Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9B8F028E2D611EF83AE4359762E951A.roa
File: C9B8F028E2D611EF83AE4359762E951A.roa (raw, json)
Hash identifier: slXs8nBjq0XBY0tg+H+ATPIAva77lOlGOtF/7s/FHic=
Subject key identifier: 07:AD:E1:55:D7:F9:9D:97:48:9D:C6:2A:E1:A9:CA:73:E8:BC:B3:3F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0150C2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9B8F028E2D611EF83AE4359762E951A.roa
Signing time: Tue 04 Feb 2025 09:02:41 +0000
ROA not before: Tue 04 Feb 2025 09:02:37 +0000
ROA not after: Wed 30 Apr 2025 09:02:37 +0000
asID: 18229
IP address blocks: 154.210.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86210 (0x150c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 4 09:02:37 2025 GMT
Not After : Apr 30 09:02:37 2025 GMT
Subject: CN=67a1d7b1-414e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e6:65:97:47:8f:75:e1:73:e9:53:6c:24:6c:
0a:4f:ea:d3:58:a7:dc:f9:85:cb:15:bc:ba:3a:93:
da:db:a1:d0:0e:ff:67:7c:cb:1f:b0:52:b6:8b:1d:
da:ed:9d:d5:e1:4e:eb:d8:d3:cf:d1:93:98:17:06:
9e:a2:78:31:18:fc:23:47:93:06:aa:4b:58:1c:26:
86:5f:15:79:9b:34:22:08:90:3b:03:ac:bd:6a:f5:
bc:3c:bf:5f:32:a7:3f:82:1a:2b:43:a9:1a:e3:3e:
1b:aa:67:26:d1:1b:57:e7:25:d5:80:67:92:f8:89:
7f:3a:b1:df:04:1f:c2:9d:3e:aa:f6:38:56:19:2e:
5b:fb:54:12:b6:e8:4b:4a:8a:a3:04:39:c0:95:83:
90:e6:3b:45:6f:f4:61:cf:60:86:f0:1d:58:dd:61:
4e:8c:da:28:b5:af:9f:06:b3:75:e5:fe:57:a5:0c:
fd:87:85:8b:9f:85:de:6f:95:04:04:53:fa:96:92:
96:a4:0c:6e:ca:57:29:b8:fd:a3:92:a8:67:e6:5c:
19:32:f8:45:c9:3a:61:1f:87:f5:53:37:df:f8:d9:
01:89:52:bf:b3:57:ca:ef:39:0b:d8:b0:dd:53:11:
53:a0:5b:e5:b2:a7:cb:cb:82:76:4d:fa:35:0c:28:
db:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:AD:E1:55:D7:F9:9D:97:48:9D:C6:2A:E1:A9:CA:73:E8:BC:B3:3F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9B8F028E2D611EF83AE4359762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.185.0/24
Signature Algorithm: sha256WithRSAEncryption
42:53:d6:93:f0:36:37:15:1f:e4:f7:78:60:e2:8e:6a:97:f6:
9e:c5:2a:31:fa:31:27:89:e7:00:86:94:e9:db:41:9e:ec:ff:
30:e1:38:14:e0:3f:ba:1c:17:eb:40:8b:00:7a:65:ba:0e:78:
0b:f8:f1:4d:f7:be:f0:dc:06:37:d6:d2:b1:38:5e:d3:00:d9:
ad:e6:4d:ec:76:68:38:d6:0d:86:a7:f2:e9:2c:b4:7e:d4:d5:
22:dc:c6:ff:e1:13:d6:9a:03:e7:df:aa:18:bf:29:f3:06:f4:
c5:9e:4c:bb:33:0c:3e:28:62:1b:9c:6b:09:1e:f7:26:fa:e3:
8c:ba:49:a7:04:aa:d2:fc:38:a2:31:cd:2e:75:06:72:02:ee:
b8:5a:2e:fa:7c:50:2b:68:a4:de:1f:8d:16:72:74:dd:90:91:
cc:9b:6d:12:01:e1:98:bc:b1:7c:b8:48:55:88:f0:c7:f8:23:
f1:cd:b4:79:66:c1:3a:f2:b1:21:fe:f1:f8:85:18:d1:92:e9:
30:d5:5c:db:bf:ec:12:a7:9f:03:5c:53:bf:26:5f:ea:25:c3:
28:51:3f:22:35:72:f3:93:3a:32:2f:a6:90:07:a9:16:94:bb:
44:af:a3:6b:e0:05:74:db:99:ab:53:de:7c:2b:f4:13:84:7f:
ca:68:cf:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVDCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA0MDkwMjM3WhcNMjUwNDMwMDkwMjM3WjAYMRYw
FAYDVQQDEw02N2ExZDdiMS00MTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAouZll0ePdeFz6VNsJGwKT+rTWKfc+YXLFby6OpPa26HQDv9nfMsfsFK2
ix3a7Z3V4U7r2NPP0ZOYFwaeongxGPwjR5MGqktYHCaGXxV5mzQiCJA7A6y9avW8
PL9fMqc/ghorQ6ka4z4bqmcm0RtX5yXVgGeS+Il/OrHfBB/CnT6q9jhWGS5b+1QS
tuhLSoqjBDnAlYOQ5jtFb/Rhz2CG8B1Y3WFOjNoota+fBrN15f5XpQz9h4WLn4Xe
b5UEBFP6lpKWpAxuylcpuP2jkqhn5lwZMvhFyTphH4f1Uzff+NkBiVK/s1fK7zkL
2LDdUxFToFvlsqfLy4J2Tfo1DCjbnQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAet
4VXX+Z2XSJ3GKuGpynPovLM/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOUI4RjAyOEUyRDYxMUVGODNBRTQzNTk3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtK5MA0GCSqGSIb3DQEB
CwUAA4IBAQBCU9aT8DY3FR/k93hg4o5ql/aexSox+jEniecAhpTp20Ge7P8w4TgU
4D+6HBfrQIsAemW6DngL+PFN977w3AY31tKxOF7TANmt5k3sdmg41g2Gp/LpLLR+
1NUi3Mb/4RPWmgPn36oYvynzBvTFnky7Mww+KGIbnGsJHvcm+uOMukmnBKrS/Dii
Mc0udQZyAu64Wi76fFAraKTeH40WcnTdkJHMm20SAeGYvLF8uEhViPDH+CPxzbR5
ZsE68rEh/vH4hRjRkukw1Vzbv+wSp58DXFO/Jl/qJcMoUT8iNXLzkzoyL6aQB6kW
lLtEr6Nr4AV025mrU958K/QThH/KaM8V
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:39 2025 by rpki-client