Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/923D2B601C5A11F09DC6AEA2DAE4EC9C.roa
File: 923D2B601C5A11F09DC6AEA2DAE4EC9C.roa (raw, json)
Hash identifier: ZJtsEmf16ZedP+7l1DRqDnFxraKRuywvWhm107yYViI=
Subject key identifier: 70:BB:47:86:B6:70:C1:53:E8:CB:56:0B:3C:90:E5:31:F4:B3:A4:08
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017995
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/923D2B601C5A11F09DC6AEA2DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 13:39:38 +0000
ROA not before: Fri 18 Apr 2025 13:39:33 +0000
ROA not after: Thu 22 May 2025 13:39:33 +0000
asID: 57043
IP address blocks: 154.222.34.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96661 (0x17995)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 13:39:33 2025 GMT
Not After : May 22 13:39:33 2025 GMT
Subject: CN=6802561a-68d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3c:52:f0:d6:85:a0:1a:22:bc:95:7c:f5:96:
c8:c0:20:2b:a6:7f:30:67:7d:61:36:27:0b:26:c2:
fd:43:a0:05:70:a6:cb:0b:7f:c7:b1:da:8d:1f:b3:
d7:d3:6d:ad:50:b4:9f:55:f6:00:88:51:72:5f:fe:
aa:90:75:6c:cb:83:78:55:88:d1:c6:14:3d:02:44:
8c:47:78:a1:c6:68:63:e9:70:a4:cc:5c:9c:9d:45:
c0:08:39:a5:55:ce:54:e3:a4:6d:46:73:68:4f:73:
71:fe:08:01:d5:b0:cc:ec:5e:9d:3a:84:73:6d:c0:
8c:98:90:13:e0:a4:8d:2a:8d:7a:8d:19:83:a3:4e:
2a:95:3e:d7:09:41:e1:0e:d0:29:b3:ef:8f:35:18:
41:50:fc:c9:75:63:42:11:88:7f:f9:6f:55:83:d5:
ce:17:2d:c3:b5:f0:c1:27:62:2a:91:00:a5:19:de:
ec:dd:4c:5e:40:d9:df:9d:f5:85:18:99:f7:55:30:
41:b3:df:3a:9a:fd:9c:d5:f1:fa:ea:3f:4a:f2:f2:
2f:70:60:e5:bb:62:4a:94:cb:e2:71:68:bd:49:d5:
c5:8e:39:ec:f9:06:94:a1:95:9f:bd:ff:fc:4f:fa:
6e:c1:4a:a4:fd:e8:d8:20:20:12:0f:70:20:65:c6:
84:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:BB:47:86:B6:70:C1:53:E8:CB:56:0B:3C:90:E5:31:F4:B3:A4:08
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/923D2B601C5A11F09DC6AEA2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.34.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:38:a8:15:31:fb:50:ce:db:bd:8c:66:a9:85:3c:82:1c:e7:
88:e7:a0:83:48:60:27:b1:5a:15:bc:d4:fd:07:9f:27:fa:98:
0b:44:6f:63:0e:65:4c:27:6c:41:00:f8:24:da:c6:5f:9c:d9:
da:e3:07:97:ff:49:e9:ea:97:bc:95:f0:20:35:d6:e4:5c:c2:
e5:f8:7b:52:43:99:7c:35:16:4d:5c:0d:e4:93:18:d2:a0:5d:
7c:c0:d8:8a:6c:01:ee:f7:fc:20:64:4c:d0:e5:02:c2:9f:fc:
81:b6:c8:71:2e:e7:78:59:ef:41:3c:93:0d:31:f0:fc:38:b1:
1e:01:12:3f:f1:af:ea:5c:f9:83:28:7a:7c:60:e9:79:53:da:
13:29:73:ca:a9:36:cf:b1:c0:a2:d9:56:62:11:18:2c:9c:f9:
a6:a9:7f:70:a0:dc:fb:e2:1c:1f:f8:06:aa:ed:59:fc:29:35:
73:43:89:2a:8c:5a:93:2c:74:fb:55:3e:fa:b0:4e:91:e5:0a:
aa:1c:94:5d:2e:c3:a4:c7:bb:5f:12:16:af:f0:7f:0a:e1:bc:
21:2f:29:4f:29:77:b8:1c:e4:21:e0:ac:3c:37:19:f0:98:ab:
4a:00:2d:3f:f8:19:87:33:39:a5:f9:3e:3d:5b:0c:50:61:2c:
c1:4f:2d:d3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXmVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE4MTMzOTMzWhcNMjUwNTIyMTMzOTMzWjAYMRYw
FAYDVQQDEw02ODAyNTYxYS02OGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuDxS8NaFoBoivJV89ZbIwCArpn8wZ31hNicLJsL9Q6AFcKbLC3/HsdqN
H7PX022tULSfVfYAiFFyX/6qkHVsy4N4VYjRxhQ9AkSMR3ihxmhj6XCkzFycnUXA
CDmlVc5U46RtRnNoT3Nx/ggB1bDM7F6dOoRzbcCMmJAT4KSNKo16jRmDo04qlT7X
CUHhDtAps++PNRhBUPzJdWNCEYh/+W9Vg9XOFy3DtfDBJ2IqkQClGd7s3UxeQNnf
nfWFGJn3VTBBs986mv2c1fH66j9K8vIvcGDlu2JKlMvicWi9SdXFjjns+QaUoZWf
vf/8T/puwUqk/ejYICASD3AgZcaE+QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHC7
R4a2cMFT6MtWCzyQ5TH0s6QIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MjNEMkI2MDFDNUExMUYwOURDNkFFQTJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt4iMA0GCSqGSIb3DQEB
CwUAA4IBAQBtOKgVMftQztu9jGaphTyCHOeI56CDSGAnsVoVvNT9B58n+pgLRG9j
DmVMJ2xBAPgk2sZfnNna4weX/0np6pe8lfAgNdbkXMLl+HtSQ5l8NRZNXA3kkxjS
oF18wNiKbAHu9/wgZEzQ5QLCn/yBtshxLud4We9BPJMNMfD8OLEeARI/8a/qXPmD
KHp8YOl5U9oTKXPKqTbPscCi2VZiERgsnPmmqX9woNz74hwf+Aaq7Vn8KTVzQ4kq
jFqTLHT7VT76sE6R5QqqHJRdLsOkx7tfEhav8H8K4bwhLylPKXe4HOQh4Kw8Nxnw
mKtKAC0/+BmHMzml+T49WwxQYSzBTy3T
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:04:09 2025 by rpki-client on console.sobornost.net