Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDBF6C12F3D711EFA6E72567762E951A.roa
File: CDBF6C12F3D711EFA6E72567762E951A.roa (raw, json)
Hash identifier: gel2Zuv/+ZehZV8v+ZUWzp8gsl7umS6JJHddmrbhwKw=
Subject key identifier: 51:F6:17:3C:BF:2F:20:F1:19:FD:52:7F:1D:30:2A:CF:C4:E9:CB:65
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016037
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDBF6C12F3D711EFA6E72567762E951A.roa
Signing time: Wed 26 Feb 2025 00:22:47 +0000
ROA not before: Wed 26 Feb 2025 00:00:43 +0000
ROA not after: Thu 19 Feb 2026 00:00:43 +0000
asID: 984
IP address blocks: 154.89.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90167 (0x16037)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 00:00:43 2025 GMT
Not After : Feb 19 00:00:43 2026 GMT
Subject: CN=67be5ed7-8deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:76:ea:a2:33:fc:bf:3a:89:36:38:d8:77:75:
89:a4:74:e3:ce:aa:1a:45:77:d0:fe:fd:d0:cf:f9:
5e:50:58:a5:17:13:c7:be:01:3b:72:c4:e2:9d:5c:
c4:f5:fc:b4:51:a2:26:67:e9:a1:45:69:60:9b:b5:
cf:3f:a6:69:26:17:7e:04:b2:75:ed:7a:a2:18:da:
90:54:14:80:6e:54:80:bd:62:55:6c:7b:53:28:a3:
d7:ed:ba:5a:e7:db:53:7a:bd:2a:48:a7:4d:2a:2e:
60:ff:fe:32:81:89:02:70:d5:2d:78:b3:b7:da:06:
ec:a1:c4:d0:71:15:53:47:43:f2:a5:d2:e2:60:4a:
bc:54:10:10:d5:21:74:61:55:f9:17:5a:28:53:7c:
54:b4:bf:62:c7:ce:28:48:b7:bb:5a:6a:6c:48:68:
dc:55:c5:7f:f2:2e:fe:25:4c:41:5b:47:8d:ca:09:
e4:f3:76:47:cd:ad:70:c8:78:1b:cf:a8:a8:04:42:
3e:09:bd:b1:cd:31:56:b0:b5:24:38:d4:10:28:98:
59:ba:db:8b:f8:6f:c9:f6:1b:d9:96:b0:10:b2:e8:
0e:14:63:cd:a3:bb:23:3a:ab:a8:57:fc:ef:45:e4:
72:6c:78:82:cd:c9:95:dd:e4:23:32:0d:24:a4:8d:
0b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F6:17:3C:BF:2F:20:F1:19:FD:52:7F:1D:30:2A:CF:C4:E9:CB:65
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CDBF6C12F3D711EFA6E72567762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.238.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:f6:da:06:7e:a3:f4:0e:74:77:40:44:24:5f:44:3c:24:4d:
24:13:d7:34:b4:d0:8f:46:8e:ea:2c:82:ee:b0:71:1d:8a:dc:
0e:05:8c:77:65:9c:e2:c1:f5:61:33:b1:af:3d:7c:cf:56:20:
49:4b:fc:27:4e:60:83:5c:85:e4:dd:d6:b3:2f:4c:dc:d0:57:
de:b8:8f:58:6b:2b:35:94:2d:4e:8a:72:8b:dc:ff:45:8e:ef:
55:66:01:6f:bf:b8:c1:90:3b:d4:45:97:e8:8b:91:86:fa:66:
9e:af:76:ad:bb:e7:48:f6:cb:44:68:f5:f4:f5:5a:52:cc:3e:
15:26:6e:a0:0a:b9:e4:b6:47:db:1d:04:20:81:9d:f3:30:f3:
de:cb:1f:15:c3:12:2c:ef:e0:fd:ab:17:cb:ce:75:ba:b1:ec:
b5:a6:17:6a:19:28:9a:19:c4:4e:d5:af:1c:80:b5:44:9b:83:
ac:86:8e:20:a3:c7:da:2e:42:ef:b7:5a:45:b2:df:dd:29:a6:
21:be:b9:11:5d:46:fe:59:a0:cd:ad:52:bc:f8:f8:bf:a4:d3:
0e:ec:35:75:bc:be:64:ad:6d:14:f5:2c:57:41:f6:ec:e2:8b:
64:6e:3d:76:ea:50:5f:01:66:30:94:42:47:d1:5c:ea:c7:55:
6b:ad:d0:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWA3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDAwMDQzWhcNMjYwMjE5MDAwMDQzWjAYMRYw
FAYDVQQDEw02N2JlNWVkNy04ZGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAunbqojP8vzqJNjjYd3WJpHTjzqoaRXfQ/v3Qz/leUFilFxPHvgE7csTi
nVzE9fy0UaImZ+mhRWlgm7XPP6ZpJhd+BLJ17XqiGNqQVBSAblSAvWJVbHtTKKPX
7bpa59tTer0qSKdNKi5g//4ygYkCcNUteLO32gbsocTQcRVTR0PypdLiYEq8VBAQ
1SF0YVX5F1ooU3xUtL9ix84oSLe7WmpsSGjcVcV/8i7+JUxBW0eNygnk83ZHza1w
yHgbz6ioBEI+Cb2xzTFWsLUkONQQKJhZutuL+G/J9hvZlrAQsugOFGPNo7sjOquo
V/zvReRybHiCzcmV3eQjMg0kpI0LPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFH2
Fzy/LyDxGf1Sfx0wKs/E6ctlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DREJGNkMxMkYzRDcxMUVGQTZFNzI1Njc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlnuMA0GCSqGSIb3DQEB
CwUAA4IBAQC99toGfqP0DnR3QEQkX0Q8JE0kE9c0tNCPRo7qLILusHEditwOBYx3
ZZziwfVhM7GvPXzPViBJS/wnTmCDXIXk3dazL0zc0FfeuI9Yays1lC1OinKL3P9F
ju9VZgFvv7jBkDvURZfoi5GG+maer3atu+dI9stEaPX09VpSzD4VJm6gCrnktkfb
HQQggZ3zMPPeyx8VwxIs7+D9qxfLznW6sey1phdqGSiaGcRO1a8cgLVEm4Osho4g
o8faLkLvt1pFst/dKaYhvrkRXUb+WaDNrVK8+Pi/pNMO7DV1vL5krW0U9SxXQfbs
4otkbj126lBfAWYwlEJH0Vzqx1VrrdBo
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:40 2025 by rpki-client