Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D61D53F8F47011EFA478539B762E951A.roa
File: D61D53F8F47011EFA478539B762E951A.roa (raw, json)
Hash identifier: V/UJ8GaSc3hwAIdLscjUtq5+qSjFdB5iHjzh4goknaE=
Subject key identifier: 01:8D:8F:77:AB:22:57:51:FD:D8:92:30:65:7C:CC:CF:0B:12:F3:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016564
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D61D53F8F47011EFA478539B762E951A.roa
Signing time: Wed 26 Feb 2025 18:38:14 +0000
ROA not before: Wed 26 Feb 2025 18:38:10 +0000
ROA not after: Sat 19 Feb 2028 18:38:10 +0000
asID: 17561
IP address blocks: 154.201.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91492 (0x16564)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 18:38:10 2025 GMT
Not After : Feb 19 18:38:10 2028 GMT
Subject: CN=67bf5f96-ef81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:17:02:6e:22:cd:ad:3a:d6:12:82:2d:d0:d5:
e5:91:d9:f2:a4:55:4c:5b:c7:1f:82:f6:93:df:55:
3f:52:a8:58:8f:2f:10:9e:d0:0f:20:3f:df:9a:94:
e7:fe:32:e5:f0:c9:d3:5e:28:1e:2a:b6:65:65:ab:
3e:f1:30:ae:a7:5d:3d:18:96:ff:f5:ec:5b:20:5f:
e4:78:bc:1b:bc:42:bc:91:fc:91:55:bd:81:6c:19:
b3:d0:6b:11:b6:b5:e1:5e:d2:c9:ee:b1:08:5e:84:
4a:55:3f:5c:0f:eb:10:d8:46:be:aa:70:5f:c9:ff:
5f:e6:67:01:c5:d8:60:d2:58:94:8e:c1:75:1c:55:
7e:d2:33:11:b1:dc:4e:4c:51:f6:85:90:84:92:6c:
8a:18:d6:f2:1a:ba:f4:0a:e8:1a:b5:81:6e:51:ef:
12:2b:bd:32:c9:83:5a:50:4a:a0:0e:77:84:05:32:
61:dc:b7:90:91:68:87:2c:fb:44:20:ca:0b:ea:ac:
7a:b1:0c:6b:6f:cc:ee:7b:90:a3:18:d5:6a:c7:5f:
44:fd:da:03:e2:b2:16:bb:f2:18:0d:e4:c2:07:72:
3f:d4:a1:3a:b3:85:e8:14:cf:5e:64:6f:f8:a9:99:
fb:b9:01:26:88:1c:2e:2b:47:99:8b:9d:67:e8:0d:
34:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8D:8F:77:AB:22:57:51:FD:D8:92:30:65:7C:CC:CF:0B:12:F3:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D61D53F8F47011EFA478539B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.201.63.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:88:e6:8d:4e:34:7d:7d:9a:28:f0:fb:99:92:fc:20:ae:d6:
bb:75:81:a5:13:64:bf:e9:d5:da:c3:91:42:7e:c4:87:d5:4f:
f3:e4:86:c8:6d:b3:1e:be:91:75:9d:7d:a3:6b:81:ce:13:b3:
c0:5c:4b:ad:3c:9b:d5:aa:0c:2a:45:a1:5f:af:fe:da:33:0d:
b0:c6:dd:48:e1:0e:23:25:9d:ed:d9:a4:80:b2:e8:59:e1:3c:
6c:aa:93:6c:f9:b8:ee:35:cb:0f:08:0c:a1:e5:ed:2b:46:ca:
8e:ab:c2:f1:44:e7:7b:5a:5e:af:12:78:2b:f1:34:42:75:94:
0b:e3:cc:1b:f9:49:60:e6:36:9d:4b:95:6a:a9:d2:e4:a0:e1:
fc:7b:f5:0c:b0:66:51:6f:c8:f7:0b:18:f7:79:17:e2:48:3f:
99:07:47:9e:9d:0c:06:f7:4b:1a:81:86:e2:31:85:85:75:9f:
49:e9:4c:cc:0b:79:df:7d:57:0a:e4:71:7f:9e:7a:67:8e:a3:
ad:a4:8f:33:40:09:f5:5c:69:31:3b:da:ec:1e:23:0e:12:84:
46:a8:f8:b2:10:6e:68:2f:b1:db:8e:d8:7c:d5:29:7f:84:d6:
2c:30:ea:ac:15:70:8b:69:88:e3:a2:7d:e7:a1:9a:36:bc:c7:
20:f5:db:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWVkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTgzODEwWhcNMjgwMjE5MTgzODEwWjAYMRYw
FAYDVQQDEw02N2JmNWY5Ni1lZjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyBcCbiLNrTrWEoIt0NXlkdnypFVMW8cfgvaT31U/UqhYjy8QntAPID/f
mpTn/jLl8MnTXigeKrZlZas+8TCup109GJb/9exbIF/keLwbvEK8kfyRVb2BbBmz
0GsRtrXhXtLJ7rEIXoRKVT9cD+sQ2Ea+qnBfyf9f5mcBxdhg0liUjsF1HFV+0jMR
sdxOTFH2hZCEkmyKGNbyGrr0CugatYFuUe8SK70yyYNaUEqgDneEBTJh3LeQkWiH
LPtEIMoL6qx6sQxrb8zue5CjGNVqx19E/doD4rIWu/IYDeTCB3I/1KE6s4XoFM9e
ZG/4qZn7uQEmiBwuK0eZi51n6A00WQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAGN
j3erIldR/diSMGV8zM8LEvNkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENjFENTNGOEY0NzAxMUVGQTQ3ODUzOUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsk/MA0GCSqGSIb3DQEB
CwUAA4IBAQC4iOaNTjR9fZoo8PuZkvwgrta7dYGlE2S/6dXaw5FCfsSH1U/z5IbI
bbMevpF1nX2ja4HOE7PAXEutPJvVqgwqRaFfr/7aMw2wxt1I4Q4jJZ3t2aSAsuhZ
4TxsqpNs+bjuNcsPCAyh5e0rRsqOq8LxROd7Wl6vEngr8TRCdZQL48wb+Ulg5jad
S5VqqdLkoOH8e/UMsGZRb8j3Cxj3eRfiSD+ZB0eenQwG90sagYbiMYWFdZ9J6UzM
C3nffVcK5HF/nnpnjqOtpI8zQAn1XGkxO9rsHiMOEoRGqPiyEG5oL7Hbjth81Sl/
hNYsMOqsFXCLaYjjon3noZo2vMcg9dt0
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:54:05 2025 by rpki-client