Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA4D505028BA11F091639A7ADAE4EC9C.roa
File: BA4D505028BA11F091639A7ADAE4EC9C.roa (raw, json)
Hash identifier: 1iW6nPzPvqTtS7UqpR+7P/6TcYDV0jAGa0uJlrLFU0g=
Subject key identifier: 92:20:38:89:E5:F7:AC:89:BB:D7:84:FA:10:CC:0A:4D:1D:0A:D9:27
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017EB8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA4D505028BA11F091639A7ADAE4EC9C.roa
Signing time: Sun 04 May 2025 07:38:11 +0000
ROA not before: Sun 04 May 2025 07:38:06 +0000
ROA not after: Tue 10 Jun 2025 07:38:06 +0000
asID: 137899
IP address blocks: 154.94.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 07:24:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97976 (0x17eb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: May 4 07:38:06 2025 GMT
Not After : Jun 10 07:38:06 2025 GMT
Subject: CN=68171963-c3c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:12:06:12:38:3c:50:40:94:e4:6e:25:1b:e6:
b2:50:63:61:f9:df:14:33:5a:e0:4b:61:ee:fc:59:
d7:98:3e:82:e6:95:35:ab:57:53:79:65:ab:f9:c0:
16:35:9d:c0:a8:42:ed:8e:17:97:2c:55:a7:60:87:
92:0d:bb:10:53:85:9e:d0:c8:12:3f:39:8b:53:fb:
99:5f:d0:e9:47:cd:35:28:38:6c:bc:55:b6:51:77:
d5:1f:e3:8d:3b:36:4d:63:97:fb:56:f1:56:60:e6:
82:a5:3d:85:0b:c6:8e:d0:28:08:f5:5c:74:57:4e:
52:91:f6:6f:13:ce:17:b5:09:c8:ed:2e:bb:e6:df:
12:29:14:1c:73:97:fe:26:c2:04:d7:70:f8:cc:3c:
a1:4a:f8:d5:e1:16:82:b3:7f:cc:ea:4e:f6:0e:fd:
13:50:ce:e1:99:11:3f:a3:f6:33:79:e7:da:79:46:
8e:47:02:f5:ef:00:23:1c:5c:3c:5b:66:b2:56:e3:
8c:26:02:04:f1:0d:ba:5b:71:f6:c2:b9:a5:ea:c3:
25:2c:df:dc:83:50:1f:a2:3f:e7:aa:d3:15:c6:0c:
55:f8:be:74:47:f5:4d:6c:1c:33:c2:cf:14:f8:5e:
98:8b:a8:ba:c3:19:41:44:3d:69:24:73:47:c0:3b:
c7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:20:38:89:E5:F7:AC:89:BB:D7:84:FA:10:CC:0A:4D:1D:0A:D9:27
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA4D505028BA11F091639A7ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.224.0/20
Signature Algorithm: sha256WithRSAEncryption
a9:e8:b2:3c:ca:bb:d7:57:a4:ea:9a:52:c4:eb:15:1b:82:cc:
ef:65:84:0b:84:54:8c:7c:cd:77:2d:25:13:dc:89:a6:99:07:
27:c6:6e:fd:1f:cc:6d:d9:7a:be:30:db:cf:36:e0:f3:1d:3f:
4a:38:76:bb:60:7c:e3:ea:1f:04:1f:df:4b:1c:79:1e:9d:d2:
da:6c:80:ae:86:47:39:80:cd:e3:72:25:93:d9:d8:10:af:f3:
bf:f1:00:97:9f:03:77:23:85:46:5b:be:13:26:99:82:f7:18:
5b:d2:95:fe:3d:ee:eb:60:76:5a:50:57:b7:6c:05:c2:d7:40:
bf:d8:72:40:c9:4b:de:98:97:6e:65:ef:d9:d2:81:30:f3:23:
b9:b8:4f:bd:25:aa:70:30:40:18:19:92:91:38:e3:7f:2b:6c:
c9:4c:fd:02:43:75:13:51:2e:87:da:ff:3c:99:d4:6b:c2:71:
e8:c2:55:2e:ad:12:5d:86:02:5e:29:15:fd:77:ac:1d:2f:bf:
8d:17:f1:90:68:96:9b:af:8f:b2:d3:98:c3:89:ef:7b:89:dd:
13:a7:b0:8d:85:f1:1a:3e:7d:87:c2:5c:73:50:42:b9:52:1a:
d7:f5:b9:bb:64:c9:77:7f:3d:53:8e:c3:79:dd:65:87:47:12:
dc:1a:ec:31
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAX64MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNTA0MDczODA2WhcNMjUwNjEwMDczODA2WjAYMRYw
FAYDVQQDEw02ODE3MTk2My1jM2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvRIGEjg8UECU5G4lG+ayUGNh+d8UM1rgS2Hu/FnXmD6C5pU1q1dTeWWr
+cAWNZ3AqELtjheXLFWnYIeSDbsQU4We0MgSPzmLU/uZX9DpR801KDhsvFW2UXfV
H+ONOzZNY5f7VvFWYOaCpT2FC8aO0CgI9Vx0V05SkfZvE84XtQnI7S675t8SKRQc
c5f+JsIE13D4zDyhSvjV4RaCs3/M6k72Dv0TUM7hmRE/o/YzeefaeUaORwL17wAj
HFw8W2ayVuOMJgIE8Q26W3H2wrml6sMlLN/cg1Afoj/nqtMVxgxV+L50R/VNbBwz
ws8U+F6Yi6i6wxlBRD1pJHNHwDvHLQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJIg
OInl96yJu9eE+hDMCk0dCtknMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQTRENTA1MDI4QkExMUYwOTE2MzlBN0FEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEml7gMA0GCSqGSIb3DQEB
CwUAA4IBAQCp6LI8yrvXV6TqmlLE6xUbgszvZYQLhFSMfM13LSUT3ImmmQcnxm79
H8xt2Xq+MNvPNuDzHT9KOHa7YHzj6h8EH99LHHkendLabICuhkc5gM3jciWT2dgQ
r/O/8QCXnwN3I4VGW74TJpmC9xhb0pX+Pe7rYHZaUFe3bAXC10C/2HJAyUvemJdu
Ze/Z0oEw8yO5uE+9JapwMEAYGZKROON/K2zJTP0CQ3UTUS6H2v88mdRrwnHowlUu
rRJdhgJeKRX9d6wdL7+NF/GQaJabr4+y05jDie97id0Tp7CNhfEaPn2HwlxzUEK5
UhrX9bm7ZMl3fz1TjsN53WWHRxLcGuwx
-----END CERTIFICATE-----
Generated at Tue May 13 13:23:42 2025 by rpki-client