Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1D98A40FB3611EFA81D7AB5762E951A.roa
File: F1D98A40FB3611EFA81D7AB5762E951A.roa (raw, json)
Hash identifier: SqbdFhmSN6FhVdmVpU8RzJCHv9Hnk3HY3OUTGAGOxDo=
Subject key identifier: 42:89:37:8C:1F:80:9A:62:84:F9:EB:71:2A:18:75:DA:76:22:FA:AE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172E6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1D98A40FB3611EFA81D7AB5762E951A.roa
Signing time: Fri 07 Mar 2025 09:31:28 +0000
ROA not before: Fri 07 Mar 2025 09:31:24 +0000
ROA not after: Thu 24 Apr 2025 09:31:24 +0000
asID: 142267
IP address blocks: 154.91.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94950 (0x172e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 7 09:31:24 2025 GMT
Not After : Apr 24 09:31:24 2025 GMT
Subject: CN=67cabcef-aa32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ab:49:d8:5f:ba:0d:2c:4c:22:0d:27:4e:b6:
d6:09:1e:68:72:0e:87:c9:f7:2c:1a:44:48:f3:78:
5b:42:3f:92:a1:29:41:0a:fc:fc:e0:01:cf:5c:af:
0b:81:20:ef:9f:51:49:3c:35:90:6c:a8:41:2e:6e:
4f:c9:60:67:67:a0:23:b0:3b:88:55:3d:f2:6c:5a:
0e:f1:66:4e:c9:61:47:86:c0:ce:b4:55:3c:0e:60:
4f:0c:8d:88:c3:c1:12:0c:9b:19:3f:71:e4:6e:d2:
e4:45:a1:66:07:80:14:79:84:21:b7:31:6b:6a:f6:
38:97:03:a1:71:67:24:fd:6b:16:53:6f:94:33:fb:
e0:9e:e8:11:d0:99:3f:35:e3:34:2c:d2:bd:56:9b:
86:a5:2b:e8:f3:68:87:4b:c6:17:d2:59:c3:fd:88:
ea:db:62:73:f6:0f:dd:d6:08:54:3f:e5:70:2d:c2:
c7:cd:90:e3:df:ae:cc:04:60:de:f9:2c:9b:58:c3:
b9:23:9f:35:42:b4:f1:57:15:1a:f5:99:6a:1b:5b:
42:f9:b2:30:db:13:e0:b9:c4:a2:9f:bd:18:ca:f3:
4d:e6:8f:d4:6d:9d:c3:e5:ca:9b:93:3e:23:cc:44:
44:4c:f4:8d:2d:2f:0d:78:82:a5:64:55:02:d4:41:
72:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:89:37:8C:1F:80:9A:62:84:F9:EB:71:2A:18:75:DA:76:22:FA:AE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1D98A40FB3611EFA81D7AB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.4.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ac:e7:12:8d:12:6a:e7:f1:83:71:ac:d0:d4:b2:cb:b2:1b:
cf:31:8e:5b:33:0a:4d:0e:a1:c1:ce:51:99:f6:aa:52:da:4c:
26:1c:b4:38:2d:68:29:ff:7d:c4:5c:e1:f6:3b:fd:de:f6:1a:
a8:4a:3c:c9:c3:fe:8e:51:0e:4f:9a:c0:16:5d:fd:7e:8d:4e:
56:0c:0e:6e:7b:0b:7f:8c:8a:b1:bc:2d:80:30:6c:c2:96:d5:
bd:64:84:20:2e:f2:dd:78:9f:f1:29:b1:0d:a9:39:09:07:64:
2e:6b:7a:80:c3:4e:77:73:c8:4d:ba:18:1a:9c:02:ae:b0:08:
2f:d1:7e:da:7a:76:30:be:21:e8:9a:06:8a:56:0b:7d:e4:3d:
e6:26:2b:da:7f:d4:74:e8:7a:46:c8:cb:cf:de:81:7d:6d:fc:
ab:e9:eb:e9:3a:d4:92:dc:90:8e:8c:f5:c5:69:51:18:72:62:
31:3f:9e:d9:d8:3c:3d:d4:f9:a9:f7:5d:ec:6a:e6:46:53:41:
6d:64:8b:3b:0a:ab:71:01:59:90:bb:93:2e:13:06:31:55:1d:
fd:ef:dd:cf:cc:6f:89:5b:80:70:11:d7:4e:3d:91:ba:15:41:
49:b1:07:54:f6:93:5d:d2:ab:91:85:ae:00:03:c2:6f:e2:3e:
40:ed:ed:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXLmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA3MDkzMTI0WhcNMjUwNDI0MDkzMTI0WjAYMRYw
FAYDVQQDEw02N2NhYmNlZi1hYTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4qtJ2F+6DSxMIg0nTrbWCR5ocg6HyfcsGkRI83hbQj+SoSlBCvz84AHP
XK8LgSDvn1FJPDWQbKhBLm5PyWBnZ6AjsDuIVT3ybFoO8WZOyWFHhsDOtFU8DmBP
DI2Iw8ESDJsZP3HkbtLkRaFmB4AUeYQhtzFravY4lwOhcWck/WsWU2+UM/vgnugR
0Jk/NeM0LNK9VpuGpSvo82iHS8YX0lnD/Yjq22Jz9g/d1ghUP+VwLcLHzZDj367M
BGDe+SybWMO5I581QrTxVxUa9ZlqG1tC+bIw2xPgucSin70YyvNN5o/UbZ3D5cqb
kz4jzERETPSNLS8NeIKlZFUC1EFyewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEKJ
N4wfgJpihPnrcSoYddp2IvquMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMUQ5OEE0MEZCMzYxMUVGQTgxRDdBQjU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlsEMA0GCSqGSIb3DQEB
CwUAA4IBAQAOrOcSjRJq5/GDcazQ1LLLshvPMY5bMwpNDqHBzlGZ9qpS2kwmHLQ4
LWgp/33EXOH2O/3e9hqoSjzJw/6OUQ5PmsAWXf1+jU5WDA5uewt/jIqxvC2AMGzC
ltW9ZIQgLvLdeJ/xKbENqTkJB2Qua3qAw053c8hNuhganAKusAgv0X7aenYwviHo
mgaKVgt95D3mJivaf9R06HpGyMvP3oF9bfyr6evpOtSS3JCOjPXFaVEYcmIxP57Z
2Dw91Pmp913sauZGU0FtZIs7CqtxAVmQu5MuEwYxVR39793PzG+JW4BwEddOPZG6
FUFJsQdU9pNd0quRha4AA8Jv4j5A7e3E
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:17:37 2025 by rpki-client