Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9638219E1E8411F0926CFDA4DAE4EC9C.roa
File: 9638219E1E8411F0926CFDA4DAE4EC9C.roa (raw, json)
Hash identifier: oMrFNtV1AKvXxSw06kryz7LjjwPWCgDPh5TvS+vjIaw=
Subject key identifier: 41:95:A1:88:11:22:6E:7D:E2:6C:E3:D0:D9:82:0F:A6:89:B6:D0:7F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017A4A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9638219E1E8411F0926CFDA4DAE4EC9C.roa
Signing time: Mon 21 Apr 2025 07:45:26 +0000
ROA not before: Mon 21 Apr 2025 07:45:21 +0000
ROA not after: Mon 26 May 2025 07:45:21 +0000
asID: 57043
IP address blocks: 154.83.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96842 (0x17a4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 21 07:45:21 2025 GMT
Not After : May 26 07:45:21 2025 GMT
Subject: CN=6805f796-b05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3d:0f:79:71:28:25:aa:c9:82:6c:55:45:23:
a2:4a:14:d6:7e:99:f8:27:84:39:6d:0e:26:86:d7:
12:3d:af:9d:51:fa:27:8c:f5:07:3d:71:55:b5:cd:
1d:39:1b:ab:3f:5b:9c:89:7b:89:cf:1c:7c:c7:46:
9f:8d:5c:72:fb:f9:1e:cb:aa:e1:94:cb:4a:7e:7c:
97:5d:a5:72:f2:6d:66:1a:e3:b3:b1:67:cb:9a:6d:
20:23:e2:39:92:b7:7c:ca:ec:83:73:28:4d:ec:a4:
54:6e:78:4e:69:ea:03:e4:04:be:90:91:37:d1:33:
3c:64:95:8f:b0:ff:67:4b:09:7d:a9:b3:69:87:d8:
16:6b:d7:56:6b:2e:da:49:9d:79:b8:e4:a0:e1:65:
5b:b0:12:90:65:e0:b6:d5:66:10:21:0d:1b:d4:96:
72:1f:8b:e5:c6:f5:be:f0:9a:6a:22:c3:fa:9d:58:
73:ee:2b:85:75:0d:ca:d1:47:de:a0:52:37:1f:6e:
97:79:eb:db:fe:37:c0:46:bd:15:bd:67:d1:22:48:
38:26:21:10:95:59:99:e3:0d:9e:af:80:3e:a9:a9:
a0:68:cc:90:7a:d2:36:54:11:ea:11:ee:15:ce:09:
aa:42:c7:76:d0:b3:6f:1b:c6:eb:26:d1:3e:a2:71:
03:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:95:A1:88:11:22:6E:7D:E2:6C:E3:D0:D9:82:0F:A6:89:B6:D0:7F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9638219E1E8411F0926CFDA4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.159.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:32:56:57:6b:77:12:e5:4a:bd:bc:cf:9d:b8:62:bd:24:ce:
31:c1:a7:6e:6a:8f:e9:4c:d1:64:79:34:12:24:b0:e5:b8:65:
ef:15:1e:27:23:a7:46:55:47:f4:04:2a:91:e9:27:88:8c:1f:
23:3e:e8:2e:a1:82:f1:ae:cf:03:9e:fd:e6:de:48:70:a4:26:
1e:21:cb:2b:7c:6f:13:75:d2:9d:31:9d:51:ab:eb:4a:c4:74:
50:39:a7:03:ce:13:08:fc:4f:50:d8:d0:0b:20:b3:e1:95:f7:
98:2d:f7:e1:11:85:64:9d:55:85:46:41:6a:d4:56:3e:d6:ff:
bb:d2:9e:ce:fe:41:3d:38:e8:2b:d3:88:97:1f:1b:ca:ae:4b:
93:da:36:c3:7b:98:f5:f3:b8:9c:2e:c0:9a:eb:56:f3:76:39:
f8:60:6f:27:4f:84:46:3c:10:e9:57:d2:f8:ce:42:7c:d7:8c:
fa:26:a1:6f:71:35:7f:2e:6c:6e:b9:b7:bc:22:97:b3:6c:0e:
77:af:63:21:10:33:a7:89:dd:7c:63:8c:24:37:f5:38:9f:0d:
1a:5b:47:1b:6b:31:56:be:fa:cd:25:8f:a5:64:c1:0d:e7:ff:
6f:b1:5e:76:ea:20:ba:89:3f:de:31:23:36:df:55:e9:66:de:
e9:dd:69:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXpKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIxMDc0NTIxWhcNMjUwNTI2MDc0NTIxWjAYMRYw
FAYDVQQDEw02ODA1Zjc5Ni1iMDVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtT0PeXEoJarJgmxVRSOiShTWfpn4J4Q5bQ4mhtcSPa+dUfonjPUHPXFV
tc0dORurP1uciXuJzxx8x0afjVxy+/key6rhlMtKfnyXXaVy8m1mGuOzsWfLmm0g
I+I5krd8yuyDcyhN7KRUbnhOaeoD5AS+kJE30TM8ZJWPsP9nSwl9qbNph9gWa9dW
ay7aSZ15uOSg4WVbsBKQZeC21WYQIQ0b1JZyH4vlxvW+8JpqIsP6nVhz7iuFdQ3K
0UfeoFI3H26Xeevb/jfARr0VvWfRIkg4JiEQlVmZ4w2er4A+qamgaMyQetI2VBHq
Ee4VzgmqQsd20LNvG8brJtE+onEDwQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEGV
oYgRIm594mzj0NmCD6aJttB/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NjM4MjE5RTFFODQxMUYwOTI2Q0ZEQTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOfMA0GCSqGSIb3DQEB
CwUAA4IBAQDUMlZXa3cS5Uq9vM+duGK9JM4xwaduao/pTNFkeTQSJLDluGXvFR4n
I6dGVUf0BCqR6SeIjB8jPuguoYLxrs8Dnv3m3khwpCYeIcsrfG8TddKdMZ1Rq+tK
xHRQOacDzhMI/E9Q2NALILPhlfeYLffhEYVknVWFRkFq1FY+1v+70p7O/kE9OOgr
04iXHxvKrkuT2jbDe5j187icLsCa61bzdjn4YG8nT4RGPBDpV9L4zkJ814z6JqFv
cTV/Lmxuube8IpezbA53r2MhEDOnid18Y4wkN/U4nw0aW0cbazFWvvrNJY+lZMEN
5/9vsV526iC6iT/eMSM231XpZt7p3Wl1
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:04:10 2025 by rpki-client on console.sobornost.net