Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9C61DACF6BD11EF82893967762E951A.roa
File: C9C61DACF6BD11EF82893967762E951A.roa (raw, json)
Hash identifier: Mfsq6aMCLufobt9LqrGKukx31gwPMaWAbmyrxrzKJfU=
Subject key identifier: 00:51:19:00:DC:40:F2:E4:AB:4C:F4:56:80:50:46:07:E7:CA:3E:D1
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016EFE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9C61DACF6BD11EF82893967762E951A.roa
Signing time: Sat 01 Mar 2025 16:54:07 +0000
ROA not before: Sat 01 Mar 2025 16:54:03 +0000
ROA not after: Sat 05 Apr 2025 16:54:03 +0000
asID: 203020
IP address blocks: 154.201.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 16:54:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93950 (0x16efe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 1 16:54:03 2025 GMT
Not After : Apr 5 16:54:03 2025 GMT
Subject: CN=67c33baf-e176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5b:d5:9e:29:da:5b:41:4b:af:ce:31:46:5d:
f8:66:78:38:97:81:66:ee:da:37:48:a3:a9:a4:c4:
c1:34:65:f9:96:b3:f6:36:7b:53:bb:e6:8e:57:c9:
ac:e6:d3:a9:44:fb:68:15:5c:93:23:10:50:ea:25:
73:56:07:7d:c9:13:03:02:bd:dc:4c:d5:c6:ea:7f:
5f:86:29:e9:93:dc:d7:c9:fb:7a:12:e1:5c:2f:77:
53:6c:17:8b:68:72:68:93:f8:50:b0:72:ba:67:d3:
1c:a0:42:a2:07:04:f6:e1:ba:05:3f:50:73:cf:84:
06:a1:8b:84:f9:54:1a:3e:2d:13:7f:5b:e5:28:c4:
bf:c8:52:c4:0b:a8:b9:47:95:1d:f2:88:91:67:54:
0b:87:ec:8d:56:3b:64:44:06:49:a1:f6:ae:71:29:
e3:fb:4a:72:47:ab:12:12:32:e0:d9:a0:2a:c2:68:
8b:b1:e8:c2:4d:e6:58:70:81:d2:20:21:36:f9:1c:
ad:7e:09:25:c6:76:22:74:db:97:3b:64:e8:11:a5:
f4:3c:21:31:6e:e0:37:87:3e:51:d5:bd:2a:0b:11:
e2:c6:c9:4f:6b:17:ef:6e:fd:a2:64:4e:6a:25:6b:
dc:b3:7e:5a:a0:31:e1:df:44:28:9d:bd:e7:51:73:
ff:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:51:19:00:DC:40:F2:E4:AB:4C:F4:56:80:50:46:07:E7:CA:3E:D1
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C9C61DACF6BD11EF82893967762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.46.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:8f:82:10:ca:53:aa:eb:55:19:e5:bb:84:63:04:59:14:14:
5a:a8:8c:76:6b:1e:13:b0:8a:63:03:27:02:0a:29:84:57:7d:
19:5e:30:9f:9a:cf:6c:69:f1:de:b6:a2:b4:5a:d9:3f:87:0b:
78:07:ef:29:43:9d:09:bc:1e:3c:2d:55:fa:e0:14:87:20:a8:
83:3a:b9:f7:0e:c2:a5:7b:0e:b7:6c:72:fe:4e:1d:cd:0e:73:
48:0e:54:8c:46:e4:df:4a:f7:12:31:74:d9:95:9c:ec:2b:dc:
f9:b3:76:ad:9e:5e:eb:23:d4:1a:87:18:24:7e:48:c5:f6:61:
de:97:75:73:01:09:99:f2:61:47:81:2b:d4:e9:6b:5d:11:71:
85:f9:88:c2:de:15:c0:b9:16:24:7e:42:1e:d8:8d:84:d3:09:
a8:b7:8e:b9:26:65:51:fc:ee:d0:df:20:d7:1b:ff:ee:73:45:
3a:af:aa:9f:8f:57:3d:5c:b5:5c:2c:97:07:c8:1e:40:88:c7:
f2:a2:37:65:33:df:97:38:ad:b8:ad:9c:aa:af:44:1d:63:4c:
d7:88:8e:a6:91:dd:50:28:b2:5d:8c:bb:5c:7b:aa:0f:16:0e:
29:4c:e1:5a:d0:70:3c:8e:64:61:b1:48:cc:51:a1:ca:d7:38:
a8:a1:4e:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAW7+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzAxMTY1NDAzWhcNMjUwNDA1MTY1NDAzWjAYMRYw
FAYDVQQDEw02N2MzM2JhZi1lMTc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1lvVninaW0FLr84xRl34Zng4l4Fm7to3SKOppMTBNGX5lrP2NntTu+aO
V8ms5tOpRPtoFVyTIxBQ6iVzVgd9yRMDAr3cTNXG6n9fhinpk9zXyft6EuFcL3dT
bBeLaHJok/hQsHK6Z9McoEKiBwT24boFP1Bzz4QGoYuE+VQaPi0Tf1vlKMS/yFLE
C6i5R5Ud8oiRZ1QLh+yNVjtkRAZJofaucSnj+0pyR6sSEjLg2aAqwmiLsejCTeZY
cIHSICE2+RytfgklxnYidNuXO2ToEaX0PCExbuA3hz5R1b0qCxHixslPaxfvbv2i
ZE5qJWvcs35aoDHh30Qonb3nUXP/dwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFABR
GQDcQPLkq0z0VoBQRgfnyj7RMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DOUM2MURBQ0Y2QkQxMUVGODI4OTM5Njc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmskuMA0GCSqGSIb3DQEB
CwUAA4IBAQDIj4IQylOq61UZ5buEYwRZFBRaqIx2ax4TsIpjAycCCimEV30ZXjCf
ms9safHetqK0Wtk/hwt4B+8pQ50JvB48LVX64BSHIKiDOrn3DsKlew63bHL+Th3N
DnNIDlSMRuTfSvcSMXTZlZzsK9z5s3atnl7rI9QahxgkfkjF9mHel3VzAQmZ8mFH
gSvU6WtdEXGF+YjC3hXAuRYkfkIe2I2E0wmot465JmVR/O7Q3yDXG//uc0U6r6qf
j1c9XLVcLJcHyB5AiMfyojdlM9+XOK24rZyqr0QdY0zXiI6mkd1QKLJdjLtce6oP
Fg4pTOFa0HA8jmRhsUjMUaHK1ziooU7x
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:43 2025 by rpki-client