Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7A4449F20CBB11F0AB434D90762E951A.roa
File: 7A4449F20CBB11F0AB434D90762E951A.roa (raw, json)
Hash identifier: 6nOY7A6N8bB+35VdMEe7bG2eShGpByoK6bx5Z3egXP0=
Subject key identifier: 50:DD:A5:37:09:6D:E7:E5:1B:9C:2B:1C:9B:63:86:5F:EA:DC:9F:30
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176C4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7A4449F20CBB11F0AB434D90762E951A.roa
Signing time: Sat 29 Mar 2025 16:33:00 +0000
ROA not before: Sat 29 Mar 2025 16:32:56 +0000
ROA not after: Mon 05 May 2025 16:32:56 +0000
asID: 20326
IP address blocks: 154.199.8.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95940 (0x176c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 29 16:32:56 2025 GMT
Not After : May 5 16:32:56 2025 GMT
Subject: CN=67e820bc-dd09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:2b:0e:e4:33:4b:49:fa:98:ad:61:8d:e1:
75:1a:9b:ae:88:62:7b:5d:b4:4e:2e:80:a5:d2:b6:
a8:43:46:0f:e9:57:59:9c:e7:b3:74:4a:09:e3:b2:
93:23:38:36:cb:85:67:ba:11:1e:5e:0a:d3:be:2d:
6a:5b:05:7d:c0:3f:57:93:1e:3f:14:65:ff:cd:56:
67:34:e4:10:7f:f9:fc:c4:0c:57:dd:ef:1c:87:29:
f1:2f:fb:7c:d9:15:ac:f5:f7:7a:0e:39:d8:7d:c7:
25:02:d0:18:6a:8b:52:a3:50:fe:d4:2f:64:9e:5d:
43:ec:1e:65:db:b5:35:c9:fb:1e:a1:ec:30:a7:f3:
ad:0e:38:ba:7b:c9:94:9c:cb:33:c5:9c:56:99:bb:
8b:ab:5e:0c:e6:87:fc:d4:6b:d1:f1:b4:ce:38:8c:
6c:6e:49:ca:1b:04:98:86:eb:21:5d:7a:03:93:0b:
87:f8:7d:f2:7f:dd:44:ea:21:2d:0b:d1:ef:8f:2f:
3b:57:c4:bd:27:c6:74:b0:06:44:93:66:c1:c6:0e:
70:4f:43:3a:08:fc:fc:ee:cb:d7:67:52:a8:8e:1f:
d6:31:26:de:31:e1:9e:c4:5c:0a:a6:43:6f:1d:69:
d5:e2:c1:1c:c0:2d:41:a0:19:47:07:3d:36:8b:f2:
a5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DD:A5:37:09:6D:E7:E5:1B:9C:2B:1C:9B:63:86:5F:EA:DC:9F:30
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7A4449F20CBB11F0AB434D90762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.8.0/23
Signature Algorithm: sha256WithRSAEncryption
56:ff:71:78:5e:8e:b6:ee:31:74:c4:b2:1f:58:65:4f:48:8b:
8d:b6:6a:e9:b2:4a:e7:c0:fa:06:27:b0:f8:5f:10:af:3d:e1:
5e:0e:e4:29:9a:df:86:ec:89:c2:61:07:cc:58:f1:45:89:74:
5b:93:e8:0a:c1:87:45:fa:69:ec:65:b9:68:43:28:fb:c6:29:
e4:97:ef:22:ef:3d:12:63:55:c2:83:bb:e1:0a:53:28:b4:7a:
14:d9:8c:4d:63:31:53:1d:82:56:1e:b6:37:67:0f:5c:9a:97:
03:23:de:94:ce:32:a3:f5:22:c7:73:71:d9:6c:17:f7:5d:77:
40:2f:01:d2:b1:11:5d:d4:26:84:eb:51:52:4d:26:e4:b0:96:
c7:ee:18:52:7d:93:76:31:a1:89:52:08:90:a5:a9:42:aa:8c:
b3:cf:44:8d:96:56:ac:c9:d2:9a:10:3d:dc:d3:13:7d:68:c5:
20:c6:51:91:da:5e:7f:76:e1:6e:d9:96:1d:a1:fd:41:54:e7:
89:b6:6f:1a:b5:c0:a3:16:57:94:2f:cf:d8:ad:aa:74:76:cb:
a5:bc:45:c7:b5:8c:1a:14:d8:2d:2c:da:93:ac:51:56:1c:b7:
b8:78:a4:df:de:78:fb:f9:30:1f:13:78:32:6c:4f:4b:68:71:
bf:40:c9:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXbEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTYzMjU2WhcNMjUwNTA1MTYzMjU2WjAYMRYw
FAYDVQQDEw02N2U4MjBiYy1kZDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAszErDuQzS0n6mK1hjeF1GpuuiGJ7XbROLoCl0raoQ0YP6VdZnOezdEoJ
47KTIzg2y4VnuhEeXgrTvi1qWwV9wD9Xkx4/FGX/zVZnNOQQf/n8xAxX3e8chynx
L/t82RWs9fd6DjnYfcclAtAYaotSo1D+1C9knl1D7B5l27U1yfseoewwp/OtDji6
e8mUnMszxZxWmbuLq14M5of81GvR8bTOOIxsbknKGwSYhushXXoDkwuH+H3yf91E
6iEtC9Hvjy87V8S9J8Z0sAZEk2bBxg5wT0M6CPz87svXZ1Kojh/WMSbeMeGexFwK
pkNvHWnV4sEcwC1BoBlHBz02i/KlCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFDd
pTcJbeflG5wrHJtjhl/q3J8wMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QTQ0NDlGMjBDQkIxMUYwQUI0MzREOTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmscIMA0GCSqGSIb3DQEB
CwUAA4IBAQBW/3F4Xo627jF0xLIfWGVPSIuNtmrpskrnwPoGJ7D4XxCvPeFeDuQp
mt+G7InCYQfMWPFFiXRbk+gKwYdF+mnsZbloQyj7xinkl+8i7z0SY1XCg7vhClMo
tHoU2YxNYzFTHYJWHrY3Zw9cmpcDI96UzjKj9SLHc3HZbBf3XXdALwHSsRFd1CaE
61FSTSbksJbH7hhSfZN2MaGJUgiQpalCqoyzz0SNllasydKaED3c0xN9aMUgxlGR
2l5/duFu2ZYdof1BVOeJtm8atcCjFleUL8/Yrap0dsulvEXHtYwaFNgtLNqTrFFW
HLe4eKTf3nj7+TAfE3gybE9LaHG/QMm0
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:52:48 2025 by rpki-client on console.sobornost.net