Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2E6EE02144511F08849FD60762E951A.roa
File: D2E6EE02144511F08849FD60762E951A.roa (raw, json)
Hash identifier: kiHQZiRwyE62Yp14R2q6F5UZOr8l1+F+j8muyjNzfC4=
Subject key identifier: BB:FA:AF:DF:13:A6:B2:39:D4:A2:E5:1E:E3:58:EC:00:A4:E9:FD:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01784C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2E6EE02144511F08849FD60762E951A.roa
Signing time: Tue 08 Apr 2025 06:50:57 +0000
ROA not before: Tue 08 Apr 2025 06:50:53 +0000
ROA not after: Thu 08 May 2025 06:50:53 +0000
asID: 140869
IP address blocks: 154.81.32.0/24 maxlen: 24
154.81.33.0/24 maxlen: 24
154.81.34.0/24 maxlen: 24
154.81.35.0/24 maxlen: 24
154.81.36.0/24 maxlen: 24
154.81.37.0/24 maxlen: 24
154.81.38.0/24 maxlen: 24
154.81.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96332 (0x1784c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 8 06:50:53 2025 GMT
Not After : May 8 06:50:53 2025 GMT
Subject: CN=67f4c751-f410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:53:a1:44:de:64:d4:4c:5f:9d:92:c8:6a:2f:
89:2c:9c:df:00:58:86:d5:5b:c4:d8:4a:2c:0a:9a:
51:14:4c:19:64:d6:67:bb:41:3b:0b:b3:cb:01:4f:
2f:4e:fd:62:20:e5:d4:15:35:72:d5:c2:78:5d:a8:
40:b1:ca:30:f3:26:20:77:08:14:d6:31:04:3c:11:
45:6d:6e:c9:2c:a2:97:96:4e:cd:6b:5c:86:ef:9f:
72:71:6a:81:30:0c:d3:45:8f:21:1e:e9:9c:7e:ed:
19:eb:9e:ed:1f:9e:29:12:6a:0d:8e:70:74:c2:82:
56:d4:83:f7:16:64:78:46:2a:f0:11:9c:e2:9e:a3:
1d:29:26:7c:be:71:52:57:23:e6:d4:84:34:8b:55:
c0:d7:a5:f6:3a:1b:70:47:14:91:ac:9b:c0:7d:05:
45:fd:ec:6c:47:f9:49:8f:03:9b:51:58:5d:f7:06:
7d:69:7b:55:9a:ed:7e:64:db:8d:4b:8b:70:76:50:
e1:03:35:79:5f:88:c6:51:bb:52:aa:44:6e:a5:5e:
4b:8f:fd:7c:be:69:47:bd:36:68:cb:53:d0:38:7a:
fa:a3:a8:a8:c1:5d:98:43:89:96:b4:7e:c7:59:90:
2f:16:77:d3:9e:16:f3:4a:79:cf:e8:56:7c:2a:9e:
02:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FA:AF:DF:13:A6:B2:39:D4:A2:E5:1E:E3:58:EC:00:A4:E9:FD:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D2E6EE02144511F08849FD60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.81.32.0/21
Signature Algorithm: sha256WithRSAEncryption
07:2e:8e:46:8d:3a:32:76:61:7d:7d:31:f8:4f:e6:cd:ee:96:
e6:f2:da:6d:dc:38:55:28:6b:0d:a5:66:1a:a6:00:5a:9c:22:
c0:25:e1:9e:6e:60:54:7f:1d:b3:9c:e9:96:6b:66:79:73:a7:
22:cb:d3:55:a9:e9:cc:2d:6c:da:8f:76:1a:a7:c2:fc:1d:d1:
94:53:bb:2b:bc:ff:cf:89:00:7c:95:e6:cd:05:da:e5:5b:aa:
e3:23:4b:2d:ff:cc:e5:00:0b:10:94:55:d2:6a:88:8e:11:f4:
69:9d:fb:53:4a:db:c6:61:8a:63:d8:c6:36:cc:c3:62:0d:92:
ec:11:91:be:63:12:85:9e:b0:a6:6c:52:0e:36:68:0d:9f:88:
3d:46:d3:25:64:96:4a:fb:22:73:6f:7b:55:8a:a2:ac:88:4b:
bf:d7:ee:d8:04:a3:3a:a8:55:61:0d:6b:0b:74:6f:a3:8d:5b:
83:b4:60:61:52:45:4a:a8:dc:d8:f4:58:d4:41:32:bd:d9:8d:
e2:a2:27:07:8a:00:0a:ca:f3:46:33:30:32:4b:b6:8a:32:34:
51:bd:59:b4:f5:68:0f:a9:c2:ee:4e:49:ed:4a:94:c8:c8:de:
df:91:09:a8:28:bb:e2:70:87:2f:ca:87:95:8d:76:eb:1d:a7:
0e:9d:3d:38
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXhMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA4MDY1MDUzWhcNMjUwNTA4MDY1MDUzWjAYMRYw
FAYDVQQDEw02N2Y0Yzc1MS1mNDEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnFOhRN5k1ExfnZLIai+JLJzfAFiG1VvE2EosCppRFEwZZNZnu0E7C7PL
AU8vTv1iIOXUFTVy1cJ4XahAscow8yYgdwgU1jEEPBFFbW7JLKKXlk7Na1yG759y
cWqBMAzTRY8hHumcfu0Z657tH54pEmoNjnB0woJW1IP3FmR4RirwEZzinqMdKSZ8
vnFSVyPm1IQ0i1XA16X2OhtwRxSRrJvAfQVF/exsR/lJjwObUVhd9wZ9aXtVmu1+
ZNuNS4twdlDhAzV5X4jGUbtSqkRupV5Lj/18vmlHvTZoy1PQOHr6o6iowV2YQ4mW
tH7HWZAvFnfTnhbzSnnP6FZ8Kp4CNQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLv6
r98TprI51KLlHuNY7ACk6f2/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMkU2RUUwMjE0NDUxMUYwODg0OUZENjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmlEgMA0GCSqGSIb3DQEB
CwUAA4IBAQAHLo5GjToydmF9fTH4T+bN7pbm8tpt3DhVKGsNpWYapgBanCLAJeGe
bmBUfx2znOmWa2Z5c6ciy9NVqenMLWzaj3Yap8L8HdGUU7srvP/PiQB8lebNBdrl
W6rjI0st/8zlAAsQlFXSaoiOEfRpnftTStvGYYpj2MY2zMNiDZLsEZG+YxKFnrCm
bFIONmgNn4g9RtMlZJZK+yJzb3tViqKsiEu/1+7YBKM6qFVhDWsLdG+jjVuDtGBh
UkVKqNzY9FjUQTK92Y3ioicHigAKyvNGMzAyS7aKMjRRvVm09WgPqcLuTkntSpTI
yN7fkQmoKLvicIcvyoeVjXbrHacOnT04
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:18:51 2025 by rpki-client on console.sobornost.net