Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F67C7C81CFE11F0A028B8EDDAE4EC9C.roa
File: 0F67C7C81CFE11F0A028B8EDDAE4EC9C.roa (raw, json)
Hash identifier: cml1NkgNSBusaOAUiA3wmya8hkKERJgKvUaoZdrAdoA=
Subject key identifier: 07:65:D2:78:B0:0B:5D:1A:1A:79:66:AB:BE:8E:63:D0:12:59:12:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017A11
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F67C7C81CFE11F0A028B8EDDAE4EC9C.roa
Signing time: Sat 19 Apr 2025 09:09:56 +0000
ROA not before: Sat 19 Apr 2025 09:09:51 +0000
ROA not after: Fri 25 Apr 2025 09:09:51 +0000
asID: 5065
IP address blocks: 154.207.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 25 Apr 2025 09:09:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96785 (0x17a11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 19 09:09:51 2025 GMT
Not After : Apr 25 09:09:51 2025 GMT
Subject: CN=68036864-58b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:38:54:d7:2b:a2:1d:fa:a5:ac:30:05:16:64:
43:d6:55:9c:2c:5d:cb:f2:17:0d:2a:01:45:b7:93:
75:aa:ab:81:6f:a5:0e:93:61:70:b7:6f:1b:95:4b:
75:a2:66:66:74:60:61:2b:17:5c:5f:5f:c6:19:e0:
6d:be:65:e2:0b:da:6b:8c:11:50:e7:0c:15:98:fd:
cd:9f:98:e5:84:8a:1f:8d:86:1f:e4:33:74:03:6d:
df:c7:92:22:31:a2:5a:f6:fd:8c:0b:e8:28:b4:da:
67:e9:fa:6c:ef:9d:49:d7:7b:53:ba:59:a9:6a:20:
a4:fc:1e:04:5d:50:b8:d3:d4:2a:11:32:a9:48:69:
a5:16:e4:3c:22:8f:8d:55:a1:23:f9:2c:e6:89:a7:
7e:6a:1b:a4:07:08:81:db:eb:2c:78:f5:8d:19:e6:
ab:ad:1f:d8:36:59:62:35:9a:38:d1:26:b3:de:58:
8d:be:08:ec:5f:d8:b5:1e:03:56:10:45:5b:6a:0d:
f7:2f:25:69:c4:3f:d9:e6:ca:95:84:90:ce:e0:d3:
13:55:09:2d:ef:cc:3d:38:3b:10:6c:51:e0:cb:46:
eb:80:cd:ba:d4:58:56:a7:b3:93:43:91:e2:19:93:
78:57:33:ea:08:14:98:98:ce:d4:40:0b:98:26:e6:
9e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:65:D2:78:B0:0B:5D:1A:1A:79:66:AB:BE:8E:63:D0:12:59:12:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0F67C7C81CFE11F0A028B8EDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.164.0/22
Signature Algorithm: sha256WithRSAEncryption
89:de:0e:70:b1:07:52:79:ac:6c:6b:1a:ed:b1:3b:1f:72:93:
05:3b:2a:e3:2c:f3:f0:de:ca:73:f4:fc:69:17:ab:93:5d:d7:
9b:2e:6d:97:99:6e:64:74:5d:6f:f2:31:55:2e:91:28:dc:93:
51:00:a7:ab:af:f3:db:ac:a2:4f:36:7f:c8:03:1a:0b:9c:15:
00:c7:61:40:99:fd:23:18:64:bf:5e:34:03:d5:c7:11:de:88:
a7:d0:1c:c9:da:e7:a4:41:40:c3:c6:4c:2e:69:a1:9d:6e:8b:
29:6e:db:36:a3:d4:6f:75:cb:3c:b8:ff:bb:7b:12:38:f8:39:
33:08:06:68:8a:34:e7:6b:7a:2e:d0:eb:98:f1:31:21:9a:04:
e1:b3:6a:9e:73:66:10:53:68:51:d0:b5:ef:e3:03:7d:be:de:
c9:80:21:ca:6d:76:2d:3a:58:7b:87:fb:54:ab:8f:83:35:1b:
da:68:a3:60:b1:54:70:b5:37:a5:49:50:0a:26:39:03:99:5c:
8d:ef:ad:1f:37:12:c8:7a:d3:58:01:aa:f1:b9:f1:0e:aa:99:
ad:0a:72:c8:74:f5:d3:98:6a:c0:1a:a5:b9:6e:4e:8f:83:d7:
6b:cb:70:c5:28:31:60:41:ec:af:9e:dd:1d:40:64:ee:61:b8:
da:e4:fa:fb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXoRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE5MDkwOTUxWhcNMjUwNDI1MDkwOTUxWjAYMRYw
FAYDVQQDEw02ODAzNjg2NC01OGI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlThU1yuiHfqlrDAFFmRD1lWcLF3L8hcNKgFFt5N1qquBb6UOk2Fwt28b
lUt1omZmdGBhKxdcX1/GGeBtvmXiC9prjBFQ5wwVmP3Nn5jlhIofjYYf5DN0A23f
x5IiMaJa9v2MC+gotNpn6fps751J13tTulmpaiCk/B4EXVC409QqETKpSGmlFuQ8
Io+NVaEj+Szmiad+ahukBwiB2+ssePWNGearrR/YNlliNZo40Saz3liNvgjsX9i1
HgNWEEVbag33LyVpxD/Z5sqVhJDO4NMTVQkt78w9ODsQbFHgy0brgM261FhWp7OT
Q5HiGZN4VzPqCBSYmM7UQAuYJuae2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAdl
0niwC10aGnlmq76OY9ASWRKeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRjY3QzdDODFDRkUxMUYwQTAyOEI4RUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms+kMA0GCSqGSIb3DQEB
CwUAA4IBAQCJ3g5wsQdSeaxsaxrtsTsfcpMFOyrjLPPw3spz9PxpF6uTXdebLm2X
mW5kdF1v8jFVLpEo3JNRAKerr/PbrKJPNn/IAxoLnBUAx2FAmf0jGGS/XjQD1ccR
3oin0BzJ2uekQUDDxkwuaaGdbospbts2o9Rvdcs8uP+7exI4+DkzCAZoijTna3ou
0OuY8TEhmgThs2qec2YQU2hR0LXv4wN9vt7JgCHKbXYtOlh7h/tUq4+DNRvaaKNg
sVRwtTelSVAKJjkDmVyN760fNxLIetNYAarxufEOqpmtCnLIdPXTmGrAGqW5bk6P
g9dry3DFKDFgQeyvnt0dQGTuYbja5Pr7
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:03:20 2025 by rpki-client on console.sobornost.net