Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B718A03211FA11F087A4E56A762E951A.roa
File: B718A03211FA11F087A4E56A762E951A.roa (raw, json)
Hash identifier: zFVrTXb795yVH7/Kxc2A2/eBBVr4yFUtWvqRdK+cjAY=
Subject key identifier: 05:09:45:8D:E1:8B:56:D8:6D:93:6E:76:EC:83:2C:03:B9:16:7B:EF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0177DC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B718A03211FA11F087A4E56A762E951A.roa
Signing time: Sat 05 Apr 2025 08:48:16 +0000
ROA not before: Sat 05 Apr 2025 08:48:11 +0000
ROA not after: Sat 10 May 2025 08:48:11 +0000
asID: 203020
IP address blocks: 154.217.64.0/24 maxlen: 24
154.217.65.0/24 maxlen: 24
154.217.66.0/24 maxlen: 24
154.217.67.0/24 maxlen: 24
154.217.68.0/24 maxlen: 24
154.217.69.0/24 maxlen: 24
154.217.70.0/24 maxlen: 24
154.217.71.0/24 maxlen: 24
154.217.72.0/24 maxlen: 24
154.217.73.0/24 maxlen: 24
154.217.74.0/24 maxlen: 24
154.217.75.0/24 maxlen: 24
154.217.76.0/24 maxlen: 24
154.217.77.0/24 maxlen: 24
154.217.78.0/24 maxlen: 24
154.217.80.0/24 maxlen: 24
154.217.81.0/24 maxlen: 24
154.217.82.0/24 maxlen: 24
154.217.83.0/24 maxlen: 24
154.217.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96220 (0x177dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 5 08:48:11 2025 GMT
Not After : May 10 08:48:11 2025 GMT
Subject: CN=67f0ee50-3acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3e:b0:3f:ed:3f:df:d6:4d:74:85:00:f6:a8:
03:95:09:98:62:da:33:ed:17:6b:53:c1:98:6b:9b:
68:be:47:d8:dc:8b:94:24:19:8c:0d:2c:1b:af:fc:
8d:86:97:4a:c3:df:88:7b:5c:ff:6f:ae:c9:a8:79:
87:85:90:5a:e2:cd:ef:d8:50:9e:de:2d:24:4e:d0:
6c:19:b6:9c:9c:f1:f7:33:40:89:5c:03:48:88:96:
7a:41:9d:d6:ff:b3:bd:3a:a5:0e:9e:bd:3a:d9:2a:
5e:9c:99:a4:db:cf:1d:4d:7d:3a:cc:4b:6f:22:7c:
df:41:29:f7:f8:f9:58:7d:a4:32:3a:46:45:0e:50:
85:d0:f7:5a:12:80:88:56:3a:ce:c1:e7:94:25:d6:
62:8d:cf:3b:15:dc:c8:9b:be:94:ef:33:0d:5a:66:
cb:24:92:70:ce:9a:33:da:f0:0b:1d:4c:b3:03:31:
d6:27:d0:01:8e:3c:1b:36:38:82:88:41:64:77:2b:
20:f8:d7:1f:4c:2a:da:ce:30:ae:80:b9:1c:eb:bd:
bc:10:4b:48:4b:b9:7f:79:33:a6:9d:f9:62:1c:59:
21:f9:c8:cc:74:da:c7:f9:a9:91:73:2e:77:d4:f4:
c0:4e:18:c7:4f:7d:b9:db:a9:54:92:3d:5b:1d:61:
97:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:09:45:8D:E1:8B:56:D8:6D:93:6E:76:EC:83:2C:03:B9:16:7B:EF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B718A03211FA11F087A4E56A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.64.0-154.217.78.255
154.217.80.0/22
154.217.85.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:c1:4a:5d:45:a1:c8:3d:58:96:53:e9:7c:df:11:38:ab:59:
04:bd:80:04:1b:99:45:28:84:ab:dc:78:01:51:7a:f5:3d:c3:
f7:e3:6c:7c:01:13:39:1a:6f:72:43:58:13:d5:46:a9:9d:2d:
d6:3a:70:a1:ed:85:79:19:a4:33:5e:5e:22:e1:e6:ce:84:30:
a0:bf:a6:10:81:3f:d9:c4:0e:f8:71:65:97:b5:da:bf:6a:12:
9d:3f:f0:b3:39:9d:cb:03:6b:34:f0:9b:45:3a:d7:2d:88:c4:
ed:24:80:10:08:6c:63:7c:51:54:6e:1d:b2:8e:c5:c7:53:2a:
1d:ca:17:5b:70:03:f5:bd:61:21:9c:79:0f:fd:be:4c:dd:09:
62:06:0e:99:81:fe:28:e9:32:77:e5:95:11:1a:fc:5d:5d:ce:
77:29:c2:66:43:d9:c6:a6:cf:38:d4:54:06:a3:02:d4:ee:00:
f2:f4:bb:e5:bc:c3:75:91:71:b5:e0:68:0b:9c:5e:c7:42:89:
03:84:33:ec:4b:de:c7:89:c4:9d:aa:e4:86:21:72:6a:ea:ea:
f4:0f:03:db:ce:d4:6f:0e:4c:f0:47:15:7f:e0:c0:51:22:09:
55:86:94:a5:9b:ac:e2:b7:55:63:88:9c:e8:2a:77:32:6a:4a:
bf:70:1a:41
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAXfcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA1MDg0ODExWhcNMjUwNTEwMDg0ODExWjAYMRYw
FAYDVQQDEw02N2YwZWU1MC0zYWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvj6wP+0/39ZNdIUA9qgDlQmYYtoz7RdrU8GYa5tovkfY3IuUJBmMDSwb
r/yNhpdKw9+Ie1z/b67JqHmHhZBa4s3v2FCe3i0kTtBsGbacnPH3M0CJXANIiJZ6
QZ3W/7O9OqUOnr062SpenJmk288dTX06zEtvInzfQSn3+PlYfaQyOkZFDlCF0Pda
EoCIVjrOweeUJdZijc87FdzIm76U7zMNWmbLJJJwzpoz2vALHUyzAzHWJ9ABjjwb
NjiCiEFkdysg+NcfTCrazjCugLkc6728EEtIS7l/eTOmnfliHFkh+cjMdNrH+amR
cy531PTAThjHT32526lUkj1bHWGXxQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFAUJ
RY3hi1bYbZNuduyDLAO5FnvvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNzE4QTAzMjExRkExMUYwODdBNEU1NkE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAaa2UADBACa2U4DBAKa
2VADBACa2VUwDQYJKoZIhvcNAQELBQADggEBANfBSl1Focg9WJZT6XzfETirWQS9
gAQbmUUohKvceAFRevU9w/fjbHwBEzkab3JDWBPVRqmdLdY6cKHthXkZpDNeXiLh
5s6EMKC/phCBP9nEDvhxZZe12r9qEp0/8LM5ncsDazTwm0U61y2IxO0kgBAIbGN8
UVRuHbKOxcdTKh3KF1twA/W9YSGceQ/9vkzdCWIGDpmB/ijpMnfllREa/F1dzncp
wmZD2camzzjUVAajAtTuAPL0u+W8w3WRcbXgaAucXsdCiQOEM+xL3seJxJ2q5IYh
cmrq6vQPA9vO1G8OTPBHFX/gwFEiCVWGlKWbrOK3VWOInOgqdzJqSr9wGkE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:48:05 2025 by rpki-client on console.sobornost.net