Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1BB7A8C0CCA11F082B9576D762E951A.roa
File: F1BB7A8C0CCA11F082B9576D762E951A.roa (raw, json)
Hash identifier: obfYlyfpJ+gLg/LurdAxd7t5kOAYkEtfZIUIMYqh53g=
Subject key identifier: 02:C8:58:53:4D:B1:D8:8C:CF:42:87:A7:53:F7:DE:64:06:26:AF:F6
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176DC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1BB7A8C0CCA11F082B9576D762E951A.roa
Signing time: Sat 29 Mar 2025 18:23:43 +0000
ROA not before: Sat 29 Mar 2025 18:23:38 +0000
ROA not after: Thu 08 May 2025 18:23:38 +0000
asID: 15221
IP address blocks: 154.198.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 11 Apr 2025 00:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95964 (0x176dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 18:23:38 2025 GMT
Not After : May 8 18:23:38 2025 GMT
Subject: CN=67e83aaf-677c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:cb:45:09:a7:43:a9:21:c5:80:54:ce:95:e5:
23:74:e6:11:b9:d7:35:71:45:7a:86:d1:02:3e:c7:
c8:1b:8d:1e:bb:28:50:d3:a0:38:56:5e:2a:a6:f8:
01:2a:64:9f:24:d4:d7:87:f9:e3:fb:42:ca:0e:69:
dc:03:3a:c8:7d:57:07:55:1f:35:cd:37:8a:b3:7b:
37:b7:c1:69:96:76:ed:18:35:e4:2e:30:f3:69:4b:
28:41:cd:3c:f6:08:af:35:c7:20:39:96:ad:3c:22:
e4:23:92:71:20:9e:4e:6a:21:47:a7:f0:75:bc:9c:
b7:cc:24:c8:f3:f7:7f:e6:c3:8d:92:f6:c6:5b:3f:
a1:a6:b2:22:91:25:9a:c7:fd:e3:2c:75:50:4c:9d:
65:98:65:92:20:e5:37:f2:ef:50:b2:7c:0b:60:97:
3e:58:fe:44:56:02:85:5b:4e:33:74:18:7d:8f:ff:
61:1c:15:db:a4:66:26:a9:a8:77:36:8b:4e:26:32:
eb:a5:57:69:c0:97:e6:9b:10:bf:5c:5d:a2:ec:1d:
83:34:51:ad:1f:61:57:bd:ac:99:78:ee:0c:fc:a7:
c8:dc:74:61:89:c1:07:e2:d0:da:14:fb:b2:e2:43:
d4:fb:44:b8:c5:d7:0a:a0:f7:1b:ee:57:a9:c8:f4:
c8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C8:58:53:4D:B1:D8:8C:CF:42:87:A7:53:F7:DE:64:06:26:AF:F6
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1BB7A8C0CCA11F082B9576D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.32.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:cc:78:e7:2b:b0:8c:11:d2:88:91:42:38:72:cb:29:48:61:
af:5c:b9:4c:ca:03:c0:05:99:c6:41:8e:da:f9:53:f0:3f:a6:
45:3b:e7:13:b8:a4:04:7d:d7:dd:2c:fc:56:0d:22:4c:5a:3f:
23:b8:1e:30:3f:2b:65:70:b6:e8:d9:45:f2:13:4b:59:29:a7:
6a:ad:2b:48:54:ee:ed:28:4e:4e:93:09:b0:78:3e:b8:7c:b0:
0f:d8:14:6a:a4:c7:52:43:3f:eb:30:ba:d2:92:1b:13:e9:c8:
a7:b7:6f:75:f5:c0:fb:d8:16:80:fa:59:b2:40:cb:94:2e:16:
29:73:c6:34:91:c1:2c:29:fb:e7:8f:f0:65:19:85:86:80:af:
52:84:0a:dc:93:1f:f7:08:22:99:7c:da:56:f3:28:99:ea:6d:
c1:cf:3b:62:aa:a2:b3:6c:a3:09:0c:e7:54:d7:0f:bd:eb:73:
0a:1e:e5:2e:5c:45:2f:8b:24:96:a9:c8:66:8b:c5:a2:03:ab:
df:31:61:a8:6a:d4:f3:0d:6e:97:1f:81:bd:ee:3d:11:9d:93:
52:71:53:33:e3:1b:47:ff:44:a2:74:ed:d7:f7:63:55:ce:9b:
b2:36:db:be:71:53:53:68:b6:f0:0b:9f:ff:d1:be:9c:08:11:
70:94:7c:4f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXbcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTgyMzM4WhcNMjUwNTA4MTgyMzM4WjAYMRYw
FAYDVQQDEw02N2U4M2FhZi02NzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4ctFCadDqSHFgFTOleUjdOYRudc1cUV6htECPsfIG40euyhQ06A4Vl4q
pvgBKmSfJNTXh/nj+0LKDmncAzrIfVcHVR81zTeKs3s3t8FplnbtGDXkLjDzaUso
Qc089givNccgOZatPCLkI5JxIJ5OaiFHp/B1vJy3zCTI8/d/5sONkvbGWz+hprIi
kSWax/3jLHVQTJ1lmGWSIOU38u9QsnwLYJc+WP5EVgKFW04zdBh9j/9hHBXbpGYm
qah3NotOJjLrpVdpwJfmmxC/XF2i7B2DNFGtH2FXvayZeO4M/KfI3HRhicEH4tDa
FPuy4kPU+0S4xdcKoPcb7lepyPTIXwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFALI
WFNNsdiMz0KHp1P33mQGJq/2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMUJCN0E4QzBDQ0ExMUYwODJCOTU3NkQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsYgMA0GCSqGSIb3DQEB
CwUAA4IBAQC5zHjnK7CMEdKIkUI4csspSGGvXLlMygPABZnGQY7a+VPwP6ZFO+cT
uKQEfdfdLPxWDSJMWj8juB4wPytlcLbo2UXyE0tZKadqrStIVO7tKE5OkwmweD64
fLAP2BRqpMdSQz/rMLrSkhsT6cint2919cD72BaA+lmyQMuULhYpc8Y0kcEsKfvn
j/BlGYWGgK9ShArckx/3CCKZfNpW8yiZ6m3BzztiqqKzbKMJDOdU1w+963MKHuUu
XEUviySWqchmi8WiA6vfMWGoatTzDW6XH4G97j0RnZNScVMz4xtH/0SidO3X92NV
zpuyNtu+cVNTaLbwC5//0b6cCBFwlHxP
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:38:32 2025 by rpki-client