Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F838D16013BA11F0ACB36877762E951A.roa
File: F838D16013BA11F0ACB36877762E951A.roa (raw, json)
Hash identifier: sLjqY0nJ4sA/9EoKIeBtqppPSB8BXkemlpjPAQvvYXY=
Subject key identifier: 5D:31:FD:31:B4:37:C1:CF:DE:15:30:82:B2:8D:57:3A:20:49:C5:53
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017802
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F838D16013BA11F0ACB36877762E951A.roa
Signing time: Mon 07 Apr 2025 14:17:00 +0000
ROA not before: Mon 07 Apr 2025 14:16:55 +0000
ROA not after: Fri 09 May 2025 14:16:55 +0000
asID: 397423
IP address blocks: 154.93.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96258 (0x17802)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 7 14:16:55 2025 GMT
Not After : May 9 14:16:55 2025 GMT
Subject: CN=67f3de5c-8997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:84:aa:8b:0f:a2:cc:1c:84:0b:86:14:6c:c9:
b1:93:39:91:d6:28:ce:0c:ae:98:2f:b5:02:0c:ad:
51:ff:13:20:a2:9a:1d:38:00:3b:f8:2b:00:f6:53:
c3:92:5c:3f:03:ae:97:52:ad:5e:f9:a1:ae:3f:96:
6e:73:b8:6b:6d:c3:f0:3c:39:2f:f1:c2:69:11:3d:
05:6d:b9:e1:66:8f:53:ce:4d:42:33:3c:43:5f:6c:
6f:2c:bd:e2:40:73:ed:ae:82:bc:5d:82:69:46:68:
53:b2:4a:1f:24:fd:2f:20:c2:71:15:4a:98:0d:4f:
c4:9f:41:c3:f8:4f:10:f9:6d:4f:56:1c:35:35:56:
60:55:b3:8f:17:7b:ca:9b:97:69:86:33:8a:62:dc:
ed:ff:34:b1:87:02:4a:13:eb:c0:7a:43:ac:c1:6c:
7c:d8:bd:24:e0:11:67:2d:be:c4:db:3e:85:de:7a:
e8:3b:74:18:c9:d3:2d:a6:b6:83:c6:e1:af:06:9a:
f9:3f:db:71:82:66:ea:16:0d:c5:74:ac:8f:de:46:
21:3e:b4:98:0e:27:d7:06:fc:36:52:8f:91:7c:94:
9a:f0:3b:d4:0d:36:ad:7b:ee:23:16:55:7f:a6:c3:
00:20:e6:d3:f8:5e:97:3d:cd:82:23:43:c5:2a:38:
22:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:31:FD:31:B4:37:C1:CF:DE:15:30:82:B2:8D:57:3A:20:49:C5:53
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F838D16013BA11F0ACB36877762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.93.27.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:f5:b6:ed:7c:19:1d:0a:33:fd:9e:fd:87:40:d5:8c:95:60:
d5:c4:c4:b4:82:aa:87:2f:b6:ec:86:2a:78:3c:74:c8:7c:fb:
40:eb:44:53:9b:43:d7:a8:21:c0:ae:9d:8d:ad:ff:72:34:6a:
ee:29:ee:78:3c:cb:72:e5:36:48:74:ab:4e:c5:89:f7:3f:7f:
d4:62:f4:ca:90:84:18:c2:c0:da:66:96:4e:a7:6d:fa:98:7a:
f4:c2:09:c6:4e:59:42:0f:6a:c7:2c:51:e8:22:70:43:da:59:
dc:0b:31:3a:5e:e4:e8:40:45:3a:1b:16:59:32:37:a6:cc:21:
2f:ec:4b:70:ca:94:77:53:24:48:46:be:9a:bd:2d:1f:9d:b5:
a2:f9:55:04:2a:fc:57:fb:ea:8c:92:df:4d:53:ff:9f:40:d0:
43:b7:63:53:89:8d:80:ac:55:db:be:93:5b:3e:cb:5d:16:68:
aa:f0:f8:5f:d4:38:6e:45:0a:41:25:e8:20:40:16:fa:7c:8a:
6d:c9:fe:79:87:12:7a:73:82:f6:48:38:c6:2a:39:b4:a6:54:
31:c9:91:7c:71:d2:3c:59:1f:a0:cb:18:6f:d5:6b:af:da:9f:
00:01:6d:0e:16:5d:e8:10:46:e8:49:0e:5e:75:c7:2c:0b:7a:
7f:a8:5e:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXgCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA3MTQxNjU1WhcNMjUwNTA5MTQxNjU1WjAYMRYw
FAYDVQQDEw02N2YzZGU1Yy04OTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyoSqiw+izByEC4YUbMmxkzmR1ijODK6YL7UCDK1R/xMgopodOAA7+CsA
9lPDklw/A66XUq1e+aGuP5Zuc7hrbcPwPDkv8cJpET0FbbnhZo9Tzk1CMzxDX2xv
LL3iQHPtroK8XYJpRmhTskofJP0vIMJxFUqYDU/En0HD+E8Q+W1PVhw1NVZgVbOP
F3vKm5dphjOKYtzt/zSxhwJKE+vAekOswWx82L0k4BFnLb7E2z6F3nroO3QYydMt
praDxuGvBpr5P9txgmbqFg3FdKyP3kYhPrSYDifXBvw2Uo+RfJSa8DvUDTate+4j
FlV/psMAIObT+F6XPc2CI0PFKjgiWwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFF0x
/TG0N8HP3hUwgrKNVzogScVTMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GODM4RDE2MDEzQkExMUYwQUNCMzY4Nzc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml0bMA0GCSqGSIb3DQEB
CwUAA4IBAQCe9bbtfBkdCjP9nv2HQNWMlWDVxMS0gqqHL7bship4PHTIfPtA60RT
m0PXqCHArp2Nrf9yNGruKe54PMty5TZIdKtOxYn3P3/UYvTKkIQYwsDaZpZOp236
mHr0wgnGTllCD2rHLFHoInBD2lncCzE6XuToQEU6GxZZMjemzCEv7EtwypR3UyRI
Rr6avS0fnbWi+VUEKvxX++qMkt9NU/+fQNBDt2NTiY2ArFXbvpNbPstdFmiq8Phf
1DhuRQpBJeggQBb6fIptyf55hxJ6c4L2SDjGKjm0plQxyZF8cdI8WR+gyxhv1Wuv
2p8AAW0OFl3oEEboSQ5edccsC3p/qF7F
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:04:59 2025 by rpki-client on console.sobornost.net