Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/8CFF56DEF36311EF8011BE5D762E951A.roa
File: 8CFF56DEF36311EF8011BE5D762E951A.roa (raw, json)
Hash identifier: 8VWmuQHjSKK3nmwbGTPPqeDrZfzpQRmMKrTS4U/AuaY=
Subject key identifier: 70:20:4F:B7:59:22:CF:12:D3:1B:07:77:B9:C9:F1:70:E5:2C:4C:DB
Certificate issuer: /CN=F367CD72AF/serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Certificate serial: 79
Authority key identifier: 77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/8CFF56DEF36311EF8011BE5D762E951A.roa
Signing time: Tue 25 Feb 2025 10:30:36 +0000
ROA not before: Tue 25 Feb 2025 10:30:33 +0000
ROA not after: Sun 31 Dec 2028 10:30:33 +0000
asID: 30985
IP address blocks: 154.118.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.mft
rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121 (0x79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367CD72AF, serialNumber=7708E66F1C07C1D7670AEBDBAE186DA42BCB30C7
Validity
Not Before: Feb 25 10:30:33 2025 GMT
Not After : Dec 31 10:30:33 2028 GMT
Subject: CN=67bd9bcc-4c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6a:d3:8e:82:57:d5:bc:8b:a7:5f:17:44:87:
cb:70:04:43:76:4c:ba:ff:5f:8f:7f:14:03:a0:8f:
51:a1:6a:20:eb:fc:22:aa:44:c0:fe:b7:24:97:ef:
89:e3:fb:68:60:dc:6b:d3:0a:f3:01:2c:0d:1c:fb:
9d:ac:6c:c1:e3:b2:b6:78:5a:48:ef:89:25:3f:24:
10:4a:ba:c6:ca:a5:e3:65:6f:d8:1a:0d:ca:5d:37:
3f:6c:49:04:20:98:96:3e:eb:75:6f:ee:c3:a3:81:
23:95:11:9e:27:22:74:74:5a:c5:24:e7:61:6f:e3:
44:4c:a9:09:42:9d:86:59:df:70:1e:6c:6e:5f:34:
50:b5:03:88:e4:6d:ea:49:bf:12:e3:ae:d9:f5:28:
13:f5:31:dc:69:59:a1:b5:fb:93:ac:86:31:09:0c:
e2:4e:eb:2e:94:38:ca:4a:8a:98:08:fb:55:3e:9a:
c0:18:75:42:7d:f6:99:c4:14:54:2d:d8:09:32:1f:
4a:2e:ba:3a:bd:0b:39:10:25:43:c4:f9:ee:37:ff:
d3:a6:61:12:15:d3:cf:b1:d4:54:59:b5:5b:c0:3e:
5e:04:fb:8a:b0:24:97:52:a7:a9:1d:85:47:30:ae:
81:d2:5e:71:08:b3:71:3e:37:a3:5c:2a:85:32:9b:
ff:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:20:4F:B7:59:22:CF:12:D3:1B:07:77:B9:C9:F1:70:E5:2C:4C:DB
X509v3 Authority Key Identifier:
keyid:77:08:E6:6F:1C:07:C1:D7:67:0A:EB:DB:AE:18:6D:A4:2B:CB:30:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/dwjmbxwHwddnCuvbrhhtpCvLMMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dwjmbxwHwddnCuvbrhhtpCvLMMc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367CD72/0951C17ECEA511EF93B45BAD762E951A/8CFF56DEF36311EF8011BE5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.118.128.0/18
Signature Algorithm: sha256WithRSAEncryption
2d:c9:cb:3c:4b:5a:03:34:61:db:c1:f7:de:25:c4:d7:b5:e0:
d3:02:38:51:4c:27:fe:49:53:02:b7:82:5d:bd:3a:18:d6:21:
15:86:dc:93:e8:e7:16:66:96:07:da:94:80:ee:db:eb:fa:1f:
8e:8e:0e:d7:92:3a:aa:86:a4:31:fd:35:3c:cb:3b:da:07:66:
6b:84:7a:a6:95:46:b3:4e:9a:92:25:b8:a4:0d:99:cc:74:90:
f9:3b:75:20:81:b2:75:51:73:9b:91:5d:87:2b:ae:e7:8a:c3:
0b:4f:86:d2:ff:ec:cb:1e:ff:82:12:8d:7f:36:02:d3:3d:de:
e5:08:ce:ab:7a:d4:9e:ac:b3:f2:0c:8a:f5:89:06:dd:e2:bf:
69:5b:cb:1b:40:fa:87:29:d7:38:83:08:9d:92:2a:af:41:7e:
97:7f:c5:30:76:e1:3a:4e:22:e5:2f:1f:1c:00:2b:2c:49:a1:
21:c7:ff:35:b7:ce:fc:87:94:3a:8f:1c:ef:c4:f7:0a:96:ff:
d8:76:ab:85:7e:80:ed:ec:c2:f9:37:5d:5b:a0:a5:00:57:cf:
ef:eb:72:90:b3:1b:a3:f9:72:f4:ab:0b:52:eb:2c:99:4a:50:
06:36:61:01:37:b5:b7:e5:1f:bb:f8:24:86:76:76:d0:d3:f3:
91:91:15:95
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBeTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
Q0Q3MkFGMTEwLwYDVQQFEyg3NzA4RTY2RjFDMDdDMUQ3NjcwQUVCREJBRTE4NkRB
NDJCQ0IzMEM3MB4XDTI1MDIyNTEwMzAzM1oXDTI4MTIzMTEwMzAzM1owGDEWMBQG
A1UEAxMNNjdiZDliY2MtNGM3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFq046CV9W8i6dfF0SHy3AEQ3ZMuv9fj38UA6CPUaFqIOv8IqpEwP63JJfv
ieP7aGDca9MK8wEsDRz7naxsweOytnhaSO+JJT8kEEq6xsql42Vv2BoNyl03P2xJ
BCCYlj7rdW/uw6OBI5URnicidHRaxSTnYW/jREypCUKdhlnfcB5sbl80ULUDiORt
6km/EuOu2fUoE/Ux3GlZobX7k6yGMQkM4k7rLpQ4ykqKmAj7VT6awBh1Qn32mcQU
VC3YCTIfSi66Or0LORAlQ8T57jf/06ZhEhXTz7HUVFm1W8A+XgT7irAkl1KnqR2F
RzCugdJecQizcT43o1wqhTKb/x0CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRwIE+3
WSLPEtMbB3e5yfFw5SxM2zAfBgNVHSMEGDAWgBR3COZvHAfB12cK69uuGG2kK8sw
xzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYyRTk1MUEvZHdqbWJ4
d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZHdqbWJ4d0h3ZGRuQ3V2YnJoaHRwQ3ZMTU1jLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0NENzIvMDk1MUMxN0VDRUE1MTFFRjkzQjQ1QkFENzYy
RTk1MUEvOENGRjU2REVGMzYzMTFFRjgwMTFCRTVENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBpp2gDANBgkqhkiG9w0BAQsF
AAOCAQEALcnLPEtaAzRh28H33iXE17Xg0wI4UUwn/klTAreCXb06GNYhFYbck+jn
FmaWB9qUgO7b6/ofjo4O15I6qoakMf01PMs72gdma4R6ppVGs06akiW4pA2ZzHSQ
+Tt1IIGydVFzm5Fdhyuu54rDC0+G0v/syx7/ghKNfzYC0z3e5QjOq3rUnqyz8gyK
9YkG3eK/aVvLG0D6hynXOIMInZIqr0F+l3/FMHbhOk4i5S8fHAArLEmhIcf/NbfO
/IeUOo8c78T3Cpb/2HarhX6A7ezC+TddW6ClAFfP7+tykLMbo/ly9KsLUussmUpQ
BjZhATe1t+Ufu/gkhnZ20NPzkZEVlQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:23:03 2025 by rpki-client on console.sobornost.net