Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/128778C617A011F085C7F6AD6DB8BCC6.roa
File: 128778C617A011F085C7F6AD6DB8BCC6.roa (raw, json)
Hash identifier: PBsZn+1FZqHMi2rSfTXebTrR18tt+sJ2BlG5M7SJuZc=
Subject key identifier: AD:67:00:EF:D1:65:BE:E8:83:C6:AC:0A:CD:A8:C3:6D:D4:C0:6D:86
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017901
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/128778C617A011F085C7F6AD6DB8BCC6.roa
Signing time: Sat 12 Apr 2025 13:14:32 +0000
ROA not before: Sat 12 Apr 2025 13:14:28 +0000
ROA not after: Sun 18 May 2025 13:14:28 +0000
asID: 209242
IP address blocks: 154.197.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96513 (0x17901)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 12 13:14:28 2025 GMT
Not After : May 18 13:14:28 2025 GMT
Subject: CN=67fa6738-541b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ca:86:0c:4b:81:d0:22:55:c0:99:46:4c:de:
7f:5b:f4:9f:dc:08:b3:44:cb:b5:00:1f:24:b8:eb:
57:6b:0d:b0:48:53:35:25:24:cc:96:3d:d7:70:04:
af:1e:39:8f:02:2b:08:1f:38:d5:24:81:38:d3:68:
f3:f9:0d:5b:c3:03:ee:4d:ec:49:17:d0:69:2d:9d:
57:b6:c5:1d:04:c8:07:04:3f:75:42:cb:59:a1:8c:
04:69:3f:eb:3c:14:b5:6b:82:34:8a:75:0a:fe:d6:
29:8f:c3:4b:6a:82:67:31:14:18:c6:79:8f:94:c2:
75:e0:33:0a:b4:5d:97:77:ae:22:1b:90:2b:90:40:
44:bd:6d:51:91:ce:88:6a:a5:78:b3:84:3c:b4:35:
0f:1f:8d:03:0a:67:a6:89:b9:75:a2:6e:6a:6c:78:
cc:62:2f:d7:f5:54:d1:71:8a:ec:a0:59:23:7b:43:
27:8e:a3:4a:2d:d3:ae:3b:b1:56:69:c9:0a:b8:a5:
87:90:a9:54:6b:c3:bb:cf:93:fc:76:da:4b:3d:6b:
02:c0:3a:a5:3c:94:6b:3d:cb:e3:4a:5d:d5:ad:72:
1a:6a:0b:90:db:c9:ec:5f:a5:54:69:68:99:52:39:
2a:18:b2:c4:c7:89:a6:11:af:9b:a1:94:2c:e4:85:
be:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:67:00:EF:D1:65:BE:E8:83:C6:AC:0A:CD:A8:C3:6D:D4:C0:6D:86
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/128778C617A011F085C7F6AD6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.75.0/24
Signature Algorithm: sha256WithRSAEncryption
57:1f:e2:3e:d6:b6:a4:75:03:cf:2f:97:14:8f:95:40:a6:8a:
08:fa:25:9c:21:97:51:20:c9:20:7f:55:ff:39:52:4c:20:4e:
ad:df:ed:f9:ba:f5:b3:da:04:f3:0e:be:41:6f:e9:54:2f:83:
cd:ba:63:d9:2b:ee:cf:97:1a:7e:57:14:12:cf:70:f2:b3:c7:
83:ee:ce:35:d8:8e:84:2f:91:e2:f9:79:85:d7:c8:0a:68:72:
f7:36:00:69:7d:47:03:79:8d:75:57:b7:52:e2:b4:d2:6f:d9:
02:fd:1d:fe:42:e3:ab:cd:08:20:0a:87:a6:af:39:fa:9f:7f:
32:ab:c8:88:af:88:ee:a8:12:5c:27:5f:c5:82:36:6a:ca:85:
80:93:26:fd:53:38:44:27:9a:6e:8c:a6:4c:db:46:82:07:e9:
66:f3:a7:d3:00:c3:9e:a4:ec:10:2d:53:e3:3e:1a:22:c6:14:
f6:fb:d0:42:c6:d1:5e:eb:2d:c8:95:81:58:32:4e:da:22:95:
10:42:2e:cf:7b:dc:cc:75:b1:41:d6:4a:d8:f0:91:c0:e9:86:
5d:6f:d4:cb:30:6e:4d:7f:31:50:30:4e:09:4b:83:f4:b8:e8:
3a:81:12:48:af:63:5c:f6:21:e1:59:c6:18:46:4b:27:74:4b:
45:e5:de:d1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXkBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDEyMTMxNDI4WhcNMjUwNTE4MTMxNDI4WjAYMRYw
FAYDVQQDEw02N2ZhNjczOC01NDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3sqGDEuB0CJVwJlGTN5/W/Sf3AizRMu1AB8kuOtXaw2wSFM1JSTMlj3X
cASvHjmPAisIHzjVJIE402jz+Q1bwwPuTexJF9BpLZ1XtsUdBMgHBD91QstZoYwE
aT/rPBS1a4I0inUK/tYpj8NLaoJnMRQYxnmPlMJ14DMKtF2Xd64iG5ArkEBEvW1R
kc6IaqV4s4Q8tDUPH40DCmemibl1om5qbHjMYi/X9VTRcYrsoFkje0MnjqNKLdOu
O7FWackKuKWHkKlUa8O7z5P8dtpLPWsCwDqlPJRrPcvjSl3VrXIaaguQ28nsX6VU
aWiZUjkqGLLEx4mmEa+boZQs5IW+oQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK1n
AO/RZb7og8asCs2ow23UwG2GMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMjg3NzhDNjE3QTAxMUYwODVDN0Y2QUQ2REI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsVLMA0GCSqGSIb3DQEB
CwUAA4IBAQBXH+I+1rakdQPPL5cUj5VApooI+iWcIZdRIMkgf1X/OVJMIE6t3+35
uvWz2gTzDr5Bb+lUL4PNumPZK+7Plxp+VxQSz3Dys8eD7s412I6EL5Hi+XmF18gK
aHL3NgBpfUcDeY11V7dS4rTSb9kC/R3+QuOrzQggCoemrzn6n38yq8iIr4juqBJc
J1/FgjZqyoWAkyb9UzhEJ5pujKZM20aCB+lm86fTAMOepOwQLVPjPhoixhT2+9BC
xtFe6y3IlYFYMk7aIpUQQi7Pe9zMdbFB1krY8JHA6YZdb9TLMG5NfzFQME4JS4P0
uOg6gRJIr2Nc9iHhWcYYRksndEtF5d7R
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:03:22 2025 by rpki-client on console.sobornost.net