Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25D7069E16B511F0AC15F0106EB8BCC6.roa
File: 25D7069E16B511F0AC15F0106EB8BCC6.roa (raw, json)
Hash identifier: ct71w231KQcNcMwp6/3AeqBSesYGKqcbcq8FRY1hZYg=
Subject key identifier: 59:01:09:C8:DD:DC:BD:14:51:4D:3D:CB:AF:0C:FA:DE:9C:E1:99:D7
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0178E7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25D7069E16B511F0AC15F0106EB8BCC6.roa
Signing time: Fri 11 Apr 2025 09:12:53 +0000
ROA not before: Fri 11 Apr 2025 09:12:49 +0000
ROA not after: Sat 17 May 2025 09:12:49 +0000
asID: 20473
IP address blocks: 154.83.134.0/24 maxlen: 24
154.83.188.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96487 (0x178e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 11 09:12:49 2025 GMT
Not After : May 17 09:12:49 2025 GMT
Subject: CN=67f8dd15-8171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b0:2e:e6:64:84:e6:c3:7f:d1:80:12:25:ee:
ca:34:bd:7d:8c:f2:16:51:8d:6c:bd:60:64:7f:64:
5b:3c:a3:1f:d4:ba:d7:cb:b0:b4:ff:0b:65:d3:b8:
d9:16:18:05:ce:65:06:1c:0e:a0:f6:2d:69:23:ec:
38:d5:34:a4:30:04:ab:31:a3:8c:91:65:47:29:b4:
52:26:fc:07:49:1f:a7:4a:26:49:64:93:85:69:c1:
c8:c7:f7:cb:ba:9c:33:be:c8:ae:3b:55:9b:52:64:
50:f4:cb:50:85:93:8d:6c:1b:d5:64:74:d3:af:5b:
90:7e:f8:54:75:a7:5b:f2:95:79:e9:19:c2:d1:97:
c3:f2:74:a9:97:92:e4:5d:5f:28:0a:84:32:97:4d:
bb:de:a2:05:13:35:6b:27:de:35:49:b9:30:b5:30:
8d:9a:9e:bd:14:e4:89:4b:ba:2a:6f:b6:87:48:23:
b2:0e:41:c2:30:82:42:e1:68:60:36:8e:c5:08:5b:
2e:99:93:50:b1:5e:75:c3:6f:3b:cc:4c:aa:d9:6d:
0a:85:89:18:1d:83:57:30:d2:06:b4:98:2a:0a:f8:
c1:fb:a7:43:b1:be:3d:09:cd:88:e7:2b:98:8e:00:
c3:44:f4:67:0b:03:38:ff:39:eb:bc:3a:53:52:91:
6a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:01:09:C8:DD:DC:BD:14:51:4D:3D:CB:AF:0C:FA:DE:9C:E1:99:D7
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/25D7069E16B511F0AC15F0106EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.134.0/24
154.83.188.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:2d:9f:39:0a:8c:47:80:d4:aa:4f:6d:fb:52:5f:44:91:0c:
2d:fd:db:21:ed:86:7b:1a:a7:38:e8:2b:bb:26:8c:11:a0:ab:
22:ea:37:2c:69:09:e5:cd:10:40:f6:42:29:8b:93:30:41:b3:
4d:93:81:cb:48:42:3d:43:50:bc:0e:1e:3d:72:2f:40:b2:44:
f4:91:d1:47:ee:7a:d9:77:f1:8e:bb:82:4f:fc:83:33:1b:11:
8f:1e:4c:ec:6f:7a:10:4b:51:0f:77:61:a6:9e:86:30:f5:ae:
ae:23:f7:8f:bd:ef:ed:2b:06:97:86:99:09:c3:2f:db:db:33:
3b:26:98:33:11:4b:3f:84:d8:1a:c4:bf:24:8b:94:e2:75:9c:
ca:88:c6:a8:e3:b2:d2:74:9a:ad:b2:76:75:b8:7c:43:e0:d3:
9e:ff:6a:03:04:bc:94:07:f6:3b:16:ad:64:91:1b:bc:48:77:
58:6e:f4:fc:84:5c:2d:0c:88:b4:2b:ec:88:93:3d:13:7b:27:
32:0a:09:96:ac:98:60:07:0d:0c:8e:90:54:b4:e0:e7:14:e4:
30:f2:b4:cb:a4:2b:16:c9:f5:03:58:40:b8:05:fb:a0:ce:e2:
74:54:63:b3:f8:4a:31:35:54:4a:28:90:fb:02:f7:7d:3f:30:
87:b4:da:d7
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXjnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDExMDkxMjQ5WhcNMjUwNTE3MDkxMjQ5WjAYMRYw
FAYDVQQDEw02N2Y4ZGQxNS04MTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtrAu5mSE5sN/0YASJe7KNL19jPIWUY1svWBkf2RbPKMf1LrXy7C0/wtl
07jZFhgFzmUGHA6g9i1pI+w41TSkMASrMaOMkWVHKbRSJvwHSR+nSiZJZJOFacHI
x/fLupwzvsiuO1WbUmRQ9MtQhZONbBvVZHTTr1uQfvhUdadb8pV56RnC0ZfD8nSp
l5LkXV8oCoQyl0273qIFEzVrJ941SbkwtTCNmp69FOSJS7oqb7aHSCOyDkHCMIJC
4WhgNo7FCFsumZNQsV51w287zEyq2W0KhYkYHYNXMNIGtJgqCvjB+6dDsb49Cc2I
5yuYjgDDRPRnCwM4/znrvDpTUpFqewIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFkB
Ccjd3L0UUU09y68M+t6c4ZnXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yNUQ3MDY5RTE2QjUxMUYwQUMxNUYwMTA2RUI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmlOGAwQBmlO8MA0GCSqG
SIb3DQEBCwUAA4IBAQDOLZ85CoxHgNSqT237Ul9EkQwt/dsh7YZ7Gqc46Cu7JowR
oKsi6jcsaQnlzRBA9kIpi5MwQbNNk4HLSEI9Q1C8Dh49ci9AskT0kdFH7nrZd/GO
u4JP/IMzGxGPHkzsb3oQS1EPd2GmnoYw9a6uI/ePve/tKwaXhpkJwy/b2zM7Jpgz
EUs/hNgaxL8ki5TidZzKiMao47LSdJqtsnZ1uHxD4NOe/2oDBLyUB/Y7Fq1kkRu8
SHdYbvT8hFwtDIi0K+yIkz0TeycyCgmWrJhgBw0MjpBUtODnFOQw8rTLpCsWyfUD
WEC4BfugzuJ0VGOz+EoxNVRKKJD7Avd9PzCHtNrX
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:03:29 2025 by rpki-client on console.sobornost.net