Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EFDA914EC0C611EFB4469A64762E951A.roa
File: EFDA914EC0C611EFB4469A64762E951A.roa (raw, json)
Hash identifier: rsbhjWli3dfF/wZNFSD1xuN4CR5rhu++IBZI1QWQkF8=
Subject key identifier: 48:78:71:C6:6B:99:02:F1:5D:C3:E7:03:4D:60:15:34:FC:23:75:F5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011DC0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EFDA914EC0C611EFB4469A64762E951A.roa
Signing time: Mon 23 Dec 2024 00:43:33 +0000
ROA not before: Mon 23 Dec 2024 00:00:30 +0000
ROA not after: Wed 10 Dec 2025 00:00:30 +0000
asID: 984
IP address blocks: 154.82.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73152 (0x11dc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 00:00:30 2024 GMT
Not After : Dec 10 00:00:30 2025 GMT
Subject: CN=6768b235-2f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cc:3d:8b:af:ec:41:f2:a4:bc:3e:0c:95:dc:
81:69:f9:c4:75:d2:7b:90:45:68:f7:d2:93:dc:f3:
b7:1a:75:78:db:38:88:d6:21:4e:c2:fe:f3:bd:4b:
82:31:85:a3:07:76:4d:d2:3d:ed:8e:ea:b8:85:31:
bc:dc:fe:52:e9:c3:1f:2b:0c:40:6c:bf:e2:cf:2d:
3c:d6:a9:35:84:90:8f:d8:9b:6f:8e:f4:d5:54:93:
4e:dc:39:e3:f2:d6:97:a7:bc:78:3f:05:25:b6:c8:
6f:ff:83:a3:1c:a4:26:a5:05:b4:34:4f:cd:65:c5:
92:ee:9d:3c:1d:25:b0:6b:18:3d:60:9a:02:30:5b:
5d:0a:8b:28:fa:6b:56:bd:a3:6c:ab:4b:6d:28:85:
fa:5f:c1:38:f3:7d:14:8b:51:ed:d0:2d:ad:2a:08:
b0:20:94:40:04:dc:b0:1d:bf:b9:6c:5d:73:9b:3f:
a3:29:f2:e0:7d:d3:b3:e9:88:ee:34:f9:1c:02:c7:
53:e2:ee:0e:08:4e:4d:86:d3:38:14:e0:61:89:98:
8e:56:e5:04:82:e3:3d:8d:15:dd:bd:cf:fe:26:a6:
dd:77:ee:fa:53:75:2e:ae:3e:37:0a:6c:c0:bf:78:
f2:79:44:52:3a:f4:30:a1:7c:78:1b:c7:b7:3a:cf:
b4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:78:71:C6:6B:99:02:F1:5D:C3:E7:03:4D:60:15:34:FC:23:75:F5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/EFDA914EC0C611EFB4469A64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.211.0/24
Signature Algorithm: sha256WithRSAEncryption
59:b2:90:1a:f7:a0:89:16:f0:43:2f:7e:d7:77:64:52:91:e0:
c6:ac:5b:1d:bf:b6:e9:14:8c:cc:39:2b:c8:58:38:96:ef:b1:
86:30:ef:ca:f5:bf:36:2d:8f:2a:66:3e:10:59:8d:1a:1c:c6:
55:9b:d2:a9:63:37:24:41:77:54:e7:9b:89:70:98:fb:18:4b:
cf:5e:2e:8f:0b:d8:b3:48:8d:ac:a4:3f:fd:23:12:49:78:ec:
37:0a:6f:ab:48:25:e8:ba:4f:30:b0:9d:e6:94:a0:96:cf:60:
2e:7c:68:b1:db:54:9b:15:eb:73:d0:14:54:41:6e:82:73:85:
b8:51:c3:f3:cd:0c:b4:35:d3:8c:f3:6c:06:af:62:24:13:cf:
b4:61:9a:fc:b1:a6:b3:f9:9a:93:00:9d:b0:d5:b8:22:ee:f0:
07:5b:e6:49:b1:5b:67:1c:3e:ae:19:a0:a5:49:09:22:4c:b3:
5a:56:25:35:01:f9:70:76:d2:32:a3:53:a4:07:57:72:45:15:
72:42:7b:6e:c6:15:33:42:62:68:37:f6:52:03:d9:96:f8:32:
91:bb:69:28:1a:ca:49:df:61:fe:4e:87:fa:0a:ca:a4:76:52:
0c:95:39:53:13:6b:6d:02:d8:64:2a:d5:4b:48:4a:59:2f:51:
d3:15:2a:17
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR3AMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDAwMDMwWhcNMjUxMjEwMDAwMDMwWjAYMRYw
FAYDVQQDEw02NzY4YjIzNS0yZjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz8w9i6/sQfKkvD4MldyBafnEddJ7kEVo99KT3PO3GnV42ziI1iFOwv7z
vUuCMYWjB3ZN0j3tjuq4hTG83P5S6cMfKwxAbL/izy081qk1hJCP2JtvjvTVVJNO
3Dnj8taXp7x4PwUltshv/4OjHKQmpQW0NE/NZcWS7p08HSWwaxg9YJoCMFtdCoso
+mtWvaNsq0ttKIX6X8E4830Ui1Ht0C2tKgiwIJRABNywHb+5bF1zmz+jKfLgfdOz
6YjuNPkcAsdT4u4OCE5NhtM4FOBhiZiOVuUEguM9jRXdvc/+Jqbdd+76U3Uurj43
CmzAv3jyeURSOvQwoXx4G8e3Os+0awIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEh4
ccZrmQLxXcPnA01gFTT8I3X1MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FRkRBOTE0RUMwQzYxMUVGQjQ0NjlBNjQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLTMA0GCSqGSIb3DQEB
CwUAA4IBAQBZspAa96CJFvBDL37Xd2RSkeDGrFsdv7bpFIzMOSvIWDiW77GGMO/K
9b82LY8qZj4QWY0aHMZVm9KpYzckQXdU55uJcJj7GEvPXi6PC9izSI2spD/9IxJJ
eOw3Cm+rSCXouk8wsJ3mlKCWz2AufGix21SbFetz0BRUQW6Cc4W4UcPzzQy0NdOM
82wGr2IkE8+0YZr8saaz+ZqTAJ2w1bgi7vAHW+ZJsVtnHD6uGaClSQkiTLNaViU1
AflwdtIyo1OkB1dyRRVyQntuxhUzQmJoN/ZSA9mW+DKRu2koGspJ32H+Tof6Csqk
dlIMlTlTE2ttAthkKtVLSEpZL1HTFSoX
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:49:30 2025 by rpki-client