Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DA7829E1DF611F0926454E5DAE4EC9C.roa
File: 6DA7829E1DF611F0926454E5DAE4EC9C.roa (raw, json)
Hash identifier: yxPpfiE/XKuCNHvEl8sqocwBmSAQH1D2DFNWZqQHB3s=
Subject key identifier: 4D:96:C1:39:A8:9B:20:A7:F9:0D:F6:EF:B3:97:31:C0:4E:C4:DF:EE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017A38
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DA7829E1DF611F0926454E5DAE4EC9C.roa
Signing time: Sun 20 Apr 2025 14:47:49 +0000
ROA not before: Sun 20 Apr 2025 14:47:44 +0000
ROA not after: Sun 27 Apr 2025 14:47:44 +0000
asID: 5065
IP address blocks: 154.206.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96824 (0x17a38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 20 14:47:44 2025 GMT
Not After : Apr 27 14:47:44 2025 GMT
Subject: CN=68050915-18ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:31:b1:98:d1:da:2b:22:aa:fe:d7:62:77:06:
53:9e:86:39:41:1d:4f:40:32:26:b8:c8:ec:7b:88:
17:83:64:07:b0:f5:8e:8d:37:c5:57:97:55:b2:90:
72:eb:c9:59:f9:f5:40:68:97:e8:96:cb:5b:eb:45:
f3:a1:0b:c6:47:f4:8a:f3:28:80:54:6e:c1:30:a2:
e7:11:9e:41:20:be:2e:7d:17:39:ff:a8:60:02:da:
9b:04:e3:a4:bf:f3:08:5a:1e:8b:b2:0e:7d:ad:8a:
ac:a8:10:82:e7:f5:ac:f5:c1:b3:ea:b7:ea:48:1b:
5e:15:ed:e6:a4:8b:90:7a:ca:29:65:fe:33:cc:01:
ca:60:73:45:94:d3:cc:63:35:a5:13:52:b3:23:4c:
fc:5e:c4:7f:59:9b:ea:7b:a1:46:d6:bb:d3:8c:c3:
46:48:8e:94:ad:7b:7e:3d:5a:ba:9c:1d:42:fd:ac:
e4:8e:cb:61:c1:7c:d2:e8:87:a5:99:77:90:a5:3e:
71:c6:06:20:64:cb:d0:5f:6a:4e:28:a5:ea:8f:64:
95:d9:a6:e9:3a:cc:53:a6:7c:e5:05:c7:54:74:76:
ad:98:f2:d4:3c:38:82:f8:7d:ce:a1:7d:e0:94:76:
a5:3b:8a:e5:83:2d:9d:54:65:35:05:1f:3a:73:4f:
38:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:96:C1:39:A8:9B:20:A7:F9:0D:F6:EF:B3:97:31:C0:4E:C4:DF:EE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DA7829E1DF611F0926454E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.206.52.0/22
Signature Algorithm: sha256WithRSAEncryption
58:c0:86:3e:bb:bd:14:1b:5b:15:1d:a5:d6:ee:b2:eb:9a:90:
48:07:d7:8d:cb:9a:1d:02:38:24:cd:52:a7:bd:1e:61:7a:62:
e1:07:5d:49:d0:bb:1b:ef:f0:18:a7:8e:2b:87:92:0b:10:d6:
76:35:ab:08:e1:38:41:c8:fa:53:6f:7f:35:3c:de:0a:a2:63:
86:ab:00:2d:ef:98:8c:e7:4e:b7:cf:6c:26:56:72:b3:bd:f0:
62:1b:aa:98:43:43:5a:61:4d:57:65:45:ab:ec:66:58:68:51:
ae:ad:42:48:bc:a6:ef:be:d2:0f:7d:1b:25:e6:18:8c:b3:29:
97:fe:39:a4:99:fb:78:72:f4:e7:32:40:10:b6:69:47:33:86:
7c:65:fe:ac:ab:ba:73:32:f4:26:7e:1a:18:a4:90:85:30:24:
8f:36:78:e7:b5:7e:97:6e:e9:85:ad:4c:95:25:b0:fd:ad:e5:
d5:5f:11:83:c9:fb:1d:ec:49:b7:a8:60:89:df:aa:23:43:72:
c5:7f:58:45:b9:0a:b1:89:e6:69:71:dd:cc:c2:b5:67:d9:bf:
92:3e:52:ce:fd:be:26:f8:35:92:47:c4:64:9c:01:99:2f:d7:
57:78:dc:28:ca:27:43:1f:fd:0b:e0:40:66:b8:4d:9f:bc:c1:
f3:48:e0:15
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXo4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIwMTQ0NzQ0WhcNMjUwNDI3MTQ0NzQ0WjAYMRYw
FAYDVQQDEw02ODA1MDkxNS0xOGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnzGxmNHaKyKq/tdidwZTnoY5QR1PQDImuMjse4gXg2QHsPWOjTfFV5dV
spBy68lZ+fVAaJfolstb60XzoQvGR/SK8yiAVG7BMKLnEZ5BIL4ufRc5/6hgAtqb
BOOkv/MIWh6Lsg59rYqsqBCC5/Ws9cGz6rfqSBteFe3mpIuQesopZf4zzAHKYHNF
lNPMYzWlE1KzI0z8XsR/WZvqe6FG1rvTjMNGSI6UrXt+PVq6nB1C/azkjsthwXzS
6IelmXeQpT5xxgYgZMvQX2pOKKXqj2SV2abpOsxTpnzlBcdUdHatmPLUPDiC+H3O
oX3glHalO4rlgy2dVGU1BR86c084nwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE2W
wTmomyCn+Q3277OXMcBOxN/uMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82REE3ODI5RTFERjYxMUYwOTI2NDU0RTVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCms40MA0GCSqGSIb3DQEB
CwUAA4IBAQBYwIY+u70UG1sVHaXW7rLrmpBIB9eNy5odAjgkzVKnvR5hemLhB11J
0Lsb7/AYp44rh5ILENZ2NasI4ThByPpTb381PN4KomOGqwAt75iM5063z2wmVnKz
vfBiG6qYQ0NaYU1XZUWr7GZYaFGurUJIvKbvvtIPfRsl5hiMsymX/jmkmft4cvTn
MkAQtmlHM4Z8Zf6sq7pzMvQmfhoYpJCFMCSPNnjntX6XbumFrUyVJbD9reXVXxGD
yfsd7Em3qGCJ36ojQ3LFf1hFuQqxieZpcd3MwrVn2b+SPlLO/b4m+DWSR8RknAGZ
L9dXeNwoyidDH/0L4EBmuE2fvMHzSOAV
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:03:57 2025 by rpki-client on console.sobornost.net