Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FECE379E1C6211F0813D21DADAE4EC9C.roa
File: FECE379E1C6211F0813D21DADAE4EC9C.roa (raw, json)
Hash identifier: ZMKgDRZmfP2YhuA5olkVYrc3Xl5jgqnLygcxfgTSbQI=
Subject key identifier: CD:35:83:EA:DB:D0:6D:68:54:D8:5C:63:B3:B1:85:60:1E:36:34:83
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0179B3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FECE379E1C6211F0813D21DADAE4EC9C.roa
Signing time: Fri 18 Apr 2025 14:39:56 +0000
ROA not before: Fri 18 Apr 2025 14:39:51 +0000
ROA not after: Sat 24 May 2025 14:39:51 +0000
asID: 40065
IP address blocks: 154.89.160.0/19 maxlen: 24
154.89.200.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 13:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96691 (0x179b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 18 14:39:51 2025 GMT
Not After : May 24 14:39:51 2025 GMT
Subject: CN=6802643c-1711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c5:ec:ae:c9:dd:2f:7f:c9:3b:b1:bb:a6:8d:
16:b4:00:9b:d9:ba:85:23:97:b2:0d:25:2f:7c:b1:
3f:ca:45:e0:14:d8:39:08:3b:89:c8:4a:8a:bc:c1:
99:5f:48:da:a0:c0:40:d9:76:83:1d:fe:05:94:79:
02:4e:a4:52:ad:d4:b6:12:07:d4:87:e1:34:09:6f:
f2:0e:7b:43:cc:d5:12:92:e8:46:ed:95:46:7c:d0:
b6:10:9a:ea:20:66:28:7e:08:2e:b4:3b:df:3f:53:
e4:36:1b:82:f5:54:19:d1:42:36:17:56:1b:ea:1c:
eb:32:a4:1a:2f:e9:d5:47:9e:ce:4f:14:1c:79:05:
0b:68:87:52:5b:7c:aa:01:93:3d:86:57:56:64:6e:
46:5f:b4:d4:1a:1d:8a:25:d6:cc:85:70:a6:0c:28:
0e:13:46:8c:6b:9b:f2:b1:fe:32:d4:7f:f3:36:7a:
8c:e9:b9:e2:b3:1d:6f:56:7d:9c:35:bc:9e:d7:be:
fa:d6:1a:43:ff:26:2c:52:e4:98:83:71:37:28:f7:
7f:ed:b1:10:4b:c8:c4:90:23:cb:9c:09:56:f4:84:
f9:93:c8:35:61:41:fb:9c:f7:e7:4e:53:87:a0:d7:
9e:8e:8c:a6:3a:ee:32:99:b6:95:1a:46:d7:a9:31:
e7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:35:83:EA:DB:D0:6D:68:54:D8:5C:63:B3:B1:85:60:1E:36:34:83
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/FECE379E1C6211F0813D21DADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.89.160.0/19
154.89.200.0/21
Signature Algorithm: sha256WithRSAEncryption
38:a0:11:8b:91:43:d4:71:97:1b:a1:6b:3b:ab:a8:b3:ab:1d:
d0:20:6a:b4:0f:c6:e3:a5:7f:0f:98:f9:ed:3e:01:dc:19:3a:
d0:5c:5a:78:a4:bc:5a:63:43:92:0e:f2:7f:21:80:de:e1:34:
03:42:a7:3a:1d:08:9a:64:46:af:b6:15:c0:c0:cc:c8:28:3a:
07:33:fb:33:b5:01:8f:03:c4:e3:f6:f9:ed:2c:3e:27:7c:c2:
15:f3:ee:00:c6:cd:68:af:e6:ba:f5:43:23:d6:a1:11:70:93:
2e:14:4c:ba:12:b6:9f:8c:42:3c:af:22:45:00:dc:2a:3f:a8:
3b:2d:8b:35:1e:09:09:e0:e6:9e:30:f7:a4:73:87:91:55:ed:
cb:bd:d5:3e:45:ca:f4:dc:9c:24:db:a7:ed:94:68:4d:a5:ae:
fc:74:95:32:2d:9c:be:7b:0c:5f:8e:a7:0f:08:9f:41:a6:7a:
15:7d:22:b1:45:35:90:f8:4c:48:03:fa:89:bd:a3:75:0b:7b:
07:1f:48:b8:ec:3d:fd:3b:8e:c4:44:fb:79:df:91:07:4e:83:
d9:10:2f:9a:a7:a5:fb:59:bb:20:55:a4:a2:5b:6e:05:d6:cf:
c7:54:6c:cc:27:8e:a1:a2:f0:8e:8d:bb:f4:75:3a:be:50:24:
c2:9d:c9:b0
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAXmzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE4MTQzOTUxWhcNMjUwNTI0MTQzOTUxWjAYMRYw
FAYDVQQDEw02ODAyNjQzYy0xNzExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8XsrsndL3/JO7G7po0WtACb2bqFI5eyDSUvfLE/ykXgFNg5CDuJyEqK
vMGZX0jaoMBA2XaDHf4FlHkCTqRSrdS2EgfUh+E0CW/yDntDzNUSkuhG7ZVGfNC2
EJrqIGYofggutDvfP1PkNhuC9VQZ0UI2F1Yb6hzrMqQaL+nVR57OTxQceQULaIdS
W3yqAZM9hldWZG5GX7TUGh2KJdbMhXCmDCgOE0aMa5vysf4y1H/zNnqM6bnisx1v
Vn2cNbye17761hpD/yYsUuSYg3E3KPd/7bEQS8jEkCPLnAlW9IT5k8g1YUH7nPfn
TlOHoNeejoymOu4ymbaVGkbXqTHnwwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFM01
g+rb0G1oVNhcY7OxhWAeNjSDMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GRUNFMzc5RTFDNjIxMUYwODEzRDIxREFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmlmgAwQDmlnIMA0GCSqG
SIb3DQEBCwUAA4IBAQA4oBGLkUPUcZcboWs7q6izqx3QIGq0D8bjpX8PmPntPgHc
GTrQXFp4pLxaY0OSDvJ/IYDe4TQDQqc6HQiaZEavthXAwMzIKDoHM/sztQGPA8Tj
9vntLD4nfMIV8+4Axs1or+a69UMj1qERcJMuFEy6ErafjEI8ryJFANwqP6g7LYs1
HgkJ4OaeMPekc4eRVe3LvdU+Rcr03Jwk26ftlGhNpa78dJUyLZy+ewxfjqcPCJ9B
pnoVfSKxRTWQ+ExIA/qJvaN1C3sHH0i47D39O47ERPt535EHToPZEC+ap6X7Wbsg
VaSiW24F1s/HVGzMJ46hovCOjbv0dTq+UCTCncmw
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:10:59 2025 by rpki-client on console.sobornost.net