e:e7:fd:1d:b6:34:8e:f9:a3:
e6:36:33:c7:61:d4:67:bc:2c:ee:5b:77:f3:99:51:
e9:89:65:7e:4f:1f:ca:18:1c:c5:e9:e3:52:e9:4b:
8e:26:eb:b6:72:1b:e7:46:b3:73:0b:6e:de:fc:36:
3e:85:fd:49:25:fd:08:25:99:ef:b1:ff:a0:82:a0:
e2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:16:0B:C9:F1:2B:98:AB:5B:AA:8A:E3:D5:6E:BA:C1:AF:0C:A1:F7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C863DFD4C25C11EF9153F481762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.77.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:c8:96:96:c1:4e:36:01:4e:4c:9c:68:87:b1:72:01:51:ed:
63:d8:49:81:ad:2d:f0:5e:fd:24:81:ff:82:c2:57:e8:2d:57:
ba:e8:43:cc:6a:f7:4c:62:46:1f:67:b4:e5:fa:7a:62:79:9f:
86:a5:ae:33:89:e5:55:9f:0d:5f:3f:1f:bb:32:2f:d8:b4:a6:
d1:b7:d8:55:09:4e:7d:17:5b:b0:13:c3:1e:cd:f1:80:3d:dc:
4e:35:47:e6:f2:e9:f8:d6:f8:31:7d:92:31:04:cb:12:41:e9:
40:03:15:c3:2c:9a:d9:7f:58:6f:1e:31:6a:60:45:dd:ed:5d:
b4:6c:46:3e:97:8f:b6:0e:bd:8e:d4:9a:bf:32:33:74:a1:26:
21:fa:06:77:29:d3:40:a2:76:f3:6f:87:16:96:f7:85:e8:59:
45:d1:33:46:09:f4:c7:75:94:50:c0:7a:ba:0b:6b:0a:26:b1:
bc:e0:c1:5f:dc:8d:61:63:92:1a:72:13:d8:52:b3:33:fb:59:
b9:55:21:c3:f1:68:1e:7c:bf:66:fe:63:b3:d7:cf:cd:dd:a6:
e2:45:50:a9:17:6f:7b:f5:cd:aa:e8:7a:c9:79:a1:94:13:b5:
88:5e:8b:56:2f:5a:45:81:4b:07:32:28:b6:6e:20:0f:21:7c:
76:dd:5c:9d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASOAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDEwODM5WhcNMjUxMjEwMDEwODM5WjAYMRYw
FAYDVQQDEw02NzZiNWIxYi1jYWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqP/6jw5pGtAY8FdY81IQLkdy8aeZ1wklTK+adgwOrLm65yM64w+s56eQ
oxQ0yAZDIYdvh8qz9A/p89WmXbqztcqCzCsUEgUuCwrNoAvsrAZlO4AuYtVpHL0d
3zXmOMSCvJSefWtOJZ1dODGlkcZv3exwflVLWuepdNfR63PjidCX7NKwTKlqcCrr
vnGvg6zltzHXdmGzHXuOMAztV9QS3DDwWiwcNssaZyhKAF3cJ2T2zMZm5FmLHadO
5/0dtjSO+aPmNjPHYdRnvCzuW3fzmVHpiWV+Tx/KGBzF6eNS6UuOJuu2chvnRrNz
C27e/DY+hf1JJf0IJZnvsf+ggqDiBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM0W
C8nxK5irW6qK49VuusGvDKH3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DODYzREZENEMyNUMxMUVGOTE1M0Y0ODE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsdNMA0GCSqGSIb3DQEB
CwUAA4IBAQAMyJaWwU42AU5MnGiHsXIBUe1j2EmBrS3wXv0kgf+CwlfoLVe66EPM
avdMYkYfZ7Tl+npieZ+Gpa4zieVVnw1fPx+7Mi/YtKbRt9hVCU59F1uwE8MezfGA
PdxONUfm8un41vgxfZIxBMsSQelAAxXDLJrZf1hvHjFqYEXd7V20bEY+l4+2Dr2O
1Jq/MjN0oSYh+gZ3KdNAonbzb4cWlveF6FlF0TNGCfTHdZRQwHq6C2sKJrG84MFf
3I1hY5IachPYUrMz+1m5VSHD8WgefL9m/mOz18/N3abiRVCpF2979c2q6HrJeaGU
E7WIXotWL1pFgUsHMii2biAPIXx23Vyd
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:09:24 2025 by rpki-client