Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2994A9541A1011F0BD9981FA6DB8BCC6.roa
File: 2994A9541A1011F0BD9981FA6DB8BCC6.roa (raw, json)
Hash identifier: snCn0s/eUVU5Auz+8yBYBO/N95acqw0JrtVKdzEA3bg=
Subject key identifier: BC:D4:03:CB:7A:00:F2:3E:E7:29:0F:89:51:E5:98:A2:C9:9A:19:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01794F
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2994A9541A1011F0BD9981FA6DB8BCC6.roa
Signing time: Tue 15 Apr 2025 15:41:57 +0000
ROA not before: Tue 15 Apr 2025 15:41:53 +0000
ROA not after: Sun 25 May 2025 15:41:53 +0000
asID: 61112
IP address blocks: 154.85.18.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 13:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96591 (0x1794f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 15:41:53 2025 GMT
Not After : May 25 15:41:53 2025 GMT
Subject: CN=67fe7e45-7a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d1:0a:2e:1d:76:bf:a6:73:4d:22:11:4e:93:
6e:85:94:e1:55:b9:27:1a:76:fb:3a:30:a4:30:aa:
d0:1e:12:2c:d8:17:82:c3:bc:16:27:1e:7d:9e:97:
14:84:ef:53:87:9a:63:f0:54:37:66:10:79:d6:ab:
3d:69:49:26:af:e9:8e:a0:17:bc:f0:c8:21:10:e9:
08:c8:03:4f:2c:2b:19:bc:43:5f:df:4f:13:d5:01:
8a:65:88:20:f8:43:a5:19:0b:8a:8b:a5:55:0a:af:
4e:72:fa:6a:bf:10:c5:cd:20:35:6b:d2:1c:e7:f6:
8d:4f:62:f8:7b:81:5b:b9:00:7c:41:0d:4e:4c:17:
89:fe:aa:4d:cb:c6:1a:ef:69:71:00:6e:34:f4:54:
d7:00:d6:ae:d2:ce:f8:c5:9e:ea:15:15:9a:f9:70:
c9:92:64:86:d7:b5:f9:a4:17:50:a2:28:c5:9e:2d:
4b:a0:5a:ca:72:66:49:83:07:49:e5:21:3b:40:74:
ad:16:6a:51:f8:24:14:10:e9:12:2b:56:5f:89:e8:
8e:14:e2:d1:57:79:7f:fb:54:2a:42:ec:39:f1:21:
fc:31:bb:b6:66:58:2b:b6:b7:bd:77:35:4c:20:8a:
8d:ff:e2:22:a9:97:dd:0e:df:a2:67:f5:54:35:f5:
71:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D4:03:CB:7A:00:F2:3E:E7:29:0F:89:51:E5:98:A2:C9:9A:19:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2994A9541A1011F0BD9981FA6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.18.0/23
Signature Algorithm: sha256WithRSAEncryption
38:1a:de:de:d1:ff:5f:3d:9f:6b:45:af:28:86:8f:c5:1c:78:
d6:db:5b:a8:22:35:39:df:e1:10:b1:de:04:12:e3:6e:c8:78:
07:2c:08:32:ed:81:6d:0d:c1:dc:5b:17:47:05:e1:ee:d5:34:
69:4c:16:f2:a1:2f:83:fe:d9:4b:de:85:30:41:cc:e8:cf:80:
50:a0:97:a0:1a:ca:b8:a0:48:40:f4:9f:9d:14:fd:23:6d:bd:
a0:66:f5:ad:93:2f:52:37:be:0f:ce:79:96:cf:f6:a1:e5:77:
d2:99:f2:56:23:be:20:bf:e1:af:9f:c6:0d:d3:45:92:9a:9c:
a4:62:16:d5:9d:68:00:d6:30:78:ff:1e:46:55:7f:b7:13:da:
01:6a:2a:30:1a:e1:d5:3c:83:df:0d:3d:65:2f:ea:02:82:11:
60:d6:dd:bc:4f:7f:46:ef:4b:16:45:94:9c:8e:97:3d:5a:2c:
f8:d6:dc:34:e2:0f:eb:93:e4:af:d0:48:e2:4a:dd:25:9a:76:
0c:6f:48:e9:f1:d2:30:32:ed:25:59:7c:a3:14:13:b4:76:80:
bc:61:ac:7a:94:05:2a:dd:ea:fd:8d:f4:24:94:f5:f2:29:b7:
f3:09:b1:db:66:56:b2:f1:83:58:f2:a7:10:8e:1a:1d:a0:3e:
ac:0b:e7:6f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXlPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE1MTU0MTUzWhcNMjUwNTI1MTU0MTUzWjAYMRYw
FAYDVQQDEw02N2ZlN2U0NS03YThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1NEKLh12v6ZzTSIRTpNuhZThVbknGnb7OjCkMKrQHhIs2BeCw7wWJx59
npcUhO9Th5pj8FQ3ZhB51qs9aUkmr+mOoBe88MghEOkIyANPLCsZvENf308T1QGK
ZYgg+EOlGQuKi6VVCq9OcvpqvxDFzSA1a9Ic5/aNT2L4e4FbuQB8QQ1OTBeJ/qpN
y8Ya72lxAG409FTXANau0s74xZ7qFRWa+XDJkmSG17X5pBdQoijFni1LoFrKcmZJ
gwdJ5SE7QHStFmpR+CQUEOkSK1ZfieiOFOLRV3l/+1QqQuw58SH8Mbu2Zlgrtre9
dzVMIIqN/+IiqZfdDt+iZ/VUNfVx4QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLzU
A8t6API+5ykPiVHlmKLJmhlpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yOTk0QTk1NDFBMTAxMUYwQkQ5OTgxRkE2REI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlUSMA0GCSqGSIb3DQEB
CwUAA4IBAQA4Gt7e0f9fPZ9rRa8oho/FHHjW21uoIjU53+EQsd4EEuNuyHgHLAgy
7YFtDcHcWxdHBeHu1TRpTBbyoS+D/tlL3oUwQczoz4BQoJegGsq4oEhA9J+dFP0j
bb2gZvWtky9SN74PznmWz/ah5XfSmfJWI74gv+Gvn8YN00WSmpykYhbVnWgA1jB4
/x5GVX+3E9oBaiowGuHVPIPfDT1lL+oCghFg1t28T39G70sWRZScjpc9Wiz41tw0
4g/rk+Sv0EjiSt0lmnYMb0jp8dIwMu0lWXyjFBO0doC8Yax6lAUq3er9jfQklPXy
KbfzCbHbZlay8YNY8qcQjhodoD6sC+dv
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:09:19 2025 by rpki-client on console.sobornost.net