Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C37FBDE221B311F088DE40EFDAE4EC9C.roa
File: C37FBDE221B311F088DE40EFDAE4EC9C.roa (raw, json)
Hash identifier: 5RMR7l7HyFEvxX7P2fmeDUYFoeWRmt885VYDdyHEuPM=
Subject key identifier: 3E:7C:18:68:DD:E3:35:30:DE:CF:DA:9D:AF:3B:17:47:C5:AE:68:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B03
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C37FBDE221B311F088DE40EFDAE4EC9C.roa
Signing time: Fri 25 Apr 2025 09:00:42 +0000
ROA not before: Fri 25 Apr 2025 09:00:36 +0000
ROA not after: Mon 05 May 2025 09:00:36 +0000
asID: 150750
IP address blocks: 154.208.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97027 (0x17b03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 25 09:00:36 2025 GMT
Not After : May 5 09:00:36 2025 GMT
Subject: CN=680b4f39-0091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:8f:d7:c2:6b:4e:63:bb:4e:c8:d2:c9:19:76:
3e:b4:77:e8:6b:ae:03:b4:1f:e6:93:ce:06:8d:ec:
e8:b1:97:6b:1d:91:8f:a5:3b:88:80:33:29:a0:d3:
ee:6a:15:82:e8:a2:20:ca:03:03:af:14:cf:8e:3f:
9c:8a:3b:2a:9d:0e:c4:ee:bf:7f:f1:74:18:ba:f8:
8f:42:c5:45:c9:b4:5a:d0:52:87:cf:f8:bd:70:27:
ab:51:b2:3c:92:07:d3:66:41:c0:77:52:86:8b:f6:
05:e2:30:c2:d2:bc:7c:55:ef:df:5f:7c:04:88:93:
67:83:03:f5:8e:3a:f5:16:d4:fe:4c:34:81:81:61:
4d:e6:6f:3b:c8:bb:e5:82:d3:c2:71:61:f9:a8:bc:
82:f3:b0:26:9a:ae:56:bd:cf:cb:52:a7:29:33:b1:
b7:57:c7:a4:2c:22:99:6b:09:d0:ee:e4:88:0c:a0:
60:8f:a4:24:60:5b:ac:cc:d7:34:d3:c8:00:7e:14:
77:56:68:b7:0c:dd:fe:0b:a8:b5:ad:56:78:62:74:
be:81:57:db:d1:e5:f3:7a:9b:bf:70:4c:41:ba:29:
e3:55:e7:ce:9c:15:2f:17:fa:0a:5c:fa:c3:b3:53:
5a:fd:cb:ef:f6:e1:0f:35:97:ca:fb:a1:b1:25:12:
ec:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7C:18:68:DD:E3:35:30:DE:CF:DA:9D:AF:3B:17:47:C5:AE:68:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C37FBDE221B311F088DE40EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.32.0/19
Signature Algorithm: sha256WithRSAEncryption
a5:42:79:a3:7d:02:de:eb:64:d3:4f:25:2d:6d:54:f2:5a:26:
bd:9c:24:d1:1b:bf:24:b1:84:b8:f3:49:7b:ef:73:ff:f4:05:
43:5b:78:8e:5b:4f:41:f1:53:8b:44:46:56:88:e4:c7:02:54:
99:db:a3:30:20:de:1b:d0:bf:aa:34:9e:df:ea:3f:1c:c9:14:
da:27:79:38:4b:93:c8:2a:ec:13:63:ef:ae:0e:60:56:5b:2e:
3c:a9:40:ef:82:c3:52:b4:ed:e3:22:4c:94:df:d6:be:1b:0b:
03:3a:65:a2:44:c2:10:80:36:b1:a9:82:74:9a:22:f1:36:34:
90:d4:5d:f8:c5:37:bc:bf:31:a8:25:07:7b:7a:2a:5e:79:86:
8c:e0:f1:be:1c:b0:03:2b:b3:b2:63:b5:ba:9e:10:7b:41:1a:
7d:f8:34:6e:a1:0f:11:73:4c:b4:0f:89:c8:8b:43:ee:4e:55:
5f:51:d7:99:c9:5e:4a:d3:68:f7:9d:54:d1:a3:a1:84:d9:b5:
c7:f2:f2:4d:9a:80:40:59:67:ea:8f:d4:ac:ad:e8:a6:cb:e8:
f2:3c:53:79:a6:98:27:fc:06:d8:63:2a:d2:0e:1c:c5:05:7c:
d1:77:28:da:9d:19:6b:7f:36:ce:dd:f5:6a:98:2f:aa:3d:98:
88:f1:a8:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXsDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI1MDkwMDM2WhcNMjUwNTA1MDkwMDM2WjAYMRYw
FAYDVQQDEw02ODBiNGYzOS0wMDkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9I/XwmtOY7tOyNLJGXY+tHfoa64DtB/mk84GjezosZdrHZGPpTuIgDMp
oNPuahWC6KIgygMDrxTPjj+cijsqnQ7E7r9/8XQYuviPQsVFybRa0FKHz/i9cCer
UbI8kgfTZkHAd1KGi/YF4jDC0rx8Ve/fX3wEiJNngwP1jjr1FtT+TDSBgWFN5m87
yLvlgtPCcWH5qLyC87Ammq5Wvc/LUqcpM7G3V8ekLCKZawnQ7uSIDKBgj6QkYFus
zNc008gAfhR3Vmi3DN3+C6i1rVZ4YnS+gVfb0eXzepu/cExBuinjVefOnBUvF/oK
XPrDs1Na/cvv9uEPNZfK+6GxJRLsJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFD58
GGjd4zUw3s/ana87F0fFrmhIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DMzdGQkRFMjIxQjMxMUYwODhERTQwRUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmtAgMA0GCSqGSIb3DQEB
CwUAA4IBAQClQnmjfQLe62TTTyUtbVTyWia9nCTRG78ksYS480l773P/9AVDW3iO
W09B8VOLREZWiOTHAlSZ26MwIN4b0L+qNJ7f6j8cyRTaJ3k4S5PIKuwTY++uDmBW
Wy48qUDvgsNStO3jIkyU39a+GwsDOmWiRMIQgDaxqYJ0miLxNjSQ1F34xTe8vzGo
JQd7eipeeYaM4PG+HLADK7OyY7W6nhB7QRp9+DRuoQ8Rc0y0D4nIi0PuTlVfUdeZ
yV5K02j3nVTRo6GE2bXH8vJNmoBAWWfqj9Ssreimy+jyPFN5ppgn/AbYYyrSDhzF
BXzRdyjanRlrfzbO3fVqmC+qPZiI8ahA
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:53:10 2025 by rpki-client on console.sobornost.net