Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF53B6DA15EA11F0842F76C76DB8BCC6.roa
File: BF53B6DA15EA11F0842F76C76DB8BCC6.roa (raw, json)
Hash identifier: ch2HLiUQHQ62F8ODJbgW3N9yvVqxxhdt/gKT0YEAZAQ=
Subject key identifier: BA:A7:CD:1A:0A:F4:CD:10:52:83:07:C2:05:55:45:AF:F3:95:3C:74
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0178B5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF53B6DA15EA11F0842F76C76DB8BCC6.roa
Signing time: Thu 10 Apr 2025 09:04:02 +0000
ROA not before: Thu 10 Apr 2025 09:03:59 +0000
ROA not after: Fri 16 May 2025 09:03:59 +0000
asID: 398823
IP address blocks: 154.212.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96437 (0x178b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 09:03:59 2025 GMT
Not After : May 16 09:03:59 2025 GMT
Subject: CN=67f78982-6d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:35:17:99:0c:b4:84:ad:e8:3f:dd:99:14:7b:
2e:c6:b5:f3:48:1e:5d:76:b2:4b:05:a8:f7:df:74:
ac:24:e7:14:56:18:1a:de:c8:8b:c2:db:71:0d:0b:
c1:c7:58:44:38:6c:a9:f5:0d:cc:b8:e5:08:a0:fd:
c6:be:a5:cf:68:78:4a:ec:e3:9f:d0:ce:b7:39:c9:
61:35:41:5a:64:7d:a0:d8:f4:2c:6b:c2:a0:47:d7:
85:cf:64:77:6a:93:f7:29:f5:0a:4e:03:fb:c7:2a:
55:81:99:59:6f:b4:0d:57:f9:e3:3c:dc:a7:69:e5:
e5:32:f3:c2:f7:ee:8c:48:86:4b:05:9f:55:0b:fa:
3f:f7:a8:90:6f:4b:9d:ab:02:76:1b:93:6b:ec:93:
bd:70:5c:db:bd:7e:a9:90:ee:d1:b2:d9:17:87:47:
49:dc:fa:8a:c3:92:5e:84:d6:49:c7:99:e5:03:a7:
a5:61:e1:15:7e:50:25:9a:fe:90:e8:f5:ee:a3:28:
ac:83:44:39:7e:42:ea:bd:cf:aa:63:ab:05:e6:97:
36:1b:ef:c0:4c:8f:c8:37:32:9f:64:8b:fd:94:f4:
13:da:72:69:4c:91:b4:a3:dd:23:20:96:9a:2a:14:
e7:0b:e8:8f:88:49:bc:9e:42:02:1f:3a:2f:59:e9:
af:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A7:CD:1A:0A:F4:CD:10:52:83:07:C2:05:55:45:AF:F3:95:3C:74
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BF53B6DA15EA11F0842F76C76DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.212.32.0/19
Signature Algorithm: sha256WithRSAEncryption
d4:15:6c:56:c2:04:55:91:ed:ef:c3:d4:2f:7b:55:bd:a2:95:
00:a7:9d:d7:a4:a6:d1:bd:08:e9:b8:39:fb:06:7f:8b:89:55:
a9:fe:dd:bb:aa:81:98:6a:4f:c3:d4:bb:af:cf:de:01:a0:54:
b8:26:dc:61:18:9a:53:97:09:bc:2a:d5:77:9b:d7:16:27:bf:
f1:f9:cc:18:95:fe:88:8c:23:13:84:c5:4d:c7:99:ad:65:69:
80:f0:05:4d:ae:d0:d6:05:d3:ad:18:ff:d1:d0:0d:ba:58:81:
e1:ae:96:f0:81:f2:d4:f1:94:05:0e:88:45:2b:63:2d:4c:e0:
50:ec:88:28:d5:6c:5f:a6:de:5a:f9:c5:4f:fb:cd:4a:bc:45:
06:f7:40:1e:5c:57:64:94:b2:fc:c6:0f:fc:29:46:53:30:19:
b9:b0:07:7f:12:8e:1a:8b:bb:94:ce:5b:72:89:56:ab:1f:b2:
19:d1:59:6e:d8:64:92:a5:ad:4f:70:40:00:6f:e6:e2:6f:46:
ef:c2:72:ac:17:c8:a1:c1:f6:2a:a5:96:df:ee:a7:df:f5:0b:
5c:9e:e4:a1:55:ef:67:1d:4a:54:30:3f:71:28:35:9a:ae:3d:
db:48:1b:1b:a2:cd:d8:70:20:64:9c:0e:cd:70:b9:21:16:9a:
5b:01:f1:ce
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXi1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDEwMDkwMzU5WhcNMjUwNTE2MDkwMzU5WjAYMRYw
FAYDVQQDEw02N2Y3ODk4Mi02ZDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnzUXmQy0hK3oP92ZFHsuxrXzSB5ddrJLBaj333SsJOcUVhga3siLwttx
DQvBx1hEOGyp9Q3MuOUIoP3GvqXPaHhK7OOf0M63OclhNUFaZH2g2PQsa8KgR9eF
z2R3apP3KfUKTgP7xypVgZlZb7QNV/njPNynaeXlMvPC9+6MSIZLBZ9VC/o/96iQ
b0udqwJ2G5Nr7JO9cFzbvX6pkO7RstkXh0dJ3PqKw5JehNZJx5nlA6elYeEVflAl
mv6Q6PXuoyisg0Q5fkLqvc+qY6sF5pc2G+/ATI/INzKfZIv9lPQT2nJpTJG0o90j
IJaaKhTnC+iPiEm8nkICHzovWemviwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLqn
zRoK9M0QUoMHwgVVRa/zlTx0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRjUzQjZEQTE1RUExMUYwODQyRjc2Qzc2REI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtQgMA0GCSqGSIb3DQEB
CwUAA4IBAQDUFWxWwgRVke3vw9Qve1W9opUAp53XpKbRvQjpuDn7Bn+LiVWp/t27
qoGYak/D1Luvz94BoFS4JtxhGJpTlwm8KtV3m9cWJ7/x+cwYlf6IjCMThMVNx5mt
ZWmA8AVNrtDWBdOtGP/R0A26WIHhrpbwgfLU8ZQFDohFK2MtTOBQ7Igo1Wxfpt5a
+cVP+81KvEUG90AeXFdklLL8xg/8KUZTMBm5sAd/Eo4ai7uUzltyiVarH7IZ0Vlu
2GSSpa1PcEAAb+bib0bvwnKsF8ihwfYqpZbf7qff9QtcnuShVe9nHUpUMD9xKDWa
rj3bSBsbos3YcCBknA7NcLkhFppbAfHO
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:18:42 2025 by rpki-client on console.sobornost.net