Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D47F603215E411F0BC4718216EB8BCC6.roa
File: D47F603215E411F0BC4718216EB8BCC6.roa (raw, json)
Hash identifier: c7jowVTzpDV4VKScZ0GcbCmIdhWETDI9yNrxDb41XcE=
Subject key identifier: A8:8A:92:27:86:34:80:A9:AE:AE:F8:3E:E3:1E:AA:2D:8C:31:C0:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0178A9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D47F603215E411F0BC4718216EB8BCC6.roa
Signing time: Thu 10 Apr 2025 08:21:41 +0000
ROA not before: Thu 10 Apr 2025 08:21:37 +0000
ROA not after: Sat 17 May 2025 08:21:37 +0000
asID: 57043
IP address blocks: 154.222.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96425 (0x178a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 10 08:21:37 2025 GMT
Not After : May 17 08:21:37 2025 GMT
Subject: CN=67f77f95-b29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4b:f1:1c:5a:98:75:f4:76:c0:89:20:21:18:
86:23:8d:e2:19:c4:71:19:c2:48:0a:25:e7:00:ee:
14:38:54:da:eb:58:65:b9:c6:42:bc:8a:b5:ef:30:
e4:ef:0d:12:f6:2d:d6:1e:5d:79:8f:4b:33:7b:02:
57:bc:24:bc:65:6c:cd:72:0c:3a:2a:c0:a0:03:3c:
aa:d4:6b:6a:20:35:e2:15:ca:fb:b9:07:c4:18:2d:
52:5c:c8:bb:ea:67:70:74:46:c6:90:a4:6b:01:b1:
78:3b:32:46:7e:d2:f0:18:bf:ea:ef:a9:25:27:2b:
10:4b:bc:c2:bd:a8:e1:26:2a:4b:05:84:5c:bc:e4:
0a:f5:43:e5:6c:12:bf:af:53:29:4c:0b:9e:c3:db:
03:97:ef:dd:6e:0c:14:ec:be:15:9f:15:e7:b1:7f:
33:8b:fb:cb:73:5f:63:b4:7c:aa:50:9c:19:5f:3a:
18:71:00:26:ea:f6:a8:c8:75:c0:d5:30:e4:ca:92:
20:da:ae:5e:59:62:05:3a:cc:62:8c:f3:62:12:d2:
4e:72:19:8d:5f:ca:cc:65:6c:96:d7:f5:2e:9c:92:
de:13:57:bd:7d:60:50:46:bf:73:cf:cc:c3:ed:1d:
fb:8b:4e:0b:53:df:a1:fc:24:b5:10:0e:19:10:13:
dd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8A:92:27:86:34:80:A9:AE:AE:F8:3E:E3:1E:AA:2D:8C:31:C0:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D47F603215E411F0BC4718216EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.33.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:9a:38:dd:4b:a6:02:76:1c:04:b5:bf:6c:e3:a3:09:e2:de:
b9:97:eb:f1:37:c1:bc:78:37:40:33:d0:1f:d4:7a:ec:ff:b7:
08:d6:f9:e5:2b:c7:81:48:98:6d:25:cc:1c:6c:a2:ec:ec:1f:
84:d2:3c:cc:40:ee:2d:15:37:92:ae:91:15:0c:41:e7:c7:91:
be:51:cf:cd:46:c9:42:c6:53:65:ad:df:63:3b:d2:ab:a6:e6:
d4:8a:41:5f:07:f3:71:83:99:22:fb:4a:a8:89:35:d9:4c:0b:
fc:fe:0a:1d:35:92:be:e8:14:04:cb:53:dc:dd:65:9b:9b:78:
ed:82:db:a8:19:0b:db:87:2d:d8:d5:9a:45:f9:45:99:f5:25:
e4:ee:8e:f4:09:79:bc:80:8a:79:86:9f:bc:7a:0c:9e:cb:97:
ef:3b:e2:84:b9:fe:02:db:bf:37:68:6c:77:47:1d:db:6f:5e:
0b:6a:0a:4e:d2:76:66:70:98:a3:61:7c:8f:29:b1:24:ca:06:
2e:d8:f5:87:b4:28:ac:21:cd:75:5d:a6:4f:be:e4:75:43:62:
ac:7f:31:58:b2:9e:1c:d6:da:18:f0:f1:fc:db:84:69:5f:77:
77:3c:5e:7f:8a:43:0d:63:30:92:ce:9c:d8:54:56:a8:2a:68:
d7:31:14:c8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXipMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDEwMDgyMTM3WhcNMjUwNTE3MDgyMTM3WjAYMRYw
FAYDVQQDEw02N2Y3N2Y5NS1iMjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7kvxHFqYdfR2wIkgIRiGI43iGcRxGcJICiXnAO4UOFTa61hlucZCvIq1
7zDk7w0S9i3WHl15j0szewJXvCS8ZWzNcgw6KsCgAzyq1GtqIDXiFcr7uQfEGC1S
XMi76mdwdEbGkKRrAbF4OzJGftLwGL/q76klJysQS7zCvajhJipLBYRcvOQK9UPl
bBK/r1MpTAuew9sDl+/dbgwU7L4VnxXnsX8zi/vLc19jtHyqUJwZXzoYcQAm6vao
yHXA1TDkypIg2q5eWWIFOsxijPNiEtJOchmNX8rMZWyW1/UunJLeE1e9fWBQRr9z
z8zD7R37i04LU9+h/CS1EA4ZEBPdXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKiK
kieGNICprq74PuMeqi2MMcCMMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9ENDdGNjAzMjE1RTQxMUYwQkM0NzE4MjE2RUI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt4hMA0GCSqGSIb3DQEB
CwUAA4IBAQBsmjjdS6YCdhwEtb9s46MJ4t65l+vxN8G8eDdAM9Af1Hrs/7cI1vnl
K8eBSJhtJcwcbKLs7B+E0jzMQO4tFTeSrpEVDEHnx5G+Uc/NRslCxlNlrd9jO9Kr
pubUikFfB/Nxg5ki+0qoiTXZTAv8/godNZK+6BQEy1Pc3WWbm3jtgtuoGQvbhy3Y
1ZpF+UWZ9SXk7o70CXm8gIp5hp+8egyey5fvO+KEuf4C2783aGx3Rx3bb14LagpO
0nZmcJijYXyPKbEkygYu2PWHtCisIc11XaZPvuR1Q2KsfzFYsp4c1toY8PH824Rp
X3d3PF5/ikMNYzCSzpzYVFaoKmjXMRTI
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:04:37 2025 by rpki-client on console.sobornost.net