Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C327AC0E211511F0891072C8DAE4EC9C.roa
File: C327AC0E211511F0891072C8DAE4EC9C.roa (raw, json)
Hash identifier: JTO9e7xpK7EQ7XAMJIMo1IRWUbdJKO8IWypRSPh2JqM=
Subject key identifier: 7D:66:58:9E:7F:7D:74:6F:61:CB:A7:48:17:8B:41:06:08:9F:F1:95
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017ADB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C327AC0E211511F0891072C8DAE4EC9C.roa
Signing time: Thu 24 Apr 2025 14:09:40 +0000
ROA not before: Thu 24 Apr 2025 14:09:35 +0000
ROA not after: Wed 21 May 2025 14:09:35 +0000
asID: 57043
IP address blocks: 154.193.162.0/24 maxlen: 24
154.193.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96987 (0x17adb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 14:09:35 2025 GMT
Not After : May 21 14:09:35 2025 GMT
Subject: CN=680a4624-7dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f2:c4:d9:19:df:e7:41:47:eb:c6:7a:11:74:
08:33:73:19:4d:bc:5a:59:bc:f0:b2:2b:d4:6e:3b:
a7:4f:0a:bb:18:6c:0d:c8:84:66:80:f3:6a:99:90:
f4:fe:db:00:c2:12:8d:fe:40:62:fd:cf:fa:59:36:
ed:bd:38:43:e3:fc:54:00:12:37:92:1d:77:18:93:
91:be:27:76:13:4b:cf:07:db:0b:da:72:c6:b5:8a:
6f:9f:21:c5:03:b8:21:26:93:75:81:d6:69:57:ba:
71:87:b5:97:2b:94:80:aa:05:28:94:c2:cb:2e:dd:
1f:e5:5f:14:40:93:1e:19:b8:16:5a:bf:fe:93:f6:
09:ab:77:c8:e8:9f:a2:25:d2:f3:c9:a1:86:ec:2b:
c4:e1:65:ce:fa:d5:32:e3:75:07:1f:be:af:ee:48:
3c:e4:1a:25:d9:ae:6e:ef:1f:b4:d7:88:ba:ba:2f:
f1:b0:30:cd:b3:de:2d:30:f4:9c:55:b6:ec:64:29:
f3:09:09:1f:81:c8:81:55:62:b4:ac:1e:60:70:9e:
9b:a4:ac:75:c6:07:d2:a0:4c:60:04:19:5a:33:b5:
14:ce:a4:fe:de:21:a4:9f:fc:e4:16:a0:0c:82:0e:
a9:0b:d0:1a:8b:46:b5:ba:dd:d4:c6:9d:56:b6:4b:
ff:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:66:58:9E:7F:7D:74:6F:61:CB:A7:48:17:8B:41:06:08:9F:F1:95
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C327AC0E211511F0891072C8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.162.0/24
154.193.165.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:23:53:a2:12:bd:5d:41:6a:d8:17:dd:55:f2:86:f2:b3:f7:
ec:d2:15:63:e0:f6:98:8e:63:89:c2:0a:b0:08:52:b3:4b:5d:
c9:61:d9:31:15:4a:aa:cf:48:04:48:90:2f:2f:b1:5e:13:0d:
a5:fb:8e:f3:a6:43:47:f8:47:ef:a5:54:7c:0d:91:57:3d:5e:
48:e7:a1:2d:9a:db:f1:4a:4f:1c:1f:24:91:a5:27:ee:d3:eb:
78:9f:77:7b:41:6f:d6:64:a1:3d:bc:31:29:2a:0e:be:36:13:
cc:06:b0:d8:88:18:a7:69:40:5a:64:f7:28:15:c7:a8:59:2a:
0d:d1:c3:02:c0:68:54:72:ec:56:78:e3:ab:14:d2:38:69:fa:
44:33:29:67:08:96:56:6a:4c:98:e1:cb:76:84:95:17:0c:f4:
d7:06:4f:4e:02:25:c0:e4:5c:c0:f3:a2:0e:40:6c:74:60:57:
68:f3:e6:31:03:76:ca:82:5d:5b:55:a3:e9:d0:93:4f:c0:f7:
0c:f5:06:62:ae:47:1b:cb:f1:db:53:c7:66:2f:31:16:6c:5e:
ec:e2:fc:b6:96:fe:a4:7a:86:e1:70:a0:f8:b3:0b:1c:9a:9e:
60:56:98:f2:04:e9:51:f4:6e:04:36:c0:64:21:72:ec:b8:76:
c5:d5:81:a5
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXrbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI0MTQwOTM1WhcNMjUwNTIxMTQwOTM1WjAYMRYw
FAYDVQQDEw02ODBhNDYyNC03ZGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsfLE2Rnf50FH68Z6EXQIM3MZTbxaWbzwsivUbjunTwq7GGwNyIRmgPNq
mZD0/tsAwhKN/kBi/c/6WTbtvThD4/xUABI3kh13GJORvid2E0vPB9sL2nLGtYpv
nyHFA7ghJpN1gdZpV7pxh7WXK5SAqgUolMLLLt0f5V8UQJMeGbgWWr/+k/YJq3fI
6J+iJdLzyaGG7CvE4WXO+tUy43UHH76v7kg85Bol2a5u7x+014i6ui/xsDDNs94t
MPScVbbsZCnzCQkfgciBVWK0rB5gcJ6bpKx1xgfSoExgBBlaM7UUzqT+3iGkn/zk
FqAMgg6pC9Aai0a1ut3Uxp1Wtkv/IwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFH1m
WJ5/fXRvYcunSBeLQQYIn/GVMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMzI3QUMwRTIxMTUxMUYwODkxMDcyQzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmsGiAwQAmsGlMA0GCSqG
SIb3DQEBCwUAA4IBAQArI1OiEr1dQWrYF91V8obys/fs0hVj4PaYjmOJwgqwCFKz
S13JYdkxFUqqz0gESJAvL7FeEw2l+47zpkNH+EfvpVR8DZFXPV5I56EtmtvxSk8c
HySRpSfu0+t4n3d7QW/WZKE9vDEpKg6+NhPMBrDYiBinaUBaZPcoFceoWSoN0cMC
wGhUcuxWeOOrFNI4afpEMylnCJZWakyY4ct2hJUXDPTXBk9OAiXA5FzA86IOQGx0
YFdo8+YxA3bKgl1bVaPp0JNPwPcM9QZirkcby/HbU8dmLzEWbF7s4vy2lv6keobh
cKD4swscmp5gVpjyBOlR9G4ENsBkIXLsuHbF1YGl
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:24:22 2025 by rpki-client