Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5769A0E1C6411F0BE0A37E7DAE4EC9C.roa
File: A5769A0E1C6411F0BE0A37E7DAE4EC9C.roa (raw, json)
Hash identifier: 7bATvKLzl9J7Rpf7Ay3qA0dFhf5RAhzNZPJobYokFI4=
Subject key identifier: 2D:B2:18:E1:4B:0C:05:38:08:B8:D5:9C:08:AB:FF:B9:5B:0D:DB:D8
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0179BC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5769A0E1C6411F0BE0A37E7DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 14:51:45 +0000
ROA not before: Fri 18 Apr 2025 14:51:41 +0000
ROA not after: Sat 24 May 2025 14:51:41 +0000
asID: 395886
IP address blocks: 154.202.117.0/24 maxlen: 24
154.202.120.0/21 maxlen: 24
154.217.234.0/23 maxlen: 24
154.217.236.0/22 maxlen: 24
154.217.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 13:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96700 (0x179bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 14:51:41 2025 GMT
Not After : May 24 14:51:41 2025 GMT
Subject: CN=68026701-2f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b2:69:2a:40:49:f9:49:2e:89:e4:75:bc:b1:
a0:77:42:2e:4b:f2:a7:c7:45:a4:38:5b:45:c3:ff:
eb:02:17:4d:49:cb:2d:c3:81:e0:76:c1:9c:3b:18:
42:b9:f4:6f:8d:80:5f:90:a0:cd:14:0f:49:cb:55:
12:ef:84:fb:08:1f:5c:e5:2e:42:95:c8:f9:9e:72:
a1:39:e3:65:1d:d8:43:0a:f6:ae:c4:d3:db:a9:02:
e0:a0:1b:f0:d0:77:c6:38:19:63:0d:0b:9c:70:9e:
b9:7a:81:b1:4e:4f:70:c8:f9:e9:7d:21:20:18:14:
7d:db:8d:65:6f:6a:5f:fa:e0:4f:f9:ed:55:61:e5:
a9:b7:41:f2:cc:50:39:7f:37:65:0c:d2:a9:c5:1c:
14:a5:18:fa:fc:26:fe:e6:ce:6f:66:f0:78:de:d7:
cc:bc:30:c3:33:0b:07:db:4f:53:0b:d6:39:f2:33:
e9:96:da:1d:65:75:ac:1b:c4:72:fd:52:e0:14:25:
4b:b6:b9:02:10:18:bc:b0:36:86:27:8d:d2:df:15:
30:38:d3:be:20:a1:59:0c:27:14:9b:a6:40:27:d7:
e5:0f:9c:1d:e5:9b:60:52:9e:c7:8b:36:88:e0:84:
12:94:ef:ca:2b:d9:a4:a5:09:d7:a0:05:6d:ff:9b:
89:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B2:18:E1:4B:0C:05:38:08:B8:D5:9C:08:AB:FF:B9:5B:0D:DB:D8
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A5769A0E1C6411F0BE0A37E7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
154.202.120.0/21
154.217.234.0-154.217.255.255
Signature Algorithm: sha256WithRSAEncryption
d1:a7:eb:7a:b6:93:d6:6b:f7:87:b7:0f:19:dd:a3:af:34:6c:
13:9d:57:ce:9f:f9:84:c7:31:48:04:64:a6:91:42:69:6a:42:
11:b4:e8:4e:92:c9:71:c4:3f:18:ec:0c:72:c5:ba:90:dd:13:
07:71:9d:30:3a:cb:82:16:d5:2d:db:85:ee:a6:dc:58:20:ba:
59:6d:4a:95:d7:5a:ec:e8:d1:83:a4:0b:b8:40:65:62:f0:24:
49:d1:94:ac:36:a4:a3:4f:53:e2:8b:38:7a:4d:7e:7b:ba:c2:
89:f1:73:d6:95:c2:70:5d:50:34:38:5b:a4:74:85:dd:e4:1a:
14:06:12:0d:8d:82:d9:b2:d4:5e:b3:4d:21:4a:24:e4:a2:18:
ca:b3:2d:d6:ce:9a:d5:8d:db:09:72:5b:5a:72:18:9c:a6:fb:
cc:ef:fe:63:04:37:cb:1b:8f:7f:8a:48:af:09:47:cb:9c:e1:
9d:fc:7c:42:4c:fd:67:32:e6:e8:d7:99:0f:3a:19:a6:18:21:
b3:b2:35:d7:43:18:92:c3:43:ae:db:73:16:9d:99:ba:79:99:
ea:31:79:c7:53:b0:c5:33:8a:b2:4f:96:78:e9:1d:4e:55:d2:
d4:05:61:6b:4c:36:16:2d:63:69:dc:e2:07:05:e2:17:45:c5:
da:98:90:16
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAXm8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE4MTQ1MTQxWhcNMjUwNTI0MTQ1MTQxWjAYMRYw
FAYDVQQDEw02ODAyNjcwMS0yZjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr7JpKkBJ+UkuieR1vLGgd0IuS/Knx0WkOFtFw//rAhdNScstw4HgdsGc
OxhCufRvjYBfkKDNFA9Jy1US74T7CB9c5S5Clcj5nnKhOeNlHdhDCvauxNPbqQLg
oBvw0HfGOBljDQuccJ65eoGxTk9wyPnpfSEgGBR9241lb2pf+uBP+e1VYeWpt0Hy
zFA5fzdlDNKpxRwUpRj6/Cb+5s5vZvB43tfMvDDDMwsH209TC9Y58jPpltodZXWs
G8Ry/VLgFCVLtrkCEBi8sDaGJ43S3xUwONO+IKFZDCcUm6ZAJ9flD5wd5ZtgUp7H
izaI4IQSlO/KK9mkpQnXoAVt/5uJEQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFC2y
GOFLDAU4CLjVnAir/7lbDdvYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BNTc2OUEwRTFDNjQxMUYwQkUwQTM3RTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQAmsp1AwQDmsp4MAsDBAGa
2eoDAwGa2DANBgkqhkiG9w0BAQsFAAOCAQEA0afreraT1mv3h7cPGd2jrzRsE51X
zp/5hMcxSARkppFCaWpCEbToTpLJccQ/GOwMcsW6kN0TB3GdMDrLghbVLduF7qbc
WCC6WW1Kldda7OjRg6QLuEBlYvAkSdGUrDako09T4os4ek1+e7rCifFz1pXCcF1Q
NDhbpHSF3eQaFAYSDY2C2bLUXrNNIUok5KIYyrMt1s6a1Y3bCXJbWnIYnKb7zO/+
YwQ3yxuPf4pIrwlHy5zhnfx8Qkz9ZzLm6NeZDzoZphghs7I110MYksNDrttzFp2Z
unmZ6jF5x1OwxTOKsk+WeOkdTlXS1AVha0w2Fi1jadziBwXiF0XF2piQFg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:10:01 2025 by rpki-client on console.sobornost.net