Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97DA60681C7011F086C86EB5DAE4EC9C.roa
File: 97DA60681C7011F086C86EB5DAE4EC9C.roa (raw, json)
Hash identifier: f9ckvwg+EhuGk5X2aZEogx5aTADpB9R5U9u10cY1xdI=
Subject key identifier: 1E:F0:24:FF:4B:F2:51:6A:B9:36:8A:25:7B:02:CE:75:AB:C1:E6:74
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0179CA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97DA60681C7011F086C86EB5DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 16:17:17 +0000
ROA not before: Fri 18 Apr 2025 16:17:12 +0000
ROA not after: Thu 15 May 2025 16:17:12 +0000
asID: 57043
IP address blocks: 154.83.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96714 (0x179ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 16:17:12 2025 GMT
Not After : May 15 16:17:12 2025 GMT
Subject: CN=68027b0d-c3db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:89:37:a0:47:5d:85:f6:c3:15:a5:45:67:af:
32:23:7e:19:e4:3d:d7:79:20:31:67:5d:a4:a2:ec:
65:12:ea:ef:fe:90:e8:3c:bb:74:f3:2f:7c:a9:5e:
35:70:b8:1a:3c:ab:16:8e:4e:ff:31:86:45:a2:c2:
4b:97:f7:31:02:8b:29:01:e3:90:99:a6:55:e3:f9:
70:da:80:fe:49:47:22:37:14:da:0a:0b:f6:92:f9:
1c:5b:19:b9:f5:3f:48:4b:5a:5a:bc:f5:83:48:06:
02:55:57:10:d5:41:de:1c:43:50:e3:6f:d5:03:96:
ff:1b:12:01:25:44:ef:ba:de:74:db:1b:c5:07:b0:
56:e5:82:67:26:a0:37:82:7f:16:79:73:e3:eb:c6:
44:ad:40:e4:65:43:bb:7f:6b:ae:d0:e8:e3:69:7c:
7a:f7:11:72:35:44:54:81:d6:fb:71:10:c7:92:dd:
70:b3:2b:70:1c:c3:0e:96:df:89:75:5b:5f:05:cd:
94:99:84:1d:4e:ef:96:1e:c6:d6:90:b9:f4:35:6d:
77:3d:d9:62:e8:ef:e4:5a:b8:38:9c:c6:cc:6c:1d:
34:97:54:2e:ce:f5:77:51:9f:5c:87:e5:84:05:d0:
6a:9c:85:3c:c7:44:8c:2d:30:af:6f:bb:91:92:50:
d0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F0:24:FF:4B:F2:51:6A:B9:36:8A:25:7B:02:CE:75:AB:C1:E6:74
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/97DA60681C7011F086C86EB5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.83.136.0/24
Signature Algorithm: sha256WithRSAEncryption
55:f7:65:8f:7c:d8:49:40:79:5e:58:21:56:c8:cf:42:01:37:
b7:7c:69:5c:e4:74:69:01:ce:f1:73:6b:50:4b:3f:e1:c3:bb:
9c:47:51:00:4c:62:dc:2d:75:a7:d5:9a:17:be:e1:21:9f:91:
eb:ea:5f:92:96:c7:b1:23:5c:5e:84:07:ae:0d:a6:e9:e1:b0:
3b:6c:10:f9:c0:af:f3:eb:e1:44:88:b2:09:50:5d:b9:29:41:
4f:c5:ea:c0:52:9d:40:91:48:1d:39:47:0d:23:6d:37:73:c2:
e7:9f:f7:7b:31:32:fe:e7:cb:f3:cf:9d:b3:53:99:56:05:38:
d5:ad:92:80:65:69:11:26:82:c4:d5:9e:64:e3:7b:d4:ba:a0:
38:15:31:cf:ad:ea:30:37:0f:55:6b:07:4d:a0:22:0b:5c:c0:
68:fe:31:fa:79:42:86:4e:dc:02:31:26:b0:a3:59:62:db:d3:
ac:e8:4b:3a:76:b6:6b:bc:be:5a:63:9e:13:87:93:9c:6c:d5:
48:35:9f:e8:58:ad:15:45:60:f5:86:ea:01:40:03:ea:a5:e9:
33:c7:49:2d:de:91:23:bf:41:ad:31:81:8a:6a:a6:7a:59:c2:
18:b0:b5:b5:9f:7a:4b:fd:6e:c9:12:9d:22:22:db:15:de:04:
4c:2e:2a:fe
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXnKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE4MTYxNzEyWhcNMjUwNTE1MTYxNzEyWjAYMRYw
FAYDVQQDEw02ODAyN2IwZC1jM2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzok3oEddhfbDFaVFZ68yI34Z5D3XeSAxZ12kouxlEurv/pDoPLt08y98
qV41cLgaPKsWjk7/MYZFosJLl/cxAospAeOQmaZV4/lw2oD+SUciNxTaCgv2kvkc
Wxm59T9IS1pavPWDSAYCVVcQ1UHeHENQ42/VA5b/GxIBJUTvut502xvFB7BW5YJn
JqA3gn8WeXPj68ZErUDkZUO7f2uu0OjjaXx69xFyNURUgdb7cRDHkt1wsytwHMMO
lt+JdVtfBc2UmYQdTu+WHsbWkLn0NW13Pdli6O/kWrg4nMbMbB00l1QuzvV3UZ9c
h+WEBdBqnIU8x0SMLTCvb7uRklDQIwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB7w
JP9L8lFquTaKJXsCznWrweZ0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85N0RBNjA2ODFDNzAxMUYwODZDODZFQjVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlOIMA0GCSqGSIb3DQEB
CwUAA4IBAQBV92WPfNhJQHleWCFWyM9CATe3fGlc5HRpAc7xc2tQSz/hw7ucR1EA
TGLcLXWn1ZoXvuEhn5Hr6l+SlsexI1xehAeuDabp4bA7bBD5wK/z6+FEiLIJUF25
KUFPxerAUp1AkUgdOUcNI203c8Lnn/d7MTL+58vzz52zU5lWBTjVrZKAZWkRJoLE
1Z5k43vUuqA4FTHPreowNw9VawdNoCILXMBo/jH6eUKGTtwCMSawo1li29Os6Es6
drZrvL5aY54Th5OcbNVINZ/oWK0VRWD1huoBQAPqpekzx0kt3pEjv0GtMYGKaqZ6
WcIYsLW1n3pL/W7JEp0iItsV3gRMLir+
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:04:11 2025 by rpki-client on console.sobornost.net