Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FEF5F4013F411F08C165261762E951A.roa
File: 3FEF5F4013F411F08C165261762E951A.roa (raw, json)
Hash identifier: 4Y1SiYtO4FnEGkX++CobkKqerXfnK9ejd8BryVhRvcQ=
Subject key identifier: 9B:A6:D0:87:99:7C:9F:88:74:6A:2B:F8:C3:5B:6D:B5:44:13:35:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017845
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FEF5F4013F411F08C165261762E951A.roa
Signing time: Mon 07 Apr 2025 21:07:01 +0000
ROA not before: Mon 07 Apr 2025 21:06:58 +0000
ROA not after: Tue 10 Jun 2025 21:06:58 +0000
asID: 30781
IP address blocks: 154.217.176.0/23 maxlen: 24
154.217.184.0/21 maxlen: 24
154.217.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96325 (0x17845)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 7 21:06:58 2025 GMT
Not After : Jun 10 21:06:58 2025 GMT
Subject: CN=67f43e75-042d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fc:c4:08:c1:e6:b3:e2:f5:91:93:db:62:53:
91:e0:b0:96:2c:1f:d4:80:b9:b3:74:34:67:60:3d:
20:e6:f2:da:88:e4:4b:43:54:7e:5c:ba:48:94:5a:
a5:c3:d3:58:24:12:32:f6:74:24:a8:1f:8c:19:0b:
75:d1:b3:4d:69:3d:c7:81:a7:f0:ab:d4:9b:5e:7d:
fc:60:58:a6:5d:6e:17:e2:a8:89:40:b6:f2:c7:ac:
e9:a5:ad:3c:b3:42:fb:47:cb:59:4f:9d:c5:a8:98:
36:d1:bf:74:47:22:ce:0a:cc:2c:58:2d:f3:0c:b0:
e6:7a:cd:ad:cd:d0:db:32:b0:67:17:8f:a6:c3:d6:
65:4c:e3:b4:25:11:f9:7f:d5:5a:0d:78:c1:db:0c:
09:26:4f:ae:0f:e1:38:9a:bb:13:38:3c:b5:56:29:
ec:b9:33:b4:4f:29:6b:63:fc:b0:26:7b:04:27:99:
b0:b5:03:2d:03:4b:48:e6:79:fc:f0:73:72:04:70:
4d:61:ae:63:32:32:85:8c:25:19:3d:68:a7:e2:e9:
37:ba:29:35:be:2a:4b:ed:27:65:49:e0:ab:d1:21:
f7:fd:51:77:d4:73:b0:f4:01:99:f2:6e:b6:14:76:
fd:d7:3f:21:4c:c2:1a:66:b6:de:f9:7b:c3:38:3a:
eb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A6:D0:87:99:7C:9F:88:74:6A:2B:F8:C3:5B:6D:B5:44:13:35:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3FEF5F4013F411F08C165261762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.176.0/23
154.217.184.0-154.217.223.255
Signature Algorithm: sha256WithRSAEncryption
3a:e1:33:50:98:da:fe:00:24:78:8f:2c:49:09:a2:de:9d:63:
2a:d9:54:77:70:6b:3d:6f:95:60:a0:d4:0e:71:c6:8e:af:01:
e5:06:99:96:24:f3:bf:bc:7a:24:33:7b:5d:5b:36:1a:2c:a5:
c5:6c:6e:a8:08:9f:b5:28:49:95:75:00:b0:d7:ec:ff:14:60:
dc:5f:09:a9:42:26:93:81:c1:2a:44:20:fa:ad:07:e7:3e:46:
f9:1f:d1:ec:13:5c:8f:6e:de:07:ea:33:1f:02:1e:65:39:34:
34:60:43:d1:72:b1:e9:4f:0b:27:da:f0:7e:77:b8:fa:3c:23:
27:e8:c6:e2:32:1f:37:cf:57:f2:9f:73:9f:d6:f3:b4:ef:ac:
a3:2d:d5:75:f7:e4:af:e8:a2:a0:95:cd:91:a3:0b:c5:57:3d:
d0:72:79:17:02:f3:21:13:3d:1b:be:33:8c:4d:8f:0b:21:5a:
dd:7c:dd:d5:12:18:1d:a2:0e:86:97:82:33:cc:d5:2d:01:84:
2a:fd:78:13:6a:a9:99:3a:16:46:e9:ba:e5:3d:b1:79:9e:a7:
3c:82:73:da:f0:1a:04:eb:19:df:1d:22:32:41:5f:fe:20:ce:
53:e7:fc:2f:f1:fa:12:a7:29:ed:a2:81:c6:ec:ce:6c:84:ae:
bf:ea:2f:03
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAXhFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA3MjEwNjU4WhcNMjUwNjEwMjEwNjU4WjAYMRYw
FAYDVQQDEw02N2Y0M2U3NS0wNDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu/zECMHms+L1kZPbYlOR4LCWLB/UgLmzdDRnYD0g5vLaiORLQ1R+XLpI
lFqlw9NYJBIy9nQkqB+MGQt10bNNaT3Hgafwq9SbXn38YFimXW4X4qiJQLbyx6zp
pa08s0L7R8tZT53FqJg20b90RyLOCswsWC3zDLDmes2tzdDbMrBnF4+mw9ZlTOO0
JRH5f9VaDXjB2wwJJk+uD+E4mrsTODy1VinsuTO0TylrY/ywJnsEJ5mwtQMtA0tI
5nn88HNyBHBNYa5jMjKFjCUZPWin4uk3uik1vipL7SdlSeCr0SH3/VF31HOw9AGZ
8m62FHb91z8hTMIaZrbe+XvDODrr7wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFJum
0IeZfJ+IdGor+MNbbbVEEzVkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRkVGNUY0MDEzRjQxMUYwOEMxNjUyNjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBmtmwMAwDBAOa2bgDBAWa
2cAwDQYJKoZIhvcNAQELBQADggEBADrhM1CY2v4AJHiPLEkJot6dYyrZVHdwaz1v
lWCg1A5xxo6vAeUGmZYk87+8eiQze11bNhospcVsbqgIn7UoSZV1ALDX7P8UYNxf
CalCJpOBwSpEIPqtB+c+Rvkf0ewTXI9u3gfqMx8CHmU5NDRgQ9FyselPCyfa8H53
uPo8IyfoxuIyHzfPV/Kfc5/W87TvrKMt1XX35K/ooqCVzZGjC8VXPdByeRcC8yET
PRu+M4xNjwshWt183dUSGB2iDoaXgjPM1S0BhCr9eBNqqZk6FkbpuuU9sXmepzyC
c9rwGgTrGd8dIjJBX/4gzlPn/C/x+hKnKe2igcbszmyErr/qLwM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:17:41 2025 by rpki-client on console.sobornost.net