Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC2E93E813F511F09E40006B762E951A.roa
File: DC2E93E813F511F09E40006B762E951A.roa (raw, json)
Hash identifier: R5Al87lurechteWSdw7k5Rzoe+zz8bzwGIEXhxQyGgE=
Subject key identifier: C5:43:00:F1:51:4E:25:57:7B:8F:B9:C2:11:78:F0:C5:37:5D:DD:CB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017847
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC2E93E813F511F09E40006B762E951A.roa
Signing time: Mon 07 Apr 2025 21:18:33 +0000
ROA not before: Mon 07 Apr 2025 21:18:28 +0000
ROA not after: Tue 10 Jun 2025 21:18:28 +0000
asID: 395793
IP address blocks: 154.196.208.0/24 maxlen: 24
154.196.209.0/24 maxlen: 24
154.196.210.0/24 maxlen: 24
154.196.211.0/24 maxlen: 24
154.196.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96327 (0x17847)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 7 21:18:28 2025 GMT
Not After : Jun 10 21:18:28 2025 GMT
Subject: CN=67f44129-e811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a2:5f:fe:9b:a3:b8:34:95:1c:38:65:0f:1b:
91:25:19:35:78:1f:8a:c9:19:22:35:9e:b2:e8:3c:
bf:8d:7b:dc:dd:e3:8f:32:06:38:7b:b7:a6:d4:82:
6e:ad:06:e2:46:43:98:5d:11:36:a1:56:b4:d3:e3:
d5:0d:28:45:87:96:44:b0:80:51:7d:22:56:7b:58:
34:08:b5:6e:e2:ff:d8:b6:dd:ef:0b:af:cc:c8:3b:
d4:7b:7f:37:d2:01:71:21:9b:c9:86:4f:e1:04:06:
43:a8:d3:ab:b1:30:48:7c:69:15:9f:64:b7:2b:45:
12:30:65:c7:af:24:a4:ca:1c:d0:f9:45:be:31:df:
80:da:4c:86:68:73:5b:53:47:cd:8c:30:56:87:61:
b5:97:37:ee:be:55:1a:74:39:a9:ad:dc:8c:f1:61:
a2:64:6d:2f:99:cd:a4:46:73:a8:6c:39:0a:41:71:
52:30:6b:97:e1:ce:92:54:a5:01:3b:74:12:1b:d9:
f9:2a:7f:61:23:4b:a0:fe:f3:97:34:aa:90:6c:80:
23:38:02:ab:9b:72:a7:26:3d:80:20:f6:66:80:d4:
2e:65:26:ce:65:ce:6e:5b:1d:ea:b1:0a:54:53:dc:
42:eb:77:71:ce:f7:47:72:4b:4f:bf:a0:06:71:ae:
b5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:43:00:F1:51:4E:25:57:7B:8F:B9:C2:11:78:F0:C5:37:5D:DD:CB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/DC2E93E813F511F09E40006B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.196.208.0-154.196.212.255
Signature Algorithm: sha256WithRSAEncryption
5d:b2:ed:b3:a6:07:de:89:8f:e3:a6:6c:70:50:7d:22:0e:ba:
cd:a6:23:35:b4:e3:f2:8e:27:7d:9e:ab:d3:33:40:e7:1e:5c:
49:25:02:80:eb:c4:b5:11:0f:57:cc:a0:9c:c0:08:9c:29:9e:
d7:43:87:ac:27:b3:71:45:07:16:59:69:d8:6e:ca:db:bb:42:
b8:0d:82:38:44:b1:91:9b:4b:74:a3:a4:72:67:76:69:09:1f:
48:c7:c2:18:4b:18:f1:02:dc:87:d1:0d:80:02:a3:95:3c:ec:
4e:0c:d4:cc:92:34:12:57:8d:de:07:43:10:bc:38:37:cd:4d:
91:f4:ce:65:d7:71:13:d1:c7:d6:dc:77:38:2a:c1:7b:c2:38:
b7:42:11:63:48:17:7c:6d:83:dc:56:26:1c:c7:08:98:32:5d:
5d:20:e9:b4:9a:cf:97:f1:24:47:dd:ff:66:f2:44:9d:93:96:
9c:c2:d7:3b:b8:ac:1a:15:43:54:ed:9c:21:93:5d:00:09:79:
89:02:a9:31:82:75:a6:99:30:91:d5:a2:18:a3:fa:45:b5:d9:
64:1d:67:a6:4d:79:93:e9:a7:89:29:48:27:99:e7:aa:4d:26:
99:56:08:b4:a2:fd:d7:85:9a:0a:e0:57:30:2c:cc:90:b7:35:
34:79:b8:96
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAXhHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA3MjExODI4WhcNMjUwNjEwMjExODI4WjAYMRYw
FAYDVQQDEw02N2Y0NDEyOS1lODExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyaJf/pujuDSVHDhlDxuRJRk1eB+KyRkiNZ6y6Dy/jXvc3eOPMgY4e7em
1IJurQbiRkOYXRE2oVa00+PVDShFh5ZEsIBRfSJWe1g0CLVu4v/Ytt3vC6/MyDvU
e3830gFxIZvJhk/hBAZDqNOrsTBIfGkVn2S3K0USMGXHrySkyhzQ+UW+Md+A2kyG
aHNbU0fNjDBWh2G1lzfuvlUadDmprdyM8WGiZG0vmc2kRnOobDkKQXFSMGuX4c6S
VKUBO3QSG9n5Kn9hI0ug/vOXNKqQbIAjOAKrm3KnJj2AIPZmgNQuZSbOZc5uWx3q
sQpUU9xC63dxzvdHcktPv6AGca616wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFMVD
APFRTiVXe4+5whF48MU3Xd3LMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EQzJFOTNFODEzRjUxMUYwOUU0MDAwNkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASaxNADBACaxNQwDQYJ
KoZIhvcNAQELBQADggEBAF2y7bOmB96Jj+OmbHBQfSIOus2mIzW04/KOJ32eq9Mz
QOceXEklAoDrxLURD1fMoJzACJwpntdDh6wns3FFBxZZadhuytu7QrgNgjhEsZGb
S3SjpHJndmkJH0jHwhhLGPEC3IfRDYACo5U87E4M1MySNBJXjd4HQxC8ODfNTZH0
zmXXcRPRx9bcdzgqwXvCOLdCEWNIF3xtg9xWJhzHCJgyXV0g6bSaz5fxJEfd/2by
RJ2TlpzC1zu4rBoVQ1TtnCGTXQAJeYkCqTGCdaaZMJHVohij+kW12WQdZ6ZNeZPp
p4kpSCeZ56pNJplWCLSi/deFmgrgVzAszJC3NTR5uJY=
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:04:40 2025 by rpki-client on console.sobornost.net