Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/308153521C9511F0BE49B7A4DAE4EC9C.roa
File: 308153521C9511F0BE49B7A4DAE4EC9C.roa (raw, json)
Hash identifier: X/OAnLFXvmH9fkgPQOjWr0gyEdtAC9923LItYmTGTvI=
Subject key identifier: 03:89:98:C1:D4:99:D1:D8:1B:8F:B0:35:A2:2C:07:37:48:E0:61:1E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0179E0
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/308153521C9511F0BE49B7A4DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 20:39:14 +0000
ROA not before: Fri 18 Apr 2025 20:39:09 +0000
ROA not after: Fri 30 May 2025 20:39:09 +0000
asID: 62240
IP address blocks: 154.194.4.0/24 maxlen: 24
154.194.7.0/24 maxlen: 24
154.194.38.0/24 maxlen: 24
154.194.70.0/24 maxlen: 24
154.194.71.0/24 maxlen: 24
154.194.86.0/24 maxlen: 24
154.194.87.0/24 maxlen: 24
154.194.88.0/24 maxlen: 24
154.194.90.0/24 maxlen: 24
154.194.91.0/24 maxlen: 24
154.195.0.0/24 maxlen: 24
154.195.1.0/24 maxlen: 24
154.195.100.0/24 maxlen: 24
154.195.126.0/24 maxlen: 24
154.196.16.0/24 maxlen: 24
154.196.17.0/24 maxlen: 24
154.196.19.0/24 maxlen: 24
154.196.20.0/24 maxlen: 24
154.196.21.0/24 maxlen: 24
154.196.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96736 (0x179e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 20:39:09 2025 GMT
Not After : May 30 20:39:09 2025 GMT
Subject: CN=6802b872-09cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f7:60:ab:cb:e3:a2:b3:bd:2f:04:bc:2c:df:
8d:56:dd:48:67:ea:b6:4a:ac:bc:20:f7:0e:ef:55:
fc:08:1a:33:fd:15:c5:31:a1:a3:51:71:8a:fa:fe:
44:a3:6a:5e:65:d1:08:82:26:92:0b:15:7a:10:24:
a8:30:32:73:b1:67:52:63:b0:d0:9a:a3:ad:86:cc:
5b:2f:5c:c2:e1:8f:b8:6e:b0:b9:b8:9c:27:ac:1a:
61:7b:34:60:0e:10:5c:27:c8:ee:33:72:69:7a:64:
1c:81:55:9d:62:3e:c2:f3:0e:33:fa:30:e5:73:74:
7e:21:73:93:ec:6e:56:a8:ea:c8:1a:d6:19:bc:0c:
6d:49:a8:60:27:9b:fc:98:b2:f3:f9:13:8d:8d:33:
e1:12:52:45:4e:2a:9a:a1:47:0e:6b:ce:71:a7:77:
8c:c1:1c:30:77:d8:e9:17:8d:e3:69:5b:a8:59:b2:
e9:a3:ee:63:07:1d:57:1c:99:24:53:dc:32:fe:3b:
3c:ea:9f:29:10:fc:8a:74:0f:49:6e:a1:b8:6b:c2:
e0:df:04:4d:1e:1b:62:9b:a8:d8:41:d8:7a:3e:b8:
6e:16:69:12:e2:43:d7:00:b6:cf:ea:58:d0:32:1a:
1d:35:57:c6:60:6e:3d:5a:e5:d7:ba:38:b2:c1:af:
42:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:89:98:C1:D4:99:D1:D8:1B:8F:B0:35:A2:2C:07:37:48:E0:61:1E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/308153521C9511F0BE49B7A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.4.0/24
154.194.7.0/24
154.194.38.0/24
154.194.70.0/23
154.194.86.0-154.194.88.255
154.194.90.0/23
154.195.0.0/23
154.195.100.0/24
154.195.126.0/24
154.196.16.0/23
154.196.19.0-154.196.21.255
154.196.23.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:dd:13:95:60:c9:45:5f:f5:10:20:33:94:51:16:2a:9e:0a:
fd:96:4b:ab:41:60:4e:52:90:03:f1:9d:f6:74:4c:cb:5a:66:
07:ed:e2:e6:95:f6:f7:d6:e1:57:50:93:ae:8c:e5:50:6b:2c:
f0:26:a8:09:c6:e1:2e:11:13:b1:9c:f9:06:11:41:8d:03:2f:
52:20:69:b6:4a:bd:72:6c:2d:f5:02:ba:ee:7f:ce:df:1e:3c:
22:0f:93:1e:bd:50:de:e4:d6:1d:7e:ad:55:af:df:25:97:20:
d6:a7:4b:31:17:48:91:e5:91:57:10:8e:a9:59:e3:ec:6c:8e:
32:68:af:99:5a:5c:0b:04:c6:d7:68:bf:86:e0:87:4a:c3:94:
c5:fa:99:08:58:25:d4:91:72:26:8e:e5:6d:12:5c:22:b4:bb:
80:4d:62:a5:00:3c:1f:43:da:1a:6b:66:7d:0e:a8:ac:c0:d7:
08:7c:84:bb:0a:38:a7:32:4a:27:19:5b:b0:b0:41:db:9a:ad:
2d:81:9b:7a:78:81:25:f5:51:af:dc:fe:a3:f7:7b:43:3f:12:
0c:d0:48:66:1c:42:bc:c4:74:81:a5:0a:bc:32:6b:c2:8a:d7:
45:9d:c3:a1:5f:c3:49:48:40:e6:fd:8c:eb:9d:3b:55:6a:19:
e2:93:95:fe
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIDAXngMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE4MjAzOTA5WhcNMjUwNTMwMjAzOTA5WjAYMRYw
FAYDVQQDEw02ODAyYjg3Mi0wOWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4vdgq8vjorO9LwS8LN+NVt1IZ+q2Sqy8IPcO71X8CBoz/RXFMaGjUXGK
+v5Eo2peZdEIgiaSCxV6ECSoMDJzsWdSY7DQmqOthsxbL1zC4Y+4brC5uJwnrBph
ezRgDhBcJ8juM3JpemQcgVWdYj7C8w4z+jDlc3R+IXOT7G5WqOrIGtYZvAxtSahg
J5v8mLLz+RONjTPhElJFTiqaoUcOa85xp3eMwRwwd9jpF43jaVuoWbLpo+5jBx1X
HJkkU9wy/js86p8pEPyKdA9JbqG4a8Lg3wRNHhtim6jYQdh6PrhuFmkS4kPXALbP
6ljQMhodNVfGYG49WuXXujiywa9CLwIDAQABo4IC9zCCAvMwHQYDVR0OBBYEFAOJ
mMHUmdHYG4+wNaIsBzdI4GEeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zMDgxNTM1MjFDOTUxMUYwQkU0OUI3QTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAmsIEAwQAmsIHAwQAmsIm
AwQBmsJGMAwDBAGawlYDBACawlgDBAGawloDBAGawwADBACaw2QDBACaw34DBAGa
xBAwDAMEAJrEEwMEAZrEFAMEAJrEFzANBgkqhkiG9w0BAQsFAAOCAQEAO90TlWDJ
RV/1ECAzlFEWKp4K/ZZLq0FgTlKQA/Gd9nRMy1pmB+3i5pX299bhV1CTrozlUGss
8CaoCcbhLhETsZz5BhFBjQMvUiBptkq9cmwt9QK67n/O3x48Ig+THr1Q3uTWHX6t
Va/fJZcg1qdLMRdIkeWRVxCOqVnj7GyOMmivmVpcCwTG12i/huCHSsOUxfqZCFgl
1JFyJo7lbRJcIrS7gE1ipQA8H0PaGmtmfQ6orMDXCHyEuwo4pzJKJxlbsLBB25qt
LYGbeniBJfVRr9z+o/d7Qz8SDNBIZhxCvMR0gaUKvDJrworXRZ3DoV/DSUhA5v2M
6507VWoZ4pOV/g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 06:17:34 2025 by rpki-client on console.sobornost.net