Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4812706221BA11F0BEF4739CDAE4EC9C.roa
File: 4812706221BA11F0BEF4739CDAE4EC9C.roa (raw, json)
Hash identifier: P0uNvUiHvAe852cVcuBFn9ofM5/jkzIZOfvoySS2Msk=
Subject key identifier: D9:EF:86:00:53:74:C2:AA:6B:08:39:D5:FD:76:AD:A7:D3:6E:44:1D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B11
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4812706221BA11F0BEF4739CDAE4EC9C.roa
Signing time: Fri 25 Apr 2025 09:47:21 +0000
ROA not before: Fri 25 Apr 2025 09:47:16 +0000
ROA not after: Wed 04 Jun 2025 09:47:16 +0000
asID: 271956
IP address blocks: 154.88.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97041 (0x17b11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 09:47:16 2025 GMT
Not After : Jun 4 09:47:16 2025 GMT
Subject: CN=680b5a29-0c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7b:89:87:92:ab:66:1d:7c:8c:22:bf:f2:cc:
38:c0:2c:7a:9b:3e:1c:10:4e:dd:70:fa:19:65:e0:
dd:64:f2:9e:cd:fd:20:53:5c:5c:a7:64:16:8f:80:
d8:60:f0:b4:8e:58:f3:b9:40:d8:ee:f4:7b:b9:e5:
6e:7f:28:9a:ac:54:53:23:9e:82:d3:e9:2f:3c:70:
43:0b:a4:48:d5:f8:8c:33:1e:cc:40:f3:b1:aa:d0:
0b:13:dd:57:bf:84:ca:04:e9:48:c1:4b:21:bb:9f:
94:91:e8:07:2c:ea:4a:6d:9b:21:59:25:36:f9:ab:
71:77:8e:41:2e:9a:1b:4b:41:68:c0:29:50:0b:5a:
05:dc:59:f7:4d:18:65:5a:58:ea:61:10:1b:12:66:
cd:5d:d2:9a:fd:af:9c:8a:91:3e:a6:ff:88:6a:d3:
91:c3:f3:5b:12:b2:b1:60:a6:f9:60:7f:6a:6d:52:
ba:26:0e:c7:1b:74:34:57:55:63:02:1f:56:7b:c0:
a4:94:3a:c6:78:49:51:8b:f8:fa:b6:ac:39:67:b1:
81:4a:bf:a7:b6:e3:38:c4:40:c5:1c:be:e5:75:61:
32:f8:0c:04:f9:d8:41:37:a7:b9:e3:2f:4d:3d:98:
c5:64:6f:b2:f4:b0:4f:d2:dd:4c:d6:84:c2:d6:81:
d9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:EF:86:00:53:74:C2:AA:6B:08:39:D5:FD:76:AD:A7:D3:6E:44:1D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4812706221BA11F0BEF4739CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.190.0/23
Signature Algorithm: sha256WithRSAEncryption
03:ee:e9:ac:08:e5:92:c3:18:cf:31:45:64:15:55:4f:c5:36:
d7:6d:e3:e6:05:11:56:a2:e1:bc:6c:f9:0c:fb:ea:c3:ec:6e:
66:f0:37:94:02:45:89:9c:9b:ce:b5:74:f6:fe:31:ea:0b:5b:
9e:79:e6:0f:e7:a4:31:64:fc:17:9c:9a:4c:4f:3d:30:be:d6:
6c:19:bc:b7:b4:7a:7e:c8:7e:6e:e4:72:7a:cf:a9:11:00:c4:
98:67:86:0d:02:43:5b:c3:f6:fc:53:77:75:ec:08:a5:38:8d:
a1:0c:26:51:d5:38:1b:cd:24:e0:0d:d1:78:d9:30:81:8e:50:
11:12:f2:06:aa:e8:14:42:ba:4e:d0:79:55:53:80:9c:39:16:
02:29:8b:30:41:d1:b1:c9:3d:81:f1:8c:33:a0:8a:21:80:45:
66:e6:4c:5a:e3:1a:23:b0:e0:8d:91:5f:a3:f2:d0:7c:21:40:
67:e6:dd:5d:ff:30:4c:dd:5a:55:6f:d3:29:8e:5f:dd:8b:46:
2d:c4:1a:6a:4c:86:5a:64:24:14:88:0c:33:57:97:35:67:9e:
c8:57:4a:be:28:3e:17:19:2c:04:62:51:34:08:a2:f7:db:f0:
e5:25:f9:b8:c8:ee:77:b9:23:ea:83:9e:d9:b4:45:6a:bc:ed:
8e:db:73:a7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXsRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDk0NzE2WhcNMjUwNjA0MDk0NzE2WjAYMRYw
FAYDVQQDEw02ODBiNWEyOS0wYzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA33uJh5KrZh18jCK/8sw4wCx6mz4cEE7dcPoZZeDdZPKezf0gU1xcp2QW
j4DYYPC0jljzuUDY7vR7ueVufyiarFRTI56C0+kvPHBDC6RI1fiMMx7MQPOxqtAL
E91Xv4TKBOlIwUshu5+UkegHLOpKbZshWSU2+atxd45BLpobS0FowClQC1oF3Fn3
TRhlWljqYRAbEmbNXdKa/a+cipE+pv+IatORw/NbErKxYKb5YH9qbVK6Jg7HG3Q0
V1VjAh9We8CklDrGeElRi/j6tqw5Z7GBSr+ntuM4xEDFHL7ldWEy+AwE+dhBN6e5
4y9NPZjFZG+y9LBP0t1M1oTC1oHZOQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNnv
hgBTdMKqawg51f12rafTbkQdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80ODEyNzA2MjIxQkExMUYwQkVGNDczOUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmli+MA0GCSqGSIb3DQEB
CwUAA4IBAQAD7umsCOWSwxjPMUVkFVVPxTbXbePmBRFWouG8bPkM++rD7G5m8DeU
AkWJnJvOtXT2/jHqC1ueeeYP56QxZPwXnJpMTz0wvtZsGby3tHp+yH5u5HJ6z6kR
AMSYZ4YNAkNbw/b8U3d17AilOI2hDCZR1TgbzSTgDdF42TCBjlAREvIGqugUQrpO
0HlVU4CcORYCKYswQdGxyT2B8YwzoIohgEVm5kxa4xojsOCNkV+j8tB8IUBn5t1d
/zBM3VpVb9Mpjl/di0YtxBpqTIZaZCQUiAwzV5c1Z57IV0q+KD4XGSwEYlE0CKL3
2/DlJfm4yO53uSPqg57ZtEVqvO2O23On
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:54:15 2025 by rpki-client on console.sobornost.net