Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CB696A81E2111F0B73B5983DAE4EC9C.roa
File: 9CB696A81E2111F0B73B5983DAE4EC9C.roa (raw, json)
Hash identifier: gGQgzXWphEL6o/P8v50cUjs5SBnqTkq8IYsyq7+yzzY=
Subject key identifier: 60:65:DB:88:04:D4:65:BF:BD:EE:5A:18:A7:80:DC:38:81:7A:C0:1F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017A3E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CB696A81E2111F0B73B5983DAE4EC9C.roa
Signing time: Sun 20 Apr 2025 19:56:56 +0000
ROA not before: Sun 20 Apr 2025 19:56:52 +0000
ROA not after: Sun 27 Apr 2025 19:56:52 +0000
asID: 39600
IP address blocks: 154.91.128.0/21 maxlen: 24
154.95.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:06:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96830 (0x17a3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 20 19:56:52 2025 GMT
Not After : Apr 27 19:56:52 2025 GMT
Subject: CN=68055188-2f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a4:15:11:f2:73:9a:a0:d3:18:80:84:83:82:
98:fe:ce:a0:6d:8c:27:59:22:6b:ba:95:9d:02:06:
62:67:c7:64:ed:5b:9f:2f:96:b1:f5:3f:f5:d1:66:
33:db:16:d6:d0:cf:bf:8c:6b:8e:3b:f4:eb:35:b9:
81:ef:32:8c:79:c7:57:0e:45:10:12:54:37:d1:b6:
f9:b5:ba:33:a5:d5:a1:6f:c6:a8:31:da:d7:98:7b:
a0:43:7f:b4:09:40:7f:14:c0:94:e5:e6:fc:e0:e2:
30:f2:2c:c3:16:07:2a:1b:fb:d2:89:28:71:be:8c:
f0:ec:3f:0b:68:87:64:46:80:c7:0e:61:79:24:cd:
52:48:8d:48:24:06:c9:ad:8d:aa:bf:be:0d:f6:b4:
fa:8c:1e:db:68:95:14:83:a2:94:5f:26:db:75:87:
1d:8c:18:fa:c7:74:ea:ed:1b:67:65:ed:fb:03:2a:
7f:2b:a9:94:ca:2b:5b:b4:fe:bd:a1:90:f4:d1:c2:
42:42:1b:6c:38:95:65:f6:17:36:2b:ca:8f:82:bf:
f6:bc:0e:f2:6f:b3:af:eb:8d:5d:b1:37:ad:3a:4b:
26:b1:fa:13:a4:eb:20:f1:a0:fa:b3:73:db:6f:d6:
c6:ea:65:b3:e0:14:bc:31:06:26:df:36:b3:49:60:
c2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:65:DB:88:04:D4:65:BF:BD:EE:5A:18:A7:80:DC:38:81:7A:C0:1F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CB696A81E2111F0B73B5983DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.128.0/21
154.95.40.0/21
Signature Algorithm: sha256WithRSAEncryption
69:58:f2:46:92:dc:3c:f0:84:bf:a2:74:64:1c:15:5c:d0:1d:
62:bd:55:8b:da:d3:92:ba:3f:10:7b:92:5a:69:8f:37:44:37:
87:03:ca:08:ef:93:d6:df:de:2d:61:e3:f4:58:df:77:4a:78:
b1:d9:f8:05:af:37:f6:52:30:8f:4a:8b:30:bd:f9:32:df:9f:
25:7b:b9:85:0e:41:46:b8:98:eb:ea:f8:cd:c7:18:89:5a:b8:
5a:f8:3f:56:f3:51:d8:4f:ed:0a:39:16:7b:79:b2:9b:ec:bb:
e9:5b:06:32:23:c4:65:d0:96:a5:e4:1a:ac:af:23:13:36:64:
ff:c7:21:3c:06:b2:76:9f:52:ca:6f:c9:c4:d6:47:68:34:be:
13:b1:aa:12:5b:1b:17:3f:f5:f1:35:31:67:f5:e3:f0:76:27:
8f:c3:df:ea:38:35:3d:59:06:ac:6c:e4:57:a5:8b:a7:e4:30:
d4:70:ab:11:2a:7a:4a:ab:e1:ff:69:8a:7f:09:87:41:10:5c:
cb:5a:73:bd:b0:a1:5d:76:97:55:b4:74:18:a8:34:b1:40:3e:
a1:7c:68:95:97:6f:fc:8c:3b:2b:91:27:11:01:69:ad:10:de:
f8:ad:e8:cd:5b:51:26:8f:be:7f:35:01:e1:f5:6e:5c:2a:39:
cd:72:18:5e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXo+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIwMTk1NjUyWhcNMjUwNDI3MTk1NjUyWjAYMRYw
FAYDVQQDEw02ODA1NTE4OC0yZjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs6QVEfJzmqDTGICEg4KY/s6gbYwnWSJrupWdAgZiZ8dk7VufL5ax9T/1
0WYz2xbW0M+/jGuOO/TrNbmB7zKMecdXDkUQElQ30bb5tbozpdWhb8aoMdrXmHug
Q3+0CUB/FMCU5eb84OIw8izDFgcqG/vSiShxvozw7D8LaIdkRoDHDmF5JM1SSI1I
JAbJrY2qv74N9rT6jB7baJUUg6KUXybbdYcdjBj6x3Tq7RtnZe37Ayp/K6mUyitb
tP69oZD00cJCQhtsOJVl9hc2K8qPgr/2vA7yb7Ov641dsTetOksmsfoTpOsg8aD6
s3Pbb9bG6mWz4BS8MQYm3zazSWDC8wIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGBl
24gE1GW/ve5aGKeA3DiBesAfMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Q0I2OTZBODFFMjExMUYwQjczQjU5ODNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDmluAAwQDml8oMA0GCSqG
SIb3DQEBCwUAA4IBAQBpWPJGktw88IS/onRkHBVc0B1ivVWL2tOSuj8Qe5JaaY83
RDeHA8oI75PW394tYeP0WN93Snix2fgFrzf2UjCPSoswvfky358le7mFDkFGuJjr
6vjNxxiJWrha+D9W81HYT+0KORZ7ebKb7LvpWwYyI8Rl0Jal5BqsryMTNmT/xyE8
BrJ2n1LKb8nE1kdoNL4TsaoSWxsXP/XxNTFn9ePwdiePw9/qODU9WQasbORXpYun
5DDUcKsRKnpKq+H/aYp/CYdBEFzLWnO9sKFddpdVtHQYqDSxQD6hfGiVl2/8jDsr
kScRAWmtEN74rejNW1Emj75/NQHh9W5cKjnNchhe
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:40:08 2025 by rpki-client on console.sobornost.net