Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40021A541E8A11F09651DAC8DAE4EC9C.roa
File: 40021A541E8A11F09651DAC8DAE4EC9C.roa (raw, json)
Hash identifier: wwnj7IdwivLqBaE32hqrzmwX7/xcBGqSu90k0fYQkFs=
Subject key identifier: 20:E1:52:DD:3D:10:42:41:5A:0E:21:38:78:D8:3B:B3:59:00:78:18
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017A4D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40021A541E8A11F09651DAC8DAE4EC9C.roa
Signing time: Mon 21 Apr 2025 08:25:58 +0000
ROA not before: Mon 21 Apr 2025 08:25:54 +0000
ROA not after: Sat 31 May 2025 08:25:54 +0000
asID: 18779
IP address blocks: 154.206.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96845 (0x17a4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 21 08:25:54 2025 GMT
Not After : May 31 08:25:54 2025 GMT
Subject: CN=68060116-87ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:52:0b:1b:cb:a5:1b:8c:2b:b2:fe:34:c3:d3:
7a:d8:c1:1b:7a:ba:68:bf:8c:bb:8e:f9:42:89:c7:
24:50:95:b7:2d:22:95:96:c5:05:6f:dc:ef:6d:96:
be:8f:26:7e:61:0a:ad:4f:81:34:3f:e3:27:af:a6:
83:a7:25:07:93:3a:02:8b:b2:19:1a:1a:f7:fc:2f:
09:c8:eb:7c:4f:55:c3:91:dc:18:c6:f0:6a:eb:53:
4f:0b:ad:7e:d4:41:7f:15:4a:18:f8:dc:ae:a5:50:
05:a3:40:e5:ee:e0:94:18:70:76:d5:a5:9d:35:8e:
37:04:3e:cc:fc:f2:c4:39:d1:19:15:7d:31:64:cc:
ea:bd:f8:64:c8:dd:ac:40:02:1f:7c:4e:91:8d:ad:
b0:6a:cf:bf:b2:c0:08:c1:06:67:3e:78:31:94:ff:
4c:4d:2a:dc:e8:49:c0:35:a4:c6:8b:a0:69:41:8a:
84:f2:1e:08:2c:c0:81:2c:84:40:fd:b8:b2:02:1a:
c1:5b:ed:97:a5:78:71:d9:6b:bb:ab:44:a5:5c:ea:
d3:59:b1:30:f7:2e:72:d9:3f:ea:3c:9a:56:e6:e4:
96:98:af:7a:70:52:96:4c:cf:b1:aa:06:7b:a7:24:
86:41:bc:e7:04:87:85:00:69:8e:e5:43:92:2f:52:
1a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E1:52:DD:3D:10:42:41:5A:0E:21:38:78:D8:3B:B3:59:00:78:18
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/40021A541E8A11F09651DAC8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.20.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:a1:63:a3:fa:3d:f4:59:7c:07:64:03:70:49:da:03:a9:5d:
76:d2:36:b4:f7:e4:42:5e:69:e6:b2:81:54:1a:19:33:64:ce:
4f:63:85:57:9a:91:a1:23:c2:d0:9d:8a:7c:7b:14:16:0c:86:
e8:7a:5e:d2:6a:f8:11:fe:5f:d8:75:20:81:45:06:d6:ed:4d:
a3:19:d3:a1:96:02:00:ba:e1:16:b7:6b:0f:6a:f5:9a:55:fd:
2e:9c:e4:f8:e0:26:4f:31:83:5c:40:3b:43:da:6d:a7:4b:04:
aa:85:a1:22:7b:a8:bb:5f:9c:2c:65:74:ad:14:d1:64:9b:d4:
25:f6:87:c1:d7:b2:21:72:dc:31:9e:eb:1d:43:1e:fb:a6:50:
bd:47:d1:43:cf:43:ca:16:ed:66:94:df:03:03:56:a5:f2:b1:
41:64:81:93:16:82:0b:06:68:76:94:9c:49:1b:1f:bb:d5:08:
9d:33:24:78:c6:28:56:02:b1:c3:db:13:d8:cb:26:fc:19:1e:
84:c7:27:f5:6d:9d:71:42:35:88:b2:83:2b:f2:5f:6f:be:7b:
bd:1d:84:9f:e3:1e:59:76:f1:a4:ac:29:a3:77:83:f5:f8:a7:
86:61:49:bf:ef:78:35:3e:2c:54:3c:bb:ff:27:de:cd:77:48:
23:7d:16:63
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXpNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIxMDgyNTU0WhcNMjUwNTMxMDgyNTU0WjAYMRYw
FAYDVQQDEw02ODA2MDExNi04N2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA31ILG8ulG4wrsv40w9N62MEberpov4y7jvlCicckUJW3LSKVlsUFb9zv
bZa+jyZ+YQqtT4E0P+Mnr6aDpyUHkzoCi7IZGhr3/C8JyOt8T1XDkdwYxvBq61NP
C61+1EF/FUoY+NyupVAFo0Dl7uCUGHB21aWdNY43BD7M/PLEOdEZFX0xZMzqvfhk
yN2sQAIffE6Rja2was+/ssAIwQZnPngxlP9MTSrc6EnANaTGi6BpQYqE8h4ILMCB
LIRA/biyAhrBW+2XpXhx2Wu7q0SlXOrTWbEw9y5y2T/qPJpW5uSWmK96cFKWTM+x
qgZ7pySGQbznBIeFAGmO5UOSL1IaiQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCDh
Ut09EEJBWg4hOHjYO7NZAHgYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80MDAyMUE1NDFFOEExMUYwOTY1MURBQzhEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms4UMA0GCSqGSIb3DQEB
CwUAA4IBAQAPoWOj+j30WXwHZANwSdoDqV120ja09+RCXmnmsoFUGhkzZM5PY4VX
mpGhI8LQnYp8exQWDIboel7SavgR/l/YdSCBRQbW7U2jGdOhlgIAuuEWt2sPavWa
Vf0unOT44CZPMYNcQDtD2m2nSwSqhaEie6i7X5wsZXStFNFkm9Ql9ofB17Ihctwx
nusdQx77plC9R9FDz0PKFu1mlN8DA1al8rFBZIGTFoILBmh2lJxJGx+71QidMyR4
xihWArHD2xPYyyb8GR6Exyf1bZ1xQjWIsoMr8l9vvnu9HYSf4x5ZdvGkrCmjd4P1
+KeGYUm/73g1PixUPLv/J97Nd0gjfRZj
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:56:11 2025 by rpki-client on console.sobornost.net