Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10FF68DE1C8611F0BD769AC1DAE4EC9C.roa
File: 10FF68DE1C8611F0BD769AC1DAE4EC9C.roa (raw, json)
Hash identifier: IEIyTrjBH2Kg+ud1GPmJbQfx8DVg8fY+QTq8MV3rFD0=
Subject key identifier: 76:B4:16:6C:D7:97:7E:77:07:F7:A0:76:0E:B5:93:D8:12:1C:13:A5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0179CE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10FF68DE1C8611F0BD769AC1DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 18:50:59 +0000
ROA not before: Fri 18 Apr 2025 18:50:54 +0000
ROA not after: Wed 28 May 2025 18:50:54 +0000
asID: 211826
IP address blocks: 154.194.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96718 (0x179ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 18:50:54 2025 GMT
Not After : May 28 18:50:54 2025 GMT
Subject: CN=68029f13-e292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:22:81:4b:42:24:1b:59:7b:e8:46:38:78:2d:
53:cf:63:34:83:7d:9f:86:ab:2d:b5:b1:64:4a:77:
92:8c:ca:29:24:43:78:c5:86:a7:19:f4:33:88:ae:
64:3f:2a:c6:1a:2b:d8:83:1a:01:fb:17:4f:91:ee:
98:ad:19:3b:e2:c8:35:83:62:10:07:ca:00:6d:2f:
52:02:d0:da:9c:8c:e7:be:cb:0e:9f:d6:1c:8e:99:
3d:bd:2d:9a:0f:45:f4:2d:f8:ed:96:54:b6:41:19:
cc:4b:91:ff:10:2e:9f:16:c0:4e:39:01:ec:8b:58:
85:1b:d1:22:a4:8b:9a:f1:72:a1:32:4f:27:96:76:
7d:11:5a:48:74:d5:54:7d:6d:e5:70:44:aa:fd:d6:
48:39:91:10:97:1d:c9:40:ac:d2:84:e8:a1:0e:49:
a5:a9:b8:6d:64:35:16:65:29:e3:02:de:9d:19:bc:
7b:13:5d:e2:79:ce:f0:06:4b:8e:9f:d3:f5:f4:05:
57:2a:ba:cd:a7:aa:9d:d6:1a:18:bf:90:31:da:b6:
5f:a4:83:42:b2:51:58:ad:18:bf:78:bf:40:bc:39:
49:05:b0:91:1b:86:df:46:b2:72:d1:d0:80:7b:53:
70:12:f9:7f:95:11:cc:32:8c:87:56:07:fe:a1:b1:
ed:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B4:16:6C:D7:97:7E:77:07:F7:A0:76:0E:B5:93:D8:12:1C:13:A5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/10FF68DE1C8611F0BD769AC1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.55.0/24
Signature Algorithm: sha256WithRSAEncryption
23:70:32:71:0d:23:59:86:75:9a:54:86:11:c1:80:55:9e:0a:
49:36:f8:72:8d:c2:4d:3f:46:13:98:a3:b1:da:4c:dc:3a:af:
ff:1f:73:79:08:11:d8:98:5b:97:f0:9b:81:18:56:55:63:e8:
6a:6b:58:c1:75:e9:81:99:34:e5:33:a2:4a:27:68:81:a9:16:
2a:37:cd:16:83:06:56:f6:a4:33:ff:a4:fc:2a:95:d4:25:ad:
2f:e6:c9:16:06:c7:ea:15:74:30:67:b9:bd:59:74:ed:67:e6:
83:04:dc:35:5c:4c:1c:7b:c3:1d:40:61:1c:5c:42:a0:74:56:
41:5c:1d:38:b5:ba:dd:7d:b0:02:f0:64:c3:e3:73:5b:c8:39:
35:50:29:b2:8d:fe:61:5c:a8:cc:d0:4d:12:4b:b2:a7:51:18:
b0:3c:da:dc:63:a2:48:8c:4c:2b:66:46:3b:e1:8a:4c:c6:d0:
ba:24:e9:0e:dc:37:26:e5:7e:57:75:2f:0d:29:43:a4:2a:25:
42:bd:98:a5:a0:b7:31:32:52:53:a2:7b:eb:88:55:cc:f4:aa:
a9:ef:b2:ea:c9:c4:8a:3b:c2:62:4d:95:ef:1b:ae:7b:68:c2:
d0:9c:e5:85:34:3f:f4:14:56:94:11:2d:29:0a:54:fd:24:6b:
f4:5f:68:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXnOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE4MTg1MDU0WhcNMjUwNTI4MTg1MDU0WjAYMRYw
FAYDVQQDEw02ODAyOWYxMy1lMjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4yKBS0IkG1l76EY4eC1Tz2M0g32fhqsttbFkSneSjMopJEN4xYanGfQz
iK5kPyrGGivYgxoB+xdPke6YrRk74sg1g2IQB8oAbS9SAtDanIznvssOn9Ycjpk9
vS2aD0X0LfjtllS2QRnMS5H/EC6fFsBOOQHsi1iFG9EipIua8XKhMk8nlnZ9EVpI
dNVUfW3lcESq/dZIOZEQlx3JQKzShOihDkmlqbhtZDUWZSnjAt6dGbx7E13iec7w
BkuOn9P19AVXKrrNp6qd1hoYv5Ax2rZfpINCslFYrRi/eL9AvDlJBbCRG4bfRrJy
0dCAe1NwEvl/lRHMMoyHVgf+obHtfwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHa0
FmzXl353B/egdg61k9gSHBOlMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMEZGNjhERTFDODYxMUYwQkQ3NjlBQzFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsI3MA0GCSqGSIb3DQEB
CwUAA4IBAQAjcDJxDSNZhnWaVIYRwYBVngpJNvhyjcJNP0YTmKOx2kzcOq//H3N5
CBHYmFuX8JuBGFZVY+hqa1jBdemBmTTlM6JKJ2iBqRYqN80WgwZW9qQz/6T8KpXU
Ja0v5skWBsfqFXQwZ7m9WXTtZ+aDBNw1XEwce8MdQGEcXEKgdFZBXB04tbrdfbAC
8GTD43NbyDk1UCmyjf5hXKjM0E0SS7KnURiwPNrcY6JIjEwrZkY74YpMxtC6JOkO
3Dcm5X5XdS8NKUOkKiVCvZiloLcxMlJTonvriFXM9Kqp77LqycSKO8JiTZXvG657
aMLQnOWFND/0FFaUES0pClT9JGv0X2jP
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:03:21 2025 by rpki-client on console.sobornost.net