Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4E285740CC111F0964A1CB6762E951A.roa
File: A4E285740CC111F0964A1CB6762E951A.roa (raw, json)
Hash identifier: 9+pT7q4R3j+VYpsHL5qJU0qonkscUGnH31G5yKiOYOo=
Subject key identifier: 7B:F9:06:7B:11:56:F7:CE:EF:B4:DB:1F:D6:99:E0:5F:FB:6A:96:0A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176CA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4E285740CC111F0964A1CB6762E951A.roa
Signing time: Sat 29 Mar 2025 17:17:08 +0000
ROA not before: Sat 29 Mar 2025 17:17:04 +0000
ROA not after: Mon 05 May 2025 17:17:04 +0000
asID: 398823
IP address blocks: 154.209.80.0/21 maxlen: 24
154.213.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95946 (0x176ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Mar 29 17:17:04 2025 GMT
Not After : May 5 17:17:04 2025 GMT
Subject: CN=67e82b14-c543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ca:5e:ef:2e:d9:8c:2e:8a:df:96:6e:39:2e:
16:e0:5c:b8:c7:ce:d8:34:82:17:29:90:bd:63:ab:
4b:a6:b4:1d:b6:88:b7:73:d0:74:b0:8e:44:ca:e4:
d0:4b:96:4e:9f:dc:a3:dc:10:c6:15:fc:5a:a2:99:
68:bf:07:46:10:f5:50:f0:da:38:df:3d:36:87:70:
56:7b:45:a4:d4:14:b1:9a:6e:0d:82:06:b6:47:2c:
eb:b7:76:ad:de:11:68:62:a0:51:f7:15:0c:23:05:
03:8e:53:47:36:99:b1:e4:44:63:d5:d4:b6:be:6f:
eb:b9:c7:07:e0:eb:5a:df:d2:f5:e1:f1:e5:86:69:
f1:23:46:6b:19:c1:e6:35:df:e1:d6:08:7a:cc:0c:
9e:98:11:71:0f:31:21:9b:0e:65:e1:01:3a:37:e4:
ff:7f:f4:a3:21:84:f3:aa:3a:c0:56:de:82:6e:d1:
ec:53:8e:39:a2:c7:c5:86:45:78:59:2c:13:79:f1:
36:83:6c:71:f0:54:40:08:76:af:5e:02:1b:58:b1:
f0:d4:01:19:ab:cf:53:64:a7:d6:0d:6a:1a:b6:8b:
a7:bf:45:73:ce:6b:6c:a3:bf:6d:cc:ec:29:a3:3d:
4c:84:d6:7d:9a:57:5d:2c:1b:36:45:cc:9f:84:96:
40:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F9:06:7B:11:56:F7:CE:EF:B4:DB:1F:D6:99:E0:5F:FB:6A:96:0A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A4E285740CC111F0964A1CB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.80.0/21
154.213.168.0/21
Signature Algorithm: sha256WithRSAEncryption
36:95:17:7d:4c:4b:76:fe:14:1e:f9:50:8d:11:bd:c4:62:54:
bd:75:99:ed:47:82:fe:9c:39:30:19:68:91:3a:72:7b:23:5d:
4e:42:99:71:bf:3b:28:d5:42:97:b4:6b:f0:97:fd:91:a3:86:
25:76:13:b1:6b:78:bc:d2:a7:6c:9e:b1:71:4a:78:35:b4:b2:
e7:ba:89:9e:06:7d:d8:fe:11:65:6a:c3:27:88:8a:fc:2c:88:
bb:c7:d2:10:22:e0:65:4b:3c:a8:62:8f:a3:f9:e6:73:b3:c8:
e3:e6:36:6f:15:39:22:be:b2:c3:51:37:e9:04:24:f5:d5:0a:
9a:84:13:08:c0:46:18:1d:50:47:d4:bf:6e:a6:86:b7:a1:f4:
e1:08:fe:4e:39:55:78:dc:73:1e:61:ff:6f:d5:21:5d:f2:5e:
3f:8e:6a:61:b1:ad:a2:06:30:31:a0:48:95:e1:5f:3e:a8:b2:
ae:61:98:7c:6c:1b:50:17:8c:9b:41:0b:8d:73:b1:76:92:77:
57:84:82:5b:d1:4a:69:cf:76:81:ae:2f:8f:46:4d:b5:62:fa:
b3:18:0e:39:41:13:57:32:0c:05:63:64:6a:14:5a:f2:46:68:
4f:1e:02:2f:d9:b6:d0:fd:8a:59:94:ca:6b:bf:63:be:33:a4:
e9:82:3d:8c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXbKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTcxNzA0WhcNMjUwNTA1MTcxNzA0WjAYMRYw
FAYDVQQDEw02N2U4MmIxNC1jNTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxcpe7y7ZjC6K35ZuOS4W4Fy4x87YNIIXKZC9Y6tLprQdtoi3c9B0sI5E
yuTQS5ZOn9yj3BDGFfxaoplovwdGEPVQ8No43z02h3BWe0Wk1BSxmm4Ngga2Ryzr
t3at3hFoYqBR9xUMIwUDjlNHNpmx5ERj1dS2vm/ruccH4Ota39L14fHlhmnxI0Zr
GcHmNd/h1gh6zAyemBFxDzEhmw5l4QE6N+T/f/SjIYTzqjrAVt6CbtHsU445osfF
hkV4WSwTefE2g2xx8FRACHavXgIbWLHw1AEZq89TZKfWDWoatounv0Vzzmtso79t
zOwpoz1MhNZ9mlddLBs2RcyfhJZATQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFHv5
BnsRVvfO77TbH9aZ4F/7apYKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNEUyODU3NDBDQzExMUYwOTY0QTFDQjY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDmtFQAwQDmtWoMA0GCSqG
SIb3DQEBCwUAA4IBAQA2lRd9TEt2/hQe+VCNEb3EYlS9dZntR4L+nDkwGWiROnJ7
I11OQplxvzso1UKXtGvwl/2Ro4YldhOxa3i80qdsnrFxSng1tLLnuomeBn3Y/hFl
asMniIr8LIi7x9IQIuBlSzyoYo+j+eZzs8jj5jZvFTkivrLDUTfpBCT11QqahBMI
wEYYHVBH1L9upoa3ofThCP5OOVV43HMeYf9v1SFd8l4/jmphsa2iBjAxoEiV4V8+
qLKuYZh8bBtQF4ybQQuNc7F2kndXhIJb0Uppz3aBri+PRk21YvqzGA45QRNXMgwF
Y2RqFFryRmhPHgIv2bbQ/YpZlMprv2O+M6Tpgj2M
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:18:23 2025 by rpki-client on console.sobornost.net