Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0004AB86107211F0AE3A709D762E951A.roa
File: 0004AB86107211F0AE3A709D762E951A.roa (raw, json)
Hash identifier: FF/tDvP4VyH7ROIX0JLoU3heLAX1qA1L+MNCmPgKzIA=
Subject key identifier: A7:0F:59:67:6B:33:63:16:DB:D2:F5:47:65:A0:20:46:65:F8:48:08
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017761
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0004AB86107211F0AE3A709D762E951A.roa
Signing time: Thu 03 Apr 2025 09:57:06 +0000
ROA not before: Thu 03 Apr 2025 09:57:02 +0000
ROA not after: Sun 11 May 2025 09:57:02 +0000
asID: 57043
IP address blocks: 154.199.66.0/23 maxlen: 24
154.199.70.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96097 (0x17761)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 3 09:57:02 2025 GMT
Not After : May 11 09:57:02 2025 GMT
Subject: CN=67ee5b72-16df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7d:53:36:03:38:92:73:12:d4:72:be:e9:f5:
21:ea:0f:d3:00:67:2b:96:8c:1c:5d:49:14:a2:43:
28:75:43:fe:f2:97:7d:9c:53:f7:f0:aa:03:c8:a6:
de:09:c6:0c:70:32:8b:06:15:7c:03:f6:28:9f:fe:
e5:11:f2:df:73:18:31:ea:c8:d8:a3:39:e6:08:92:
02:95:10:85:dc:ac:82:35:df:41:37:8f:a2:ca:47:
52:43:97:84:51:bc:5a:0b:0b:24:65:8f:e9:0d:fd:
03:16:00:ef:23:ee:d9:0e:2b:da:8e:15:54:ce:e9:
a0:7c:02:7d:0c:c6:55:ae:80:19:e6:56:c6:5a:b5:
05:d8:35:6d:5d:ed:07:67:c7:4c:f6:13:5d:c4:3a:
93:6a:69:d4:39:53:61:c1:df:6b:d5:c5:92:b8:2d:
f8:ea:9f:3a:23:1e:a9:ea:a8:6a:30:e0:bb:8a:ee:
92:f3:f6:9c:34:82:b5:9d:4a:8c:5b:20:f7:97:a8:
3b:d9:ae:c8:04:a8:d1:df:b5:f0:24:bf:87:82:82:
63:9e:e3:14:67:25:3d:e9:cb:f4:4a:0b:1b:8b:84:
09:f6:d3:fb:31:7c:cc:5c:4c:5c:d4:eb:0a:e3:0d:
36:6c:d1:d2:4d:b0:a8:4c:bc:2b:c3:a2:54:97:8b:
d4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:0F:59:67:6B:33:63:16:DB:D2:F5:47:65:A0:20:46:65:F8:48:08
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0004AB86107211F0AE3A709D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.66.0/23
154.199.70.0/23
Signature Algorithm: sha256WithRSAEncryption
66:75:87:85:bc:c4:2d:3d:6f:51:f5:bd:f9:53:d6:e3:b1:7e:
f0:9b:29:ca:40:c3:9d:cb:31:60:68:f8:64:f4:36:00:40:67:
27:a1:ea:e1:df:7f:ea:c9:d7:56:e5:51:04:03:72:b6:bc:49:
2a:76:3c:0a:39:7a:70:31:19:d7:74:62:75:34:4e:d7:13:32:
6b:88:62:2d:59:b9:4a:98:e1:20:66:1d:70:26:e8:b9:5e:ea:
84:b6:a3:fb:86:df:9e:4f:c7:a7:b0:08:e9:a7:9c:1e:87:79:
7b:76:42:4c:a7:34:fe:e6:8a:2d:94:09:ab:b7:e7:8e:af:e2:
55:d1:1f:eb:f1:b9:18:c7:e6:1b:98:86:a1:82:29:0b:fd:33:
61:a4:90:d1:b7:fd:4b:15:ff:51:d4:3c:6e:60:9c:ea:7d:50:
78:9b:2d:ab:a1:96:ac:82:8b:c4:7c:96:65:5f:8c:06:e1:89:
d2:a1:2e:f9:9f:f1:6f:20:8d:60:c6:cb:24:eb:16:7c:5a:ef:
fb:79:8e:85:ad:e1:03:0e:32:7e:f2:e2:51:1e:2a:70:52:b5:
23:77:09:68:45:53:fd:ac:0c:c9:ac:e3:36:2a:da:43:0f:e5:
30:09:e2:df:49:19:27:e0:dd:fb:65:76:4f:f1:c6:2d:6c:3d:
3d:36:fd:9d
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXdhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDAzMDk1NzAyWhcNMjUwNTExMDk1NzAyWjAYMRYw
FAYDVQQDEw02N2VlNWI3Mi0xNmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsX1TNgM4knMS1HK+6fUh6g/TAGcrlowcXUkUokModUP+8pd9nFP38KoD
yKbeCcYMcDKLBhV8A/Yon/7lEfLfcxgx6sjYoznmCJIClRCF3KyCNd9BN4+iykdS
Q5eEUbxaCwskZY/pDf0DFgDvI+7ZDivajhVUzumgfAJ9DMZVroAZ5lbGWrUF2DVt
Xe0HZ8dM9hNdxDqTamnUOVNhwd9r1cWSuC346p86Ix6p6qhqMOC7iu6S8/acNIK1
nUqMWyD3l6g72a7IBKjR37XwJL+HgoJjnuMUZyU96cv0Sgsbi4QJ9tP7MXzMXExc
1OsK4w02bNHSTbCoTLwrw6JUl4vU6QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFKcP
WWdrM2MW29L1R2WgIEZl+EgIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wMDA0QUI4NjEwNzIxMUYwQUUzQTcwOUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmsdCAwQBmsdGMA0GCSqG
SIb3DQEBCwUAA4IBAQBmdYeFvMQtPW9R9b35U9bjsX7wmynKQMOdyzFgaPhk9DYA
QGcnoerh33/qyddW5VEEA3K2vEkqdjwKOXpwMRnXdGJ1NE7XEzJriGItWblKmOEg
Zh1wJui5XuqEtqP7ht+eT8ensAjpp5weh3l7dkJMpzT+5ootlAmrt+eOr+JV0R/r
8bkYx+YbmIahgikL/TNhpJDRt/1LFf9R1DxuYJzqfVB4my2roZasgovEfJZlX4wG
4YnSoS75n/FvII1gxssk6xZ8Wu/7eY6FreEDDjJ+8uJRHipwUrUjdwloRVP9rAzJ
rOM2KtpDD+UwCeLfSRkn4N37ZXZP8cYtbD09Nv2d
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:03:14 2025 by rpki-client on console.sobornost.net