Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7CDD0D8F44711EFA42BB57D762E951A.roa
File: E7CDD0D8F44711EFA42BB57D762E951A.roa (raw, json)
Hash identifier: HaJ3rWoMziIkLxcblsnLDyhvXwF3ameFZYzocbn3Buo=
Subject key identifier: 3A:27:DA:1A:86:D1:73:49:13:C1:6B:29:C0:4C:5F:36:EF:35:D1:8D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0163EB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7CDD0D8F44711EFA42BB57D762E951A.roa
Signing time: Wed 26 Feb 2025 13:45:14 +0000
ROA not before: Wed 26 Feb 2025 13:45:10 +0000
ROA not after: Thu 19 Feb 2026 13:45:10 +0000
asID: 984
IP address blocks: 154.210.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91115 (0x163eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 13:45:10 2025 GMT
Not After : Feb 19 13:45:10 2026 GMT
Subject: CN=67bf1aea-836d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:95:e7:45:39:ec:0a:3f:94:ad:2b:19:2a:6c:
de:80:cb:f1:0f:d5:bc:e5:fa:89:15:92:20:59:ce:
6b:00:59:f7:82:de:5c:a9:b8:65:64:a7:73:b2:87:
3d:e8:f0:ca:a4:73:11:92:4c:1a:c3:46:83:60:8d:
c8:d1:c2:f2:23:cb:36:bc:47:63:e7:72:4a:be:d4:
5b:fc:3c:eb:bf:a9:84:76:74:af:39:b9:f3:83:e8:
ca:ef:28:d8:92:59:72:3e:39:5f:e6:77:38:97:18:
0e:de:b9:f6:a7:8e:d0:04:a0:da:83:3c:85:43:f2:
60:cb:13:cd:5a:19:26:b9:7c:26:bb:cb:b0:f0:2c:
01:99:fe:c2:c5:d0:eb:18:23:18:bd:93:2b:ff:a8:
7e:42:dd:6f:97:35:b9:88:4d:6e:b4:1c:97:94:26:
0b:ad:34:85:4e:3d:29:c0:e5:9d:85:41:92:20:c5:
dd:ca:a1:08:ec:36:e2:02:56:62:52:31:7f:b7:c2:
e8:b8:b5:3b:71:2d:cc:30:aa:ca:59:f4:fd:93:15:
1a:6c:1f:e1:e7:0a:a7:15:4e:1c:2b:c3:ec:25:78:
c5:ce:f8:38:8c:05:d6:9d:b9:74:12:6e:34:3b:f1:
3a:21:bd:fe:f1:86:05:35:1b:b7:ec:7e:ca:25:1f:
5d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:27:DA:1A:86:D1:73:49:13:C1:6B:29:C0:4C:5F:36:EF:35:D1:8D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E7CDD0D8F44711EFA42BB57D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.210.36.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:bc:0f:6b:29:6e:fe:4b:f1:2c:06:74:d4:52:c7:fb:d2:26:
76:a8:e6:db:c9:68:ee:e3:98:1c:e1:5c:c8:01:3e:ef:8d:3b:
3a:c1:b8:94:93:d1:0c:92:ef:b2:cf:42:c5:ef:67:8b:50:65:
ef:1b:13:53:46:3d:dc:78:91:07:6d:69:56:ef:7c:70:1f:cf:
99:8d:78:ec:d0:86:42:8f:d3:04:93:15:09:54:fa:e3:f1:28:
9c:8b:2f:00:62:c0:1c:9c:c1:02:1f:d5:7a:ec:66:47:a9:2b:
dc:0d:47:14:c2:a9:9e:d3:ba:d7:b0:db:1c:7d:0b:41:54:c5:
30:74:9b:6c:6c:c2:45:6a:d9:9e:78:7b:f8:e2:85:8f:29:ef:
77:5f:48:9f:80:ff:e1:b5:ed:69:b6:f7:fc:69:17:4f:3a:11:
88:b8:af:56:3c:81:b5:0e:a2:76:73:68:40:ef:57:1a:27:fc:
41:1c:44:31:27:6b:4f:e6:25:c2:68:ae:6b:87:7e:36:92:c6:
c8:bb:69:59:a2:16:b9:17:55:bb:2d:ca:54:9f:81:ba:f5:79:
95:1a:9d:17:92:36:1f:d2:e2:4c:45:dd:e6:b0:4f:e1:75:be:
f2:6d:35:7c:79:a9:e7:d1:b7:b4:ea:9f:29:d6:41:0b:58:ea:
2f:79:39:9a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWPrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTM0NTEwWhcNMjYwMjE5MTM0NTEwWjAYMRYw
FAYDVQQDEw02N2JmMWFlYS04MzZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5JXnRTnsCj+UrSsZKmzegMvxD9W85fqJFZIgWc5rAFn3gt5cqbhlZKdz
soc96PDKpHMRkkwaw0aDYI3I0cLyI8s2vEdj53JKvtRb/Dzrv6mEdnSvObnzg+jK
7yjYkllyPjlf5nc4lxgO3rn2p47QBKDagzyFQ/JgyxPNWhkmuXwmu8uw8CwBmf7C
xdDrGCMYvZMr/6h+Qt1vlzW5iE1utByXlCYLrTSFTj0pwOWdhUGSIMXdyqEI7Dbi
AlZiUjF/t8LouLU7cS3MMKrKWfT9kxUabB/h5wqnFU4cK8PsJXjFzvg4jAXWnbl0
Em40O/E6Ib3+8YYFNRu37H7KJR9dxQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDon
2hqG0XNJE8FrKcBMXzbvNdGNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FN0NERDBEOEY0NDcxMUVGQTQyQkI1N0Q3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtIkMA0GCSqGSIb3DQEB
CwUAA4IBAQCqvA9rKW7+S/EsBnTUUsf70iZ2qObbyWju45gc4VzIAT7vjTs6wbiU
k9EMku+yz0LF72eLUGXvGxNTRj3ceJEHbWlW73xwH8+ZjXjs0IZCj9MEkxUJVPrj
8Siciy8AYsAcnMECH9V67GZHqSvcDUcUwqme07rXsNscfQtBVMUwdJtsbMJFatme
eHv44oWPKe93X0ifgP/hte1ptvf8aRdPOhGIuK9WPIG1DqJ2c2hA71caJ/xBHEQx
J2tP5iXCaK5rh342ksbIu2lZoha5F1W7LcpUn4G69XmVGp0XkjYf0uJMRd3msE/h
db7ybTV8eann0be06p8p1kELWOoveTma
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:23 2025 by rpki-client