Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D148F6C0F45C11EFB79D3D8F762E951A.roa
File: D148F6C0F45C11EFB79D3D8F762E951A.roa (raw, json)
Hash identifier: Olku3bwze/2Ss7kLe0uAC1nQYYEWPXlBWJEFaZNFmCI=
Subject key identifier: F1:E3:7F:D7:A0:89:F8:0B:37:3F:BF:CA:A1:AA:78:FA:4D:CB:38:10
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016514
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D148F6C0F45C11EFB79D3D8F762E951A.roa
Signing time: Wed 26 Feb 2025 16:14:56 +0000
ROA not before: Wed 26 Feb 2025 16:14:49 +0000
ROA not after: Sat 19 Feb 2028 16:14:49 +0000
asID: 17561
IP address blocks: 154.82.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91412 (0x16514)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 16:14:49 2025 GMT
Not After : Feb 19 16:14:49 2028 GMT
Subject: CN=67bf3e00-6ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ef:c4:bc:69:5c:5e:cc:6a:a1:22:fc:53:68:
39:23:b4:35:80:8f:76:04:eb:88:fd:21:94:24:15:
45:3b:b5:59:82:cc:39:b5:3b:09:e0:f1:55:b9:17:
8f:e6:59:b8:a5:4a:2e:2a:49:8c:e1:bc:c4:cd:e4:
fc:06:5e:fa:1c:8e:90:4c:57:58:13:be:c5:94:84:
a2:4f:a8:6d:1d:ee:53:96:ca:c7:55:c1:3c:49:9e:
e6:7f:de:fa:01:ff:fd:3c:5c:c7:c3:20:32:46:2e:
6d:65:95:57:74:03:7f:20:6f:b7:47:ba:2c:26:cc:
84:d6:b2:96:06:cb:d3:a1:6e:76:16:2b:b9:7d:9f:
cd:e5:85:be:fe:ca:a8:1a:52:4a:34:cd:85:e7:d3:
d2:39:8b:2d:2a:68:5d:6a:5a:79:66:f4:79:c6:17:
c9:d7:72:ed:c3:12:fd:9c:ac:58:cb:21:10:cb:3e:
a3:bd:ef:22:9f:67:c8:db:12:0f:ac:a6:69:ff:04:
78:53:26:62:0d:65:21:e6:24:1a:13:7f:05:69:21:
3a:4e:8d:20:dc:c2:a0:12:b7:97:9c:24:95:77:56:
f9:cd:79:d1:2c:0d:3f:7f:3e:6f:87:44:6d:0f:c3:
8d:fe:9c:e9:46:72:aa:0d:19:a2:9c:90:11:7c:d6:
ad:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E3:7F:D7:A0:89:F8:0B:37:3F:BF:CA:A1:AA:78:FA:4D:CB:38:10
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D148F6C0F45C11EFB79D3D8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.250.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:a2:09:c5:51:b7:cf:7f:b3:d5:26:25:b6:3f:82:77:ca:13:
1c:5b:5b:66:5a:11:ee:cc:8d:38:36:76:e4:02:ab:88:01:82:
d3:21:6a:d1:5f:c9:50:46:4a:fb:26:11:49:9d:49:3a:a4:22:
ac:95:19:b3:16:dc:73:d9:e3:4c:9e:fc:5c:bd:d4:16:49:44:
db:f7:fd:77:38:e8:8e:a5:99:71:de:c5:b8:75:ec:1f:87:0b:
ea:5d:68:1a:62:10:5a:d1:b7:b8:05:d7:85:6c:cd:0d:78:9a:
0f:5f:ce:91:ea:1e:e2:8d:6d:e2:8e:b4:2d:34:96:83:c3:9a:
fe:6f:fc:04:81:39:60:f0:bb:b4:6e:b1:82:38:5d:41:80:56:
8b:b2:8c:9d:f5:16:da:df:8f:5f:8a:a0:aa:3a:77:a2:e5:4d:
20:73:de:97:f9:cb:fa:71:3b:10:ec:b7:b1:3c:01:0d:35:d5:
4e:0a:93:57:12:ec:4f:5a:aa:4a:e5:7f:05:39:a3:97:a1:a8:
0d:1c:f7:b3:ef:37:29:8a:8a:f7:36:03:6f:e4:e8:db:fc:5d:
8a:70:88:29:2a:f5:20:b1:02:de:9e:49:4c:cc:78:40:22:61:
e1:f7:0f:86:5d:a4:c1:f5:cb:cb:7e:b4:92:34:0d:27:7c:fd:
e0:4f:9e:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWUUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTYxNDQ5WhcNMjgwMjE5MTYxNDQ5WjAYMRYw
FAYDVQQDEw02N2JmM2UwMC02ZWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4e/EvGlcXsxqoSL8U2g5I7Q1gI92BOuI/SGUJBVFO7VZgsw5tTsJ4PFV
uReP5lm4pUouKkmM4bzEzeT8Bl76HI6QTFdYE77FlISiT6htHe5TlsrHVcE8SZ7m
f976Af/9PFzHwyAyRi5tZZVXdAN/IG+3R7osJsyE1rKWBsvToW52Fiu5fZ/N5YW+
/sqoGlJKNM2F59PSOYstKmhdalp5ZvR5xhfJ13LtwxL9nKxYyyEQyz6jve8in2fI
2xIPrKZp/wR4UyZiDWUh5iQaE38FaSE6To0g3MKgEreXnCSVd1b5zXnRLA0/fz5v
h0RtD8ON/pzpRnKqDRminJARfNat0QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPHj
f9egifgLNz+/yqGqePpNyzgQMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMTQ4RjZDMEY0NUMxMUVGQjc5RDNEOEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlL6MA0GCSqGSIb3DQEB
CwUAA4IBAQCuognFUbfPf7PVJiW2P4J3yhMcW1tmWhHuzI04NnbkAquIAYLTIWrR
X8lQRkr7JhFJnUk6pCKslRmzFtxz2eNMnvxcvdQWSUTb9/13OOiOpZlx3sW4dewf
hwvqXWgaYhBa0be4BdeFbM0NeJoPX86R6h7ijW3ijrQtNJaDw5r+b/wEgTlg8Lu0
brGCOF1BgFaLsoyd9Rba349fiqCqOnei5U0gc96X+cv6cTsQ7LexPAENNdVOCpNX
EuxPWqpK5X8FOaOXoagNHPez7zcpior3NgNv5Ojb/F2KcIgpKvUgsQLenklMzHhA
ImHh9w+GXaTB9cvLfrSSNA0nfP3gT554
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:23:36 2025 by rpki-client