Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CABBE16A1F4E11F091B373ECDAE4EC9C.roa
File: CABBE16A1F4E11F091B373ECDAE4EC9C.roa (raw, json)
Hash identifier: tMKUA2jqb2+ZXVj4EekY9s+vFAyy1pe+FDhK3lwPnn8=
Subject key identifier: 93:8A:80:EE:9E:95:A1:B2:C3:6F:61:65:9B:68:07:B7:57:AA:03:05
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017A70
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CABBE16A1F4E11F091B373ECDAE4EC9C.roa
Signing time: Tue 22 Apr 2025 07:52:52 +0000
ROA not before: Tue 22 Apr 2025 07:52:47 +0000
ROA not after: Tue 27 May 2025 07:52:47 +0000
asID: 137899
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96880 (0x17a70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 07:52:47 2025 GMT
Not After : May 27 07:52:47 2025 GMT
Subject: CN=68074ad4-ad78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c3:aa:61:db:06:71:d4:3f:10:2c:8e:7a:06:
b0:f0:6c:b2:fc:a1:74:6b:52:6e:83:d8:42:87:a6:
44:85:22:0c:b7:ab:d5:87:65:dc:67:20:6c:4a:a5:
6e:04:06:04:b7:4e:cb:c3:53:c5:50:6d:0b:6a:56:
5e:16:41:ef:a7:ef:9d:98:23:f5:e0:bf:e8:76:21:
84:f8:24:b1:38:e4:a8:a2:de:c8:ef:1f:16:58:60:
b7:b3:d1:0e:b9:8e:b3:fc:42:2d:b3:49:4d:fa:7e:
9e:cc:f9:84:f3:e1:d3:6f:58:30:61:63:d6:c8:8e:
3f:d0:16:64:cb:a5:79:30:d8:3d:37:a9:b2:8d:ba:
3e:e7:bc:bc:55:7b:87:02:ee:d8:56:7d:99:5c:30:
b8:45:49:bb:02:c6:3d:af:20:2c:b0:5a:86:13:81:
b2:8d:bf:e3:6e:7f:b1:f2:c5:dc:78:65:4e:58:1b:
b8:65:d0:8b:93:49:1c:55:cf:0c:d5:9a:75:09:35:
4b:4c:db:27:6e:c3:3f:ab:ea:0c:15:1e:32:cd:83:
50:f4:8e:a5:cf:cb:34:82:0c:37:d2:a8:87:25:9d:
6e:4a:0f:48:7d:d0:f3:18:b6:fe:0f:5d:8b:0f:c6:
ce:da:c4:95:24:2c:3a:17:e1:d7:47:6d:84:34:b4:
a0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8A:80:EE:9E:95:A1:B2:C3:6F:61:65:9B:68:07:B7:57:AA:03:05
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CABBE16A1F4E11F091B373ECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
81:5e:c3:9c:ff:0f:d4:41:b8:d8:6f:ef:48:06:b6:d8:0b:59:
74:7c:8a:d8:78:aa:98:f0:98:18:ca:04:8f:3c:64:d3:29:bd:
ae:33:6f:eb:6d:c3:66:03:d2:9e:51:ac:b4:04:3d:1a:23:97:
db:87:f9:7f:6e:af:73:f3:d6:75:27:47:51:d3:19:1f:7a:f9:
99:5d:ec:da:6c:54:63:fb:09:e6:2f:6c:0a:ef:2f:7a:8f:01:
60:d9:40:bf:c2:b2:e0:be:59:4e:ce:68:e5:99:8d:87:c0:6d:
b2:9c:c6:4c:f0:92:89:58:ad:59:3b:03:d6:58:d9:6e:09:63:
3c:99:b5:a0:65:f4:57:e3:07:49:fd:0c:9c:a0:64:04:46:7c:
de:5b:30:22:23:24:23:73:85:5a:76:7c:66:59:3b:6c:46:25:
04:d3:a7:bd:ff:b0:f0:80:aa:54:97:ef:a8:37:ad:71:aa:92:
1e:38:df:52:11:54:49:0a:70:66:1b:99:84:2a:dd:1b:a2:d3:
c7:3e:f4:91:55:43:e7:c3:53:28:83:8c:a5:1d:f9:ab:94:d8:
e8:ea:7b:34:16:b2:b2:71:a0:59:ae:89:42:f1:a1:40:f8:58:
ce:a2:6b:19:f3:4c:88:5d:7b:c2:dd:a9:48:2f:93:bc:f3:e6:
0b:27:a1:72
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXpwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIyMDc1MjQ3WhcNMjUwNTI3MDc1MjQ3WjAYMRYw
FAYDVQQDEw02ODA3NGFkNC1hZDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqsOqYdsGcdQ/ECyOegaw8Gyy/KF0a1Jug9hCh6ZEhSIMt6vVh2XcZyBs
SqVuBAYEt07Lw1PFUG0LalZeFkHvp++dmCP14L/odiGE+CSxOOSoot7I7x8WWGC3
s9EOuY6z/EIts0lN+n6ezPmE8+HTb1gwYWPWyI4/0BZky6V5MNg9N6myjbo+57y8
VXuHAu7YVn2ZXDC4RUm7AsY9ryAssFqGE4Gyjb/jbn+x8sXceGVOWBu4ZdCLk0kc
Vc8M1Zp1CTVLTNsnbsM/q+oMFR4yzYNQ9I6lz8s0ggw30qiHJZ1uSg9IfdDzGLb+
D12LD8bO2sSVJCw6F+HXR22ENLSgBQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJOK
gO6elaGyw29hZZtoB7dXqgMFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DQUJCRTE2QTFGNEUxMUYwOTFCMzczRUNEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQCBXsOc/w/UQbjYb+9IBrbYC1l0fIrYeKqY8JgYygSPPGTTKb2uM2/r
bcNmA9KeUay0BD0aI5fbh/l/bq9z89Z1J0dR0xkfevmZXezabFRj+wnmL2wK7y96
jwFg2UC/wrLgvllOzmjlmY2HwG2ynMZM8JKJWK1ZOwPWWNluCWM8mbWgZfRX4wdJ
/QycoGQERnzeWzAiIyQjc4VadnxmWTtsRiUE06e9/7DwgKpUl++oN61xqpIeON9S
EVRJCnBmG5mEKt0botPHPvSRVUPnw1Mog4ylHfmrlNjo6ns0FrKycaBZrolC8aFA
+FjOomsZ80yIXXvC3alIL5O88+YLJ6Fy
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:57:30 2025 by rpki-client on console.sobornost.net