Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10C4898C109511F0ABC9096F762E951A.roa
File: 10C4898C109511F0ABC9096F762E951A.roa (raw, json)
Hash identifier: YsqOHR5mL25zTgcKr5pLa5zgK/mpE2Wu4OLHccYwXbs=
Subject key identifier: 0C:CF:48:5E:2A:37:67:92:D0:3F:A4:60:B1:5A:7E:B5:2F:4A:A9:4E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0177A5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10C4898C109511F0ABC9096F762E951A.roa
Signing time: Thu 03 Apr 2025 14:08:07 +0000
ROA not before: Thu 03 Apr 2025 14:08:02 +0000
ROA not after: Sun 03 Aug 2025 14:08:02 +0000
asID: 139490
IP address blocks: 154.209.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96165 (0x177a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 3 14:08:02 2025 GMT
Not After : Aug 3 14:08:02 2025 GMT
Subject: CN=67ee9646-99c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:63:4f:aa:d7:6e:ca:d1:b8:30:87:fa:16:28:
33:7b:a6:ee:cd:4c:83:43:e0:9a:96:b7:8e:fc:1d:
bb:cd:b1:c2:97:5e:ab:84:bb:c5:a9:3c:8d:a2:63:
e3:3a:5a:5c:c7:df:16:2b:57:a8:6b:c8:76:63:71:
27:e6:1e:1d:74:f3:85:4c:ae:53:ee:9e:a4:fd:68:
1a:aa:91:ab:4a:82:39:55:ea:9b:e3:0b:5b:c8:b3:
8d:d0:b0:fa:82:43:49:0b:02:3f:4c:bc:30:79:46:
49:d7:85:a6:0e:58:36:2f:d9:17:91:e6:55:89:51:
5a:bb:ec:b8:0b:c7:6f:ec:16:d1:f7:08:12:0d:d8:
7a:e2:fe:a0:c1:94:39:28:3e:0d:ab:47:04:5a:0b:
b2:04:ea:b5:ef:db:6a:9c:ef:4e:2e:8d:b3:b7:fa:
be:78:97:f6:f0:26:b1:02:46:3c:6e:09:49:c6:86:
91:11:c4:05:8e:d2:59:16:58:0e:e7:19:61:4a:f0:
d0:e3:7f:83:87:ae:a4:b0:65:a6:30:60:59:2a:f2:
81:b6:ad:15:cb:00:3b:19:58:ee:a2:53:8d:f5:28:
93:e7:ec:39:55:47:f5:ed:d6:38:0c:c6:05:df:19:
49:49:3f:48:15:ee:7a:e9:b3:80:32:29:70:e2:e9:
62:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:CF:48:5E:2A:37:67:92:D0:3F:A4:60:B1:5A:7E:B5:2F:4A:A9:4E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10C4898C109511F0ABC9096F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
76:31:af:67:8e:56:a5:3d:ab:7f:f3:b5:51:97:7d:36:8c:39:
2e:c1:03:18:3b:71:7d:84:4e:56:b1:a8:47:3d:8f:09:72:33:
bb:72:d1:76:46:74:66:da:60:b3:aa:8e:59:ed:d6:0b:bc:c6:
c6:56:0a:b5:6c:f2:57:c8:6b:26:05:b8:28:03:49:74:a4:b0:
77:9f:86:71:78:78:c5:fa:05:c8:28:47:1e:d5:71:de:9b:da:
4e:87:0e:26:d5:e7:ab:4b:4f:78:ed:d7:16:17:46:01:dd:d5:
ed:05:73:fd:93:00:d0:ae:54:3d:21:33:35:33:4a:99:59:72:
90:b8:ed:85:1e:62:7d:9b:a0:b7:8d:dd:f2:a9:a2:ff:c3:f1:
10:20:1c:d6:49:8e:60:6a:dd:47:cc:43:2f:e9:b6:07:3e:4c:
46:43:42:21:8f:f8:c2:62:2e:a5:a6:d9:9e:57:2e:69:bf:7e:
62:a9:a0:a8:d9:30:2b:0b:de:17:46:f5:a5:67:b5:d4:04:48:
8f:c6:fd:c0:33:a5:a3:4f:99:51:84:21:95:65:13:55:b3:47:
01:44:45:d1:9b:4c:f9:3e:2d:75:9e:fd:e2:88:39:a0:21:2b:
bb:d4:65:18:1c:26:39:02:f0:08:8c:13:c6:98:97:fe:95:00:
07:ba:eb:30
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXelMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDAzMTQwODAyWhcNMjUwODAzMTQwODAyWjAYMRYw
FAYDVQQDEw02N2VlOTY0Ni05OWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv2NPqtduytG4MIf6Figze6buzUyDQ+CalreO/B27zbHCl16rhLvFqTyN
omPjOlpcx98WK1eoa8h2Y3En5h4ddPOFTK5T7p6k/WgaqpGrSoI5Veqb4wtbyLON
0LD6gkNJCwI/TLwweUZJ14WmDlg2L9kXkeZViVFau+y4C8dv7BbR9wgSDdh64v6g
wZQ5KD4Nq0cEWguyBOq179tqnO9OLo2zt/q+eJf28CaxAkY8bglJxoaREcQFjtJZ
FlgO5xlhSvDQ43+Dh66ksGWmMGBZKvKBtq0VywA7GVjuolON9SiT5+w5VUf17dY4
DMYF3xlJST9IFe566bOAMilw4uliTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAzP
SF4qN2eS0D+kYLFafrUvSqlOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMEM0ODk4QzEwOTUxMUYwQUJDOTA5NkY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtH/MA0GCSqGSIb3DQEB
CwUAA4IBAQB2Ma9njlalPat/87VRl302jDkuwQMYO3F9hE5WsahHPY8JcjO7ctF2
RnRm2mCzqo5Z7dYLvMbGVgq1bPJXyGsmBbgoA0l0pLB3n4ZxeHjF+gXIKEce1XHe
m9pOhw4m1eerS0947dcWF0YB3dXtBXP9kwDQrlQ9ITM1M0qZWXKQuO2FHmJ9m6C3
jd3yqaL/w/EQIBzWSY5gat1HzEMv6bYHPkxGQ0Ihj/jCYi6lptmeVy5pv35iqaCo
2TArC94XRvWlZ7XUBEiPxv3AM6WjT5lRhCGVZRNVs0cBREXRm0z5Pi11nv3iiDmg
ISu71GUYHCY5AvAIjBPGmJf+lQAHuusw
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:53:21 2025 by rpki-client on console.sobornost.net