Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE86DAE0F43111EF80E20263762E951A.roa
File: CE86DAE0F43111EF80E20263762E951A.roa (raw, json)
Hash identifier: c+q/0Ktd5tea9YVrI7zIQDYTjQMsGLyIAAHHoWwMlfk=
Subject key identifier: 57:28:62:02:32:F2:1D:3B:CA:E8:28:FF:C6:C2:62:7C:74:8A:12:B4
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016275
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE86DAE0F43111EF80E20263762E951A.roa
Signing time: Wed 26 Feb 2025 11:07:03 +0000
ROA not before: Wed 26 Feb 2025 11:06:59 +0000
ROA not after: Fri 20 Feb 2026 11:06:59 +0000
asID: 984
IP address blocks: 154.199.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90741 (0x16275)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:06:59 2025 GMT
Not After : Feb 20 11:06:59 2026 GMT
Subject: CN=67bef5d7-8fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:92:28:64:22:25:4e:ec:1e:8a:dc:72:d2:c6:
e5:31:43:6d:09:92:1b:86:42:9c:90:be:8e:e6:a9:
d8:c9:d8:0a:61:9f:ab:25:23:83:3c:cd:f2:d7:e6:
bd:18:4b:f7:47:82:fe:6a:bd:08:2e:a7:76:45:90:
2d:76:27:3f:10:71:fd:55:7d:5b:83:61:15:29:af:
92:f6:93:0c:a8:53:e1:e1:48:89:06:48:55:76:3c:
b3:59:ac:30:4b:d2:d0:3e:4d:47:a7:b7:e1:c6:e4:
73:62:3d:0b:27:30:8f:11:2c:3d:5e:7f:58:c6:b1:
bd:87:e4:c6:db:04:dd:c1:72:45:f8:07:9b:e2:f4:
ea:d6:7c:92:9e:fe:7c:43:6b:59:ec:cd:9b:c5:7f:
5f:6e:2f:fd:7d:d7:55:eb:40:82:e4:04:2e:eb:31:
a9:9f:2e:53:dd:df:63:22:6f:c5:bf:70:10:72:5a:
83:29:0d:54:4b:c9:4f:09:5f:27:7a:8e:a1:e4:78:
1d:38:81:e8:ad:c0:b2:60:64:0a:e5:d4:e1:06:d0:
53:e5:fa:e4:82:ca:71:a4:44:ec:ee:1b:8c:31:33:
5d:c3:ef:17:29:9c:e5:d2:b4:b4:3a:3a:5e:b8:00:
c6:11:8a:aa:61:fa:89:2f:e6:63:1d:35:0c:ce:31:
8a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:28:62:02:32:F2:1D:3B:CA:E8:28:FF:C6:C2:62:7C:74:8A:12:B4
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CE86DAE0F43111EF80E20263762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.19.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:f7:57:94:44:6b:41:4b:82:dc:2a:a1:2d:3d:3a:16:6a:05:
fd:64:1b:bf:07:3a:d0:25:76:26:4b:2e:f1:42:79:bb:50:cb:
58:5d:3c:d6:f6:9c:f3:98:19:66:20:06:b9:10:0a:4a:f1:cd:
9a:ee:f0:11:c8:9a:85:10:b4:37:ff:06:a4:7c:4c:9a:c1:ed:
55:d1:cb:05:8f:75:b2:ab:07:8d:37:1c:51:71:f4:aa:14:17:
bb:9d:ea:56:da:c0:64:23:89:cc:59:6b:c4:93:fc:38:48:d9:
8e:d8:c2:db:79:70:ec:7f:f9:12:7b:df:1f:cb:99:21:29:be:
8b:71:22:e1:95:4e:37:50:16:b3:99:b7:5a:8d:f5:92:13:50:
2d:e3:da:59:92:71:3c:74:fb:bb:2a:78:63:47:fd:1e:65:78:
b3:61:c4:2c:bf:8e:e9:da:0c:4c:b6:52:9a:a9:56:f4:10:fa:
57:c0:b6:cf:b2:02:58:09:e5:8b:7a:06:7d:46:c4:1d:59:4f:
04:52:ea:3c:cb:bf:f0:36:5e:5b:db:0e:33:7c:8b:e8:29:f6:
d1:23:9d:09:83:b0:56:8c:60:f1:96:21:f0:23:dc:c1:87:db:
e1:2d:0d:c3:32:ec:42:30:e8:0e:d5:1f:50:cd:be:15:db:d6:
ed:87:e6:19
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWJ1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTEwNjU5WhcNMjYwMjIwMTEwNjU5WjAYMRYw
FAYDVQQDEw02N2JlZjVkNy04ZmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArpIoZCIlTuweitxy0sblMUNtCZIbhkKckL6O5qnYydgKYZ+rJSODPM3y
1+a9GEv3R4L+ar0ILqd2RZAtdic/EHH9VX1bg2EVKa+S9pMMqFPh4UiJBkhVdjyz
WawwS9LQPk1Hp7fhxuRzYj0LJzCPESw9Xn9YxrG9h+TG2wTdwXJF+Aeb4vTq1nyS
nv58Q2tZ7M2bxX9fbi/9fddV60CC5AQu6zGpny5T3d9jIm/Fv3AQclqDKQ1US8lP
CV8neo6h5HgdOIHorcCyYGQK5dThBtBT5frkgspxpETs7huMMTNdw+8XKZzl0rS0
OjpeuADGEYqqYfqJL+ZjHTUMzjGKzQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFco
YgIy8h07yugo/8bCYnx0ihK0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRTg2REFFMEY0MzExMUVGODBFMjAyNjM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmscTMA0GCSqGSIb3DQEB
CwUAA4IBAQCK91eURGtBS4LcKqEtPToWagX9ZBu/BzrQJXYmSy7xQnm7UMtYXTzW
9pzzmBlmIAa5EApK8c2a7vARyJqFELQ3/wakfEyawe1V0csFj3WyqweNNxxRcfSq
FBe7nepW2sBkI4nMWWvEk/w4SNmO2MLbeXDsf/kSe98fy5khKb6LcSLhlU43UBaz
mbdajfWSE1At49pZknE8dPu7KnhjR/0eZXizYcQsv47p2gxMtlKaqVb0EPpXwLbP
sgJYCeWLegZ9RsQdWU8EUuo8y7/wNl5b2w4zfIvoKfbRI50Jg7BWjGDxliHwI9zB
h9vhLQ3DMuxCMOgO1R9Qzb4V29bth+YZ
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:33 2025 by rpki-client