Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC1A2E4CF8FD11EF96EAEFAF762E951A.roa
File: EC1A2E4CF8FD11EF96EAEFAF762E951A.roa (raw, json)
Hash identifier: 0SZQsEwvwEUYfaVVbZ9CUt0b7xok8Fu4+Oo/TUmwdc4=
Subject key identifier: 57:DC:D2:FD:C0:7B:C9:61:61:06:61:6D:6F:6B:D6:9F:B7:62:CC:E7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0171CE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC1A2E4CF8FD11EF96EAEFAF762E951A.roa
Signing time: Tue 04 Mar 2025 13:38:14 +0000
ROA not before: Tue 04 Mar 2025 13:38:10 +0000
ROA not after: Tue 03 Mar 2026 13:38:10 +0000
asID: 141389
IP address blocks: 154.196.246.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94670 (0x171ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 4 13:38:10 2025 GMT
Not After : Mar 3 13:38:10 2026 GMT
Subject: CN=67c70246-4055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:53:51:5e:48:47:41:84:d0:a4:20:21:0c:8f:
3d:8b:fa:80:9d:f7:24:2d:07:df:3f:4c:b8:ca:fe:
67:f0:ec:f2:c0:a1:cf:88:ad:58:77:0a:84:be:df:
bd:30:e6:9b:fd:4c:99:d6:8e:ff:92:e3:d2:6c:91:
2f:37:6d:41:f0:2d:22:b9:9e:80:36:9e:56:41:f3:
76:3b:2d:9c:2a:25:3c:3a:5d:a6:75:a8:3b:1e:fb:
c3:72:c3:fb:25:75:c6:62:61:23:92:91:f3:71:9c:
3d:75:c6:28:00:11:60:22:59:3f:a4:35:0f:8b:db:
e9:dc:26:ca:c6:f3:a1:1d:ec:c7:96:2b:9e:9f:a0:
46:6f:07:40:b2:c2:78:08:a6:03:f7:b9:c5:44:e3:
86:19:82:21:32:a5:a2:88:70:21:f6:7d:89:ad:54:
3a:09:31:a0:21:c2:10:6d:26:97:f9:ca:7c:77:47:
84:3a:c5:ec:81:ba:8d:30:65:af:d4:9a:be:24:91:
b4:56:37:f9:0a:a2:7f:a5:dd:1d:d0:40:f5:3e:3b:
ba:51:4d:2f:54:93:87:df:1d:14:02:f0:65:ff:b1:
b7:dd:e6:4c:7b:06:2a:51:95:3f:c4:40:c2:18:c0:
7d:38:d6:a0:8b:bf:de:fe:41:cb:50:2d:fd:2d:cc:
b4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:DC:D2:FD:C0:7B:C9:61:61:06:61:6D:6F:6B:D6:9F:B7:62:CC:E7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EC1A2E4CF8FD11EF96EAEFAF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.246.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:a5:4b:b8:e6:ef:79:24:fa:88:67:69:e7:6a:71:0e:29:ca:
d6:86:3a:3c:81:48:a0:f0:5d:cf:0e:6f:57:30:52:b8:1d:4b:
55:6b:ce:ac:0d:80:ae:fe:31:29:b5:bc:69:e0:89:41:60:c8:
e8:bd:93:db:41:cd:31:f0:58:1b:33:1f:12:48:56:f0:69:67:
3c:3b:56:40:5e:b0:5b:2c:93:72:b6:d4:74:ad:83:fc:9d:6a:
1f:92:5d:ee:bf:72:68:67:af:5e:a4:a3:e1:e0:a2:f8:45:06:
e9:0f:9d:95:88:3a:25:49:55:fa:6c:fe:07:3b:76:39:49:82:
35:bd:ea:50:21:08:ce:6d:f3:58:ea:15:73:5b:6b:24:63:8b:
4b:1b:fe:d7:9a:b1:2d:3b:f0:0f:4e:a0:79:bf:ab:62:24:a6:
76:2b:44:b4:31:e6:c5:93:f7:83:f0:04:13:9b:7d:bb:bc:35:
6b:2c:32:7f:f1:0c:19:ad:e8:3a:84:0d:09:98:ed:25:0e:2f:
01:47:b9:6d:cb:65:b6:d0:b2:00:c3:5c:71:fc:8c:81:ca:7d:
f2:4f:21:19:45:c7:29:b8:2d:b8:7f:ae:76:e0:2d:a3:2c:87:
ad:61:7a:b7:83:45:6f:6b:a8:c4:71:e0:13:31:55:ad:d3:da:
2e:16:84:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXHOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA0MTMzODEwWhcNMjYwMzAzMTMzODEwWjAYMRYw
FAYDVQQDEw02N2M3MDI0Ni00MDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2VNRXkhHQYTQpCAhDI89i/qAnfckLQffP0y4yv5n8OzywKHPiK1YdwqE
vt+9MOab/UyZ1o7/kuPSbJEvN21B8C0iuZ6ANp5WQfN2Oy2cKiU8Ol2mdag7HvvD
csP7JXXGYmEjkpHzcZw9dcYoABFgIlk/pDUPi9vp3CbKxvOhHezHliuen6BGbwdA
ssJ4CKYD97nFROOGGYIhMqWiiHAh9n2JrVQ6CTGgIcIQbSaX+cp8d0eEOsXsgbqN
MGWv1Jq+JJG0Vjf5CqJ/pd0d0ED1Pju6UU0vVJOH3x0UAvBl/7G33eZMewYqUZU/
xEDCGMB9ONagi7/e/kHLUC39Lcy0nQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFfc
0v3Ae8lhYQZhbW9r1p+3YsznMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FQzFBMkU0Q0Y4RkQxMUVGOTZFQUVGQUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmsT2MA0GCSqGSIb3DQEB
CwUAA4IBAQC1pUu45u95JPqIZ2nnanEOKcrWhjo8gUig8F3PDm9XMFK4HUtVa86s
DYCu/jEptbxp4IlBYMjovZPbQc0x8FgbMx8SSFbwaWc8O1ZAXrBbLJNyttR0rYP8
nWofkl3uv3JoZ69epKPh4KL4RQbpD52ViDolSVX6bP4HO3Y5SYI1vepQIQjObfNY
6hVzW2skY4tLG/7XmrEtO/APTqB5v6tiJKZ2K0S0MebFk/eD8AQTm327vDVrLDJ/
8QwZreg6hA0JmO0lDi8BR7lty2W20LIAw1xx/IyByn3yTyEZRccpuC24f6524C2j
LIetYXq3g0Vva6jEceATMVWt09ouFoQc
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:46:29 2025 by rpki-client