Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2A41EAE21AE11F0B75A8BCDDAE4EC9C.roa
File: C2A41EAE21AE11F0B75A8BCDDAE4EC9C.roa (raw, json)
Hash identifier: WRejNoAmy6NpwTUWdDxzqEO1teropYmltDZt090t/3w=
Subject key identifier: 2C:C0:59:FB:EA:BB:B0:81:9D:44:C5:96:7C:F6:EC:A4:04:9D:8E:9C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AF5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2A41EAE21AE11F0B75A8BCDDAE4EC9C.roa
Signing time: Fri 25 Apr 2025 08:24:53 +0000
ROA not before: Fri 25 Apr 2025 08:24:47 +0000
ROA not after: Mon 25 May 2026 08:24:47 +0000
asID: 984
IP address blocks: 154.213.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97013 (0x17af5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 08:24:47 2025 GMT
Not After : May 25 08:24:47 2026 GMT
Subject: CN=680b46d4-a546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1e:d0:e0:36:fd:12:50:54:85:cc:af:47:e8:
0c:aa:0f:b1:2f:d8:e4:0e:a5:75:51:c6:36:e6:7d:
2d:4c:77:93:cf:d4:e6:c8:76:cb:eb:f0:82:42:ba:
c0:aa:5e:2a:b7:9c:c3:c9:49:73:f4:a2:81:82:f2:
fe:0f:72:65:1e:a7:5c:b3:37:c5:9a:8d:7a:5e:b4:
29:82:c2:4d:40:59:09:8c:6c:29:9a:30:cd:bf:e2:
aa:90:cb:d2:7d:1c:77:46:76:52:60:9d:b5:c7:58:
1e:27:61:21:a1:2a:9b:a6:43:26:f9:16:a1:95:0f:
27:14:67:95:27:44:ad:b8:87:96:0a:86:a6:d4:44:
0e:66:fb:dd:08:17:7e:c6:2f:36:43:fc:4e:d0:b0:
88:fa:d9:da:c8:b3:c8:c2:19:58:b1:61:f6:c3:23:
e8:d2:38:bd:9f:a8:e4:6a:6a:63:18:b0:33:f4:dd:
08:3f:5a:ae:91:4e:52:c0:d9:77:05:99:2d:32:be:
de:26:4e:73:d7:cc:18:08:96:d5:cd:ba:9a:db:33:
df:d1:f0:59:55:0b:af:d1:3f:7d:a1:91:28:3d:bb:
62:91:99:27:db:13:24:8b:f3:cf:ff:92:46:4b:30:
58:35:76:12:17:c0:cb:79:52:7c:fa:7c:47:ef:41:
02:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C0:59:FB:EA:BB:B0:81:9D:44:C5:96:7C:F6:EC:A4:04:9D:8E:9C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C2A41EAE21AE11F0B75A8BCDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.213.220.0/24
Signature Algorithm: sha256WithRSAEncryption
24:2d:e7:74:6e:37:dc:92:f1:74:e9:c8:05:1c:e9:0e:38:a0:
16:cb:2d:50:8a:1a:fa:88:f2:77:bf:a1:e7:cf:43:93:d6:ce:
76:61:66:11:2c:c2:d7:af:16:8d:5c:f7:b9:44:62:37:27:0a:
cc:36:f4:81:b8:b2:ef:41:49:5c:27:db:21:37:1e:c6:c4:93:
fa:37:34:4f:0d:1b:c5:4c:32:02:c3:b4:1b:d1:df:4b:c1:2e:
de:4e:8e:fc:16:85:bc:e6:31:a2:28:94:3f:e8:ee:3d:8f:ab:
1a:2e:ae:07:5c:67:91:02:35:45:f9:4b:46:b5:ea:84:3b:f9:
9e:6c:6b:c7:98:cd:ad:d0:cc:93:20:a3:7f:57:d3:7f:81:f1:
2f:44:db:ed:e0:fc:0c:6d:ed:ce:f2:dd:d9:d7:ed:7c:0a:65:
05:cc:21:66:08:13:4d:db:84:1c:b4:4f:ab:ec:7a:66:01:8a:
c4:17:f0:69:d9:7f:25:81:33:40:a6:1c:ba:e1:df:f9:a6:d0:
ff:f5:05:d8:b4:23:03:ab:c5:1c:44:2a:0a:67:a2:52:ee:bc:
f1:7e:87:d6:1c:2b:8e:29:a5:c3:ab:49:31:b8:48:31:40:3c:
39:f9:9a:b5:cc:c7:6c:75:85:bd:05:b3:7e:54:d0:a3:17:16:
22:9a:dd:2d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXr1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDgyNDQ3WhcNMjYwNTI1MDgyNDQ3WjAYMRYw
FAYDVQQDEw02ODBiNDZkNC1hNTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyR7Q4Db9ElBUhcyvR+gMqg+xL9jkDqV1UcY25n0tTHeTz9TmyHbL6/CC
QrrAql4qt5zDyUlz9KKBgvL+D3JlHqdcszfFmo16XrQpgsJNQFkJjGwpmjDNv+Kq
kMvSfRx3RnZSYJ21x1geJ2EhoSqbpkMm+RahlQ8nFGeVJ0StuIeWCoam1EQOZvvd
CBd+xi82Q/xO0LCI+tnayLPIwhlYsWH2wyPo0ji9n6jkampjGLAz9N0IP1qukU5S
wNl3BZktMr7eJk5z18wYCJbVzbqa2zPf0fBZVQuv0T99oZEoPbtikZkn2xMki/PP
/5JGSzBYNXYSF8DLeVJ8+nxH70EChwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCzA
Wfvqu7CBnUTFlnz27KQEnY6cMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMkE0MUVBRTIxQUUxMUYwQjc1QThCQ0REQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtXcMA0GCSqGSIb3DQEB
CwUAA4IBAQAkLed0bjfckvF06cgFHOkOOKAWyy1Qihr6iPJ3v6Hnz0OT1s52YWYR
LMLXrxaNXPe5RGI3JwrMNvSBuLLvQUlcJ9shNx7GxJP6NzRPDRvFTDICw7Qb0d9L
wS7eTo78FoW85jGiKJQ/6O49j6saLq4HXGeRAjVF+UtGteqEO/mebGvHmM2t0MyT
IKN/V9N/gfEvRNvt4PwMbe3O8t3Z1+18CmUFzCFmCBNN24QctE+r7HpmAYrEF/Bp
2X8lgTNAphy64d/5ptD/9QXYtCMDq8UcRCoKZ6JS7rzxfofWHCuOKaXDq0kxuEgx
QDw5+Zq1zMdsdYW9BbN+VNCjFxYimt0t
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:57:23 2025 by rpki-client on console.sobornost.net