Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF23E7FEBE9211EF8FA3439D762E951A.roa
File: EF23E7FEBE9211EF8FA3439D762E951A.roa (raw, json)
Hash identifier: RXJOn7pBN1MVsN2X/b0r/K+6KBPoU2VCN4MAeIqSb2M=
Subject key identifier: DA:FB:73:17:D5:A2:B4:1F:7B:8D:1B:EC:5F:1C:1C:78:CA:C1:06:A6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011C26
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF23E7FEBE9211EF8FA3439D762E951A.roa
Signing time: Fri 20 Dec 2024 05:26:16 +0000
ROA not before: Fri 20 Dec 2024 05:26:12 +0000
ROA not after: Wed 10 Dec 2025 05:26:12 +0000
asID: 984
IP address blocks: 154.82.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72742 (0x11c26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 20 05:26:12 2024 GMT
Not After : Dec 10 05:26:12 2025 GMT
Subject: CN=6764fff8-1e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8a:fe:c0:01:1e:98:f3:e3:78:ce:f2:fb:84:
13:9f:40:6c:98:37:16:66:11:78:89:4c:c2:1f:8c:
d4:41:8c:c4:3d:a1:b1:da:d0:08:0f:ab:d7:1d:1b:
b3:59:0a:51:36:4e:47:ab:76:71:40:7c:2e:68:3f:
be:73:13:cc:4f:16:b3:98:9c:10:92:62:6c:95:dd:
35:e1:7a:e1:71:09:f1:05:33:68:36:8e:7d:4c:e7:
e1:88:a2:80:99:1e:4b:57:f2:7d:c2:96:a9:53:13:
20:a9:89:2e:4a:e3:2f:70:34:73:a4:73:16:31:55:
ce:95:d2:b3:d7:3a:21:40:82:a6:81:b2:1e:b0:0d:
25:ce:ac:40:f0:71:29:e4:3c:12:e6:30:4d:7b:0d:
67:9a:f9:96:af:8a:77:8b:bb:1e:f4:33:73:90:1e:
90:80:aa:2d:7d:f6:f4:ac:95:39:06:6b:98:0a:18:
2f:2b:17:ce:c1:87:63:ca:d4:27:e2:14:dc:36:b7:
f4:da:ee:e6:a2:7c:93:73:c6:92:8d:ee:57:6d:c0:
38:5d:c1:7b:d4:7b:4c:40:2b:ff:54:ae:05:1d:ef:
2e:0e:ef:18:f5:38:1a:07:b7:d4:73:6e:01:73:c3:
25:dc:f2:a1:b6:8b:6b:f9:62:56:35:6e:e2:63:f8:
42:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FB:73:17:D5:A2:B4:1F:7B:8D:1B:EC:5F:1C:1C:78:CA:C1:06:A6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EF23E7FEBE9211EF8FA3439D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.193.0/24
Signature Algorithm: sha256WithRSAEncryption
07:e1:a9:b0:a1:57:38:37:20:1e:4d:f7:6e:2e:f9:f6:2d:aa:
8a:ca:88:0b:e9:1b:2c:02:57:57:c4:10:0e:ff:bf:e4:6c:7a:
26:43:20:be:60:e3:4d:5c:9c:6c:7a:8c:e2:75:dc:c6:2c:8b:
91:52:01:85:8e:73:7f:5b:aa:0d:05:4e:bf:07:15:09:a0:ea:
8e:ba:65:1a:64:41:e9:31:1e:3d:2f:de:b5:84:71:2d:62:f6:
3a:1b:65:e1:ea:ac:5b:af:14:68:86:af:65:95:b2:6b:fd:10:
1e:6c:ba:29:80:7e:2d:c3:92:9d:58:df:db:a4:36:e4:dc:74:
1e:ec:17:7b:5a:01:dc:91:d8:85:a9:ab:e6:1a:0e:97:df:c6:
fb:32:6b:a7:ed:12:32:05:e2:96:17:05:22:89:88:b6:2e:ae:
97:8c:98:ef:d8:64:84:ca:ae:2d:d6:06:d1:64:6f:74:74:eb:
72:77:c9:31:69:42:e7:05:b2:0d:e0:7a:25:da:02:5b:a7:db:
27:ce:61:83:0a:a6:58:6e:3e:26:e4:6e:21:42:88:da:e2:b7:
9f:75:f0:5f:7d:dd:60:1f:06:50:ae:df:e2:3f:98:2f:e3:b2:
2f:7d:40:cc:bb:85:ac:bd:2d:e2:57:45:a8:f7:70:fb:5c:a8:
89:fc:da:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARwmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIwMDUyNjEyWhcNMjUxMjEwMDUyNjEyWjAYMRYw
FAYDVQQDEw02NzY0ZmZmOC0xZTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3or+wAEemPPjeM7y+4QTn0BsmDcWZhF4iUzCH4zUQYzEPaGx2tAID6vX
HRuzWQpRNk5Hq3ZxQHwuaD++cxPMTxazmJwQkmJsld014XrhcQnxBTNoNo59TOfh
iKKAmR5LV/J9wpapUxMgqYkuSuMvcDRzpHMWMVXOldKz1zohQIKmgbIesA0lzqxA
8HEp5DwS5jBNew1nmvmWr4p3i7se9DNzkB6QgKotffb0rJU5BmuYChgvKxfOwYdj
ytQn4hTcNrf02u7monyTc8aSje5XbcA4XcF71HtMQCv/VK4FHe8uDu8Y9TgaB7fU
c24Bc8Ml3PKhtotr+WJWNW7iY/hClQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNr7
cxfVorQfe40b7F8cHHjKwQamMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRjIzRTdGRUJFOTIxMUVGOEZBMzQzOUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLBMA0GCSqGSIb3DQEB
CwUAA4IBAQAH4amwoVc4NyAeTfduLvn2LaqKyogL6RssAldXxBAO/7/kbHomQyC+
YONNXJxseoziddzGLIuRUgGFjnN/W6oNBU6/BxUJoOqOumUaZEHpMR49L961hHEt
YvY6G2Xh6qxbrxRohq9llbJr/RAebLopgH4tw5KdWN/bpDbk3HQe7Bd7WgHckdiF
qavmGg6X38b7Mmun7RIyBeKWFwUiiYi2Lq6XjJjv2GSEyq4t1gbRZG90dOtyd8kx
aULnBbIN4Hol2gJbp9snzmGDCqZYbj4m5G4hQoja4refdfBffd1gHwZQrt/iP5gv
47IvfUDMu4WsvS3iV0Wo93D7XKiJ/No2
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:50:57 2025 by rpki-client