Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A0A064E1F5011F09F287DF5DAE4EC9C.roa
File: 4A0A064E1F5011F09F287DF5DAE4EC9C.roa (raw, json)
Hash identifier: Q9IIHKA+3ypFlx0HSfkzjHEU3G57yl5gurPQr4yarVY=
Subject key identifier: F4:5F:76:0B:83:A0:90:5F:F5:30:7E:E4:3F:00:44:4D:3C:13:9C:82
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017A74
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A0A064E1F5011F09F287DF5DAE4EC9C.roa
Signing time: Tue 22 Apr 2025 08:03:35 +0000
ROA not before: Tue 22 Apr 2025 08:03:30 +0000
ROA not after: Tue 27 May 2025 08:03:30 +0000
asID: 8796
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96884 (0x17a74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 08:03:30 2025 GMT
Not After : May 27 08:03:30 2025 GMT
Subject: CN=68074d57-4ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:81:83:bb:67:d9:cf:b8:80:eb:79:42:2c:
68:ca:94:85:71:45:de:a9:64:ab:bd:14:91:d3:bf:
a8:11:25:32:b0:81:13:60:46:04:46:b0:1e:1f:9a:
4b:ed:f5:ce:dc:46:a2:e7:b7:be:49:33:ed:31:bc:
7c:eb:74:4f:d9:23:d8:56:21:c6:25:01:a6:2d:d3:
79:cd:58:8c:6c:93:f0:e6:99:7c:d6:72:8f:d6:4f:
d4:62:e2:a4:2a:38:96:69:d0:fc:db:17:29:1e:4a:
e5:bb:3f:76:a5:45:b5:a1:e0:aa:f0:af:ac:3f:de:
56:59:31:a3:3e:66:38:92:8b:48:20:7f:fa:6e:97:
8a:66:2c:79:17:c4:25:b1:99:56:ce:7e:84:a6:f4:
31:00:4e:c5:3d:90:a4:db:7b:c4:95:6a:cb:55:ce:
80:74:6b:7f:3b:2f:00:10:73:7f:ef:d5:e8:db:3c:
11:12:45:74:0f:3c:60:2e:e5:ad:e9:18:6b:fb:d9:
bb:88:93:f9:ca:3f:b5:f1:e8:7f:76:fd:f7:5c:30:
83:ca:b9:8b:07:ab:f7:96:ef:f4:ae:aa:1b:88:73:
d6:af:ff:9d:02:18:2d:67:fc:b3:ce:17:2c:f5:04:
0f:76:3d:34:c0:5b:12:08:e8:34:7c:93:c6:84:39:
a3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:5F:76:0B:83:A0:90:5F:F5:30:7E:E4:3F:00:44:4D:3C:13:9C:82
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4A0A064E1F5011F09F287DF5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
4e:fc:d9:f4:2d:c7:72:ef:43:23:7c:f7:a6:4d:36:4b:e0:84:
5a:11:b2:16:15:85:ee:00:02:7e:93:27:64:13:95:fc:ba:e0:
1d:11:95:ac:5d:a2:2b:e9:7e:55:3d:7e:db:8d:fc:a4:76:26:
07:be:0a:cc:ca:c8:ca:3e:9e:c2:b0:99:ff:a6:83:4a:8e:4c:
19:f0:42:a5:9f:93:4e:65:1b:9b:90:30:a1:2f:f2:76:3e:d4:
af:46:c1:c0:0a:09:f1:a6:b1:71:a6:ac:c1:59:cd:28:2e:9d:
94:0d:ef:5c:73:a3:8e:0f:3c:01:d5:26:2e:9b:b2:3d:90:d5:
a3:64:75:ff:9e:f7:f4:ec:46:39:8f:76:9c:27:b7:29:ef:78:
93:f1:51:92:4a:b2:47:52:d0:cc:67:4c:71:37:28:fe:29:10:
f7:8c:60:34:bc:26:0e:79:64:59:2f:96:d3:9e:35:bf:d6:ca:
d1:17:dd:fd:fa:98:fe:0b:9f:ec:f1:22:88:b7:c9:cf:df:85:
4d:26:f9:1c:df:65:cf:f0:41:9f:01:7c:cf:0b:69:b5:3a:a9:
35:03:76:03:01:e3:af:0e:8a:da:4c:39:1b:d3:d4:11:42:d9:
06:db:3c:ed:b8:0f:9d:6f:d5:c6:9b:49:1f:46:ab:7f:f0:61:
c4:59:5c:2d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXp0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIyMDgwMzMwWhcNMjUwNTI3MDgwMzMwWjAYMRYw
FAYDVQQDEw02ODA3NGQ1Ny00ZWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAukKBg7tn2c+4gOt5QixoypSFcUXeqWSrvRSR07+oESUysIETYEYERrAe
H5pL7fXO3Eai57e+STPtMbx863RP2SPYViHGJQGmLdN5zViMbJPw5pl81nKP1k/U
YuKkKjiWadD82xcpHkrluz92pUW1oeCq8K+sP95WWTGjPmY4kotIIH/6bpeKZix5
F8QlsZlWzn6EpvQxAE7FPZCk23vElWrLVc6AdGt/Oy8AEHN/79Xo2zwREkV0Dzxg
LuWt6Rhr+9m7iJP5yj+18eh/dv33XDCDyrmLB6v3lu/0rqobiHPWr/+dAhgtZ/yz
zhcs9QQPdj00wFsSCOg0fJPGhDmjoQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPRf
dguDoJBf9TB+5D8ARE08E5yCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80QTBBMDY0RTFGNTAxMUYwOUYyODdERjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQBO/Nn0Lcdy70MjfPemTTZL4IRaEbIWFYXuAAJ+kydkE5X8uuAdEZWs
XaIr6X5VPX7bjfykdiYHvgrMysjKPp7CsJn/poNKjkwZ8EKln5NOZRubkDChL/J2
PtSvRsHACgnxprFxpqzBWc0oLp2UDe9cc6OODzwB1SYum7I9kNWjZHX/nvf07EY5
j3acJ7cp73iT8VGSSrJHUtDMZ0xxNyj+KRD3jGA0vCYOeWRZL5bTnjW/1srRF939
+pj+C5/s8SKIt8nP34VNJvkc32XP8EGfAXzPC2m1Oqk1A3YDAeOvDoraTDkb09QR
QtkG2zztuA+db9XGm0kfRqt/8GHEWVwt
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:39:07 2025 by rpki-client on console.sobornost.net