Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D6A609E201A11F099D6C7BFDAE4EC9C.roa
File: 8D6A609E201A11F099D6C7BFDAE4EC9C.roa (raw, json)
Hash identifier: 4sfx/rvP/zbdyz2HkKMzdwJOD5+EDaZ0MYholVdVpJw=
Subject key identifier: 6A:7E:9E:85:44:6E:08:C0:D8:D0:69:30:7B:B3:E9:E7:56:4B:B3:99
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AAB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D6A609E201A11F099D6C7BFDAE4EC9C.roa
Signing time: Wed 23 Apr 2025 08:11:27 +0000
ROA not before: Wed 23 Apr 2025 08:11:22 +0000
ROA not after: Thu 29 May 2025 08:11:22 +0000
asID: 59187
IP address blocks: 154.221.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96939 (0x17aab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 23 08:11:22 2025 GMT
Not After : May 29 08:11:22 2025 GMT
Subject: CN=6808a0ae-5c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a0:7c:94:62:e2:28:db:c6:d8:84:3c:3e:05:
f8:50:62:10:81:47:a4:08:a6:ea:1e:2f:98:22:39:
3b:6e:2e:a4:59:73:b6:d4:fd:c0:d9:bb:61:f0:40:
4b:6f:7f:9a:a2:7a:a7:f1:c4:40:5d:fa:0e:89:1c:
7f:6f:3b:53:ec:fc:2e:fa:63:9e:70:50:6c:d7:5e:
8f:77:dc:aa:40:55:e6:23:13:b4:dc:12:e6:03:bd:
3b:d1:c2:26:6b:c7:56:f0:db:6c:6c:8d:9d:65:46:
42:8d:a1:d4:74:ca:5d:95:46:f8:a3:d9:52:12:fe:
98:fb:12:88:f7:ae:a5:d0:d0:cf:51:46:f7:83:ad:
39:ee:06:91:54:81:eb:94:92:f4:a5:32:85:a4:f2:
2c:70:fd:a9:88:4f:2b:17:4c:11:71:fa:28:8e:d5:
9f:4a:7c:5a:bb:fd:52:01:c9:41:6c:69:c0:33:a8:
81:1a:90:02:d1:67:9f:7a:af:12:83:31:ea:bb:4a:
b4:fa:61:e4:29:45:c3:37:08:5e:46:36:81:a6:ed:
26:3c:6d:07:2b:f6:0d:39:b4:f5:99:b6:ae:7d:b0:
4e:01:04:ca:18:98:49:57:b4:ff:7a:05:a9:07:5a:
05:0c:60:fe:c7:ba:57:50:04:2f:ad:f1:46:14:86:
36:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:7E:9E:85:44:6E:08:C0:D8:D0:69:30:7B:B3:E9:E7:56:4B:B3:99
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8D6A609E201A11F099D6C7BFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.32.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:ee:55:08:93:ad:0d:91:c7:86:00:0e:f5:16:05:aa:6f:bf:
3b:7d:f4:5d:90:37:bb:76:a2:49:49:08:ed:e5:c0:29:cd:1b:
0b:39:f5:90:8f:60:8f:92:db:c2:88:73:8d:b2:15:0d:99:a1:
f5:39:de:4a:81:20:87:95:79:9e:c8:ff:b5:33:db:45:b0:d2:
d4:e8:27:47:13:fb:ae:7d:b4:5d:e9:63:5e:d9:a2:7f:2b:3c:
fd:d7:c7:c1:6f:2a:5e:dd:87:e4:10:f4:41:dd:51:db:5b:34:
fc:62:99:db:6c:f9:18:93:35:48:6b:c4:1e:c3:25:d9:46:ad:
8a:c9:59:4a:e3:b0:31:10:ad:67:b6:3f:e9:63:81:8d:5c:76:
f5:41:8a:56:54:46:97:54:5f:5c:34:92:5b:b0:e6:e8:00:da:
81:57:8c:ec:d6:8a:08:15:0a:fc:2d:42:99:d2:f6:5f:e2:b6:
3b:75:b6:47:85:7c:11:e4:6e:8f:d4:17:0d:45:20:cf:20:1a:
b2:05:74:3c:0a:52:11:a3:ca:b1:ed:78:04:ed:32:cb:f8:38:
31:14:55:da:ac:5b:bd:4d:4b:7a:b0:a2:fe:a4:66:77:9c:87:
84:9b:26:2b:82:02:ab:07:51:17:6e:77:e5:1c:48:95:61:3b:
6c:d8:e0:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXqrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIzMDgxMTIyWhcNMjUwNTI5MDgxMTIyWjAYMRYw
FAYDVQQDEw02ODA4YTBhZS01YzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0KB8lGLiKNvG2IQ8PgX4UGIQgUekCKbqHi+YIjk7bi6kWXO21P3A2bth
8EBLb3+aonqn8cRAXfoOiRx/bztT7Pwu+mOecFBs116Pd9yqQFXmIxO03BLmA707
0cIma8dW8NtsbI2dZUZCjaHUdMpdlUb4o9lSEv6Y+xKI966l0NDPUUb3g6057gaR
VIHrlJL0pTKFpPIscP2piE8rF0wRcfoojtWfSnxau/1SAclBbGnAM6iBGpAC0Wef
eq8SgzHqu0q0+mHkKUXDNwheRjaBpu0mPG0HK/YNObT1mbaufbBOAQTKGJhJV7T/
egWpB1oFDGD+x7pXUAQvrfFGFIY25QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGp+
noVEbgjA2NBpMHuz6edWS7OZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84RDZBNjA5RTIwMUExMUYwOTlENkM3QkZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmt0gMA0GCSqGSIb3DQEB
CwUAA4IBAQDJ7lUIk60NkceGAA71FgWqb787ffRdkDe7dqJJSQjt5cApzRsLOfWQ
j2CPktvCiHONshUNmaH1Od5KgSCHlXmeyP+1M9tFsNLU6CdHE/uufbRd6WNe2aJ/
Kzz918fBbype3YfkEPRB3VHbWzT8YpnbbPkYkzVIa8QewyXZRq2KyVlK47AxEK1n
tj/pY4GNXHb1QYpWVEaXVF9cNJJbsOboANqBV4zs1ooIFQr8LUKZ0vZf4rY7dbZH
hXwR5G6P1BcNRSDPIBqyBXQ8ClIRo8qx7XgE7TLL+DgxFFXarFu9TUt6sKL+pGZ3
nIeEmyYrggKrB1EXbnflHEiVYTts2OC0
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:18:27 2025 by rpki-client