Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8EF26BA1C9211F0855F3297DAE4EC9C.roa
File: E8EF26BA1C9211F0855F3297DAE4EC9C.roa (raw, json)
Hash identifier: U+k3NTw08h2XXdJ3KFNgZHx2zxuCTCSlKiOnZfRLJUQ=
Subject key identifier: 66:CF:66:2C:BA:92:A5:59:54:9F:B2:2B:47:A3:F1:16:66:55:47:EB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0179DC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8EF26BA1C9211F0855F3297DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 20:22:55 +0000
ROA not before: Fri 18 Apr 2025 20:22:50 +0000
ROA not after: Fri 30 May 2025 20:22:50 +0000
asID: 62240
IP address blocks: 154.194.33.0/24 maxlen: 24
154.194.119.0/24 maxlen: 24
154.194.120.0/24 maxlen: 24
154.194.121.0/24 maxlen: 24
154.194.122.0/24 maxlen: 24
154.194.123.0/24 maxlen: 24
154.194.124.0/24 maxlen: 24
154.194.125.0/24 maxlen: 24
154.194.126.0/24 maxlen: 24
154.194.127.0/24 maxlen: 24
154.196.29.0/24 maxlen: 24
154.196.32.0/24 maxlen: 24
154.196.34.0/24 maxlen: 24
154.196.35.0/24 maxlen: 24
154.196.37.0/24 maxlen: 24
154.196.38.0/24 maxlen: 24
154.196.39.0/24 maxlen: 24
154.196.40.0/24 maxlen: 24
154.196.41.0/24 maxlen: 24
154.196.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 13:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96732 (0x179dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 20:22:50 2025 GMT
Not After : May 30 20:22:50 2025 GMT
Subject: CN=6802b49f-8550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:84:32:be:3c:fe:c7:0a:76:7a:a5:d2:ea:07:
db:01:d9:05:96:7f:bc:57:4d:3c:bf:86:ac:1c:33:
b0:42:e8:49:bc:78:1d:86:ae:7b:d8:70:25:92:61:
2a:a3:38:85:18:98:fe:80:0e:4a:a8:2f:2e:ae:0d:
53:f9:10:8a:21:25:5c:8c:89:a1:e9:71:cb:47:ec:
f2:17:f9:77:fa:75:95:09:b9:2d:1f:01:f9:0e:09:
23:1c:a3:c0:aa:38:a6:fc:57:ea:c7:c2:86:62:ee:
23:13:af:fc:0f:ac:64:d4:3b:5b:55:13:b5:9a:79:
c5:23:75:6c:03:b1:fc:8e:90:26:1b:6a:5c:c6:32:
8b:24:74:a2:1f:78:bd:73:4f:ea:31:42:bb:f2:c0:
ad:42:43:e2:18:4f:fc:e0:0f:5d:39:89:93:f7:78:
87:93:ce:6d:98:99:70:f4:7e:91:9b:43:13:9c:92:
25:a0:b8:ae:60:ba:f9:df:a6:a2:87:12:da:ed:ec:
41:8c:82:75:db:dd:e9:a8:1e:e3:e3:d4:89:41:51:
bd:ec:00:3e:fe:6f:c5:f3:61:b0:a8:5e:b0:5b:7a:
a1:2f:9f:03:91:f9:44:03:74:11:a8:74:70:61:0c:
12:56:d8:c7:94:01:06:bd:aa:15:83:34:26:52:61:
6a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CF:66:2C:BA:92:A5:59:54:9F:B2:2B:47:A3:F1:16:66:55:47:EB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E8EF26BA1C9211F0855F3297DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.33.0/24
154.194.119.0-154.194.127.255
154.196.29.0/24
154.196.32.0/24
154.196.34.0/23
154.196.37.0-154.196.41.255
154.196.43.0/24
Signature Algorithm: sha256WithRSAEncryption
59:6d:b3:f4:fd:33:5c:65:44:a7:aa:91:79:ec:d2:41:d7:6c:
c6:02:89:39:83:de:87:b4:60:69:03:70:4b:70:da:dc:97:29:
aa:3f:11:a6:66:ab:25:d7:1d:b8:d2:34:ab:82:28:c4:9e:6e:
2f:98:f2:b5:1b:e2:d6:e7:6a:4e:db:01:78:74:69:3f:c0:77:
83:00:da:d8:3f:47:58:bf:91:12:f9:a4:bc:3a:be:c4:eb:68:
93:e9:63:53:55:24:27:48:c9:b7:64:5c:1b:d1:57:f1:a8:9f:
f3:9d:84:4d:87:1c:c1:63:8a:97:23:89:fe:08:84:64:5e:5d:
89:67:84:80:f2:d6:57:95:6d:7f:d0:04:c0:50:27:2f:02:a3:
d5:82:d8:7e:f3:26:8b:28:72:87:c4:ca:10:ec:d1:51:29:21:
02:b7:34:fa:2e:7e:b4:90:c6:55:c2:c9:ec:5f:6f:b5:d9:fc:
09:4d:4b:9e:33:70:a0:5c:48:b8:86:1d:02:7e:3f:a2:a8:ce:
1d:46:38:26:48:6e:82:e1:28:65:92:7f:c2:78:58:7a:c6:26:
ec:97:d5:a2:4e:38:da:6c:1b:61:01:41:d8:b5:8d:4c:a8:df:
df:ed:e0:ae:3d:53:0a:52:77:81:22:c5:35:01:1b:f1:97:23:
8b:82:bd:11
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIDAXncMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE4MjAyMjUwWhcNMjUwNTMwMjAyMjUwWjAYMRYw
FAYDVQQDEw02ODAyYjQ5Zi04NTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwoQyvjz+xwp2eqXS6gfbAdkFln+8V008v4asHDOwQuhJvHgdhq572HAl
kmEqoziFGJj+gA5KqC8urg1T+RCKISVcjImh6XHLR+zyF/l3+nWVCbktHwH5Dgkj
HKPAqjim/Ffqx8KGYu4jE6/8D6xk1DtbVRO1mnnFI3VsA7H8jpAmG2pcxjKLJHSi
H3i9c0/qMUK78sCtQkPiGE/84A9dOYmT93iHk85tmJlw9H6Rm0MTnJIloLiuYLr5
36aihxLa7exBjIJ1293pqB7j49SJQVG97AA+/m/F82GwqF6wW3qhL58DkflEA3QR
qHRwYQwSVtjHlAEGvaoVgzQmUmFqHwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFGbP
Ziy6kqVZVJ+yK0ej8RZmVUfrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FOEVGMjZCQTFDOTIxMUYwODU1RjMyOTdEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAmsIhMAwDBACawncDBAea
wgADBACaxB0DBACaxCADBAGaxCIwDAMEAJrEJQMEAZrEKAMEAJrEKzANBgkqhkiG
9w0BAQsFAAOCAQEAWW2z9P0zXGVEp6qReezSQddsxgKJOYPeh7RgaQNwS3Da3Jcp
qj8RpmarJdcduNI0q4IoxJ5uL5jytRvi1udqTtsBeHRpP8B3gwDa2D9HWL+REvmk
vDq+xOtok+ljU1UkJ0jJt2RcG9FX8aif852ETYccwWOKlyOJ/giEZF5diWeEgPLW
V5Vtf9AEwFAnLwKj1YLYfvMmiyhyh8TKEOzRUSkhArc0+i5+tJDGVcLJ7F9vtdn8
CU1LnjNwoFxIuIYdAn4/oqjOHUY4JkhuguEoZZJ/wnhYesYm7JfVok442mwbYQFB
2LWNTKjf3+3grj1TClJ3gSLFNQEb8Zcji4K9EQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:10:42 2025 by rpki-client on console.sobornost.net