Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/55A3739A242911F0B81A07E0DAE4EC9C.roa
File: 55A3739A242911F0B81A07E0DAE4EC9C.roa (raw, json)
Hash identifier: T052cYLZ51nizyxI5hu2DbRlwzxAVIT8sMgdoF/wNbY=
Subject key identifier: 11:92:EE:A1:DE:48:BF:CF:81:A4:76:BF:93:F7:EF:97:0B:39:B3:8B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017B94
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/55A3739A242911F0B81A07E0DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 12:07:20 +0000
ROA not before: Mon 28 Apr 2025 12:07:15 +0000
ROA not after: Sun 19 Mar 2028 12:07:15 +0000
asID: 17561
IP address blocks: 154.207.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97172 (0x17b94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 12:07:15 2025 GMT
Not After : Mar 19 12:07:15 2028 GMT
Subject: CN=680f6f78-87ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:06:74:83:00:fc:e8:11:ae:aa:fd:a3:4f:a2:
18:04:56:1a:11:c4:56:fa:7b:94:27:9b:b0:fa:b4:
2c:6f:08:f4:d3:4c:1d:21:5a:ec:d3:a3:95:13:15:
69:4e:83:64:56:bd:0a:c8:30:58:29:49:6a:2e:8e:
48:d0:93:d6:1b:56:9a:47:70:b5:6e:63:44:84:9f:
cf:35:1a:96:47:16:ef:c5:0b:4c:67:a3:90:4c:71:
9d:7c:a5:fd:93:e6:fe:68:31:3c:ad:76:09:a2:e1:
2a:2b:c1:36:c0:fb:fa:a3:ee:65:c8:d3:2c:67:42:
8e:8f:26:09:81:1d:7a:af:29:fc:2f:d0:3b:aa:92:
36:17:6c:73:c3:51:41:70:06:c6:e4:24:c8:b0:b1:
0d:f8:02:06:46:fa:74:36:ac:96:e5:94:0c:ce:d0:
98:a7:2c:d9:cc:3c:c2:d9:35:9d:a9:68:d6:52:60:
cb:78:95:36:43:66:cb:e8:b1:fe:52:07:b5:e1:2d:
f1:ee:aa:f7:6b:d6:fe:17:65:df:9a:ef:f7:2e:68:
49:43:fc:32:97:fd:13:57:db:f0:20:79:93:90:b2:
ba:f3:7f:24:98:fc:b3:7a:62:32:ec:9e:92:0c:13:
95:1c:62:18:6b:df:91:e2:8c:69:7a:ef:d0:17:1a:
43:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:92:EE:A1:DE:48:BF:CF:81:A4:76:BF:93:F7:EF:97:0B:39:B3:8B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/55A3739A242911F0B81A07E0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.207.91.0/24
Signature Algorithm: sha256WithRSAEncryption
24:a2:3e:fc:fa:89:8f:64:fe:a0:b9:95:27:1a:a9:5a:b9:87:
4f:f8:79:90:7b:57:aa:04:20:14:b3:04:11:32:d0:77:3c:53:
43:24:58:82:8e:8a:40:15:35:f9:30:d4:7e:cb:ad:4c:7c:ef:
3f:cb:b4:a8:65:45:fd:10:36:7b:75:4f:0a:2b:f6:ac:f8:54:
07:15:0a:4a:fa:b6:2d:86:25:d0:b2:0c:08:b5:9b:e5:9b:8c:
a9:61:ee:a5:8c:fa:1a:d7:f8:b4:6d:77:41:f3:31:e9:3c:c7:
79:cd:3f:b0:9d:04:d6:94:61:ad:90:bd:06:20:9d:f1:78:36:
12:56:1c:4f:c2:bd:a8:2c:ef:4d:82:5b:84:37:2b:1d:3f:85:
28:fd:44:0d:e0:44:39:0f:87:d1:fc:8f:25:9f:63:48:2d:c1:
c6:5b:3b:28:12:cf:bd:66:91:6e:c0:0a:72:bd:f5:4b:78:b1:
7d:dc:93:f0:6f:7d:12:fe:4c:3a:39:46:91:2d:ef:d4:88:70:
3c:66:53:67:e4:c7:68:b6:ee:09:31:79:21:60:6f:2a:16:24:
08:38:9a:f2:8c:78:d3:d7:50:c6:26:66:9c:13:23:24:2a:b5:
71:5c:e8:26:4d:42:df:12:88:0e:3c:92:a7:a4:c0:54:1f:22:
e2:15:e1:f9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXuUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTIwNzE1WhcNMjgwMzE5MTIwNzE1WjAYMRYw
FAYDVQQDEw02ODBmNmY3OC04N2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApgZ0gwD86BGuqv2jT6IYBFYaEcRW+nuUJ5uw+rQsbwj000wdIVrs06OV
ExVpToNkVr0KyDBYKUlqLo5I0JPWG1aaR3C1bmNEhJ/PNRqWRxbvxQtMZ6OQTHGd
fKX9k+b+aDE8rXYJouEqK8E2wPv6o+5lyNMsZ0KOjyYJgR16ryn8L9A7qpI2F2xz
w1FBcAbG5CTIsLEN+AIGRvp0NqyW5ZQMztCYpyzZzDzC2TWdqWjWUmDLeJU2Q2bL
6LH+Uge14S3x7qr3a9b+F2Xfmu/3LmhJQ/wyl/0TV9vwIHmTkLK6838kmPyzemIy
7J6SDBOVHGIYa9+R4oxpeu/QFxpDhwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBGS
7qHeSL/PgaR2v5P375cLObOLMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NUEzNzM5QTI0MjkxMUYwQjgxQTA3RTBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms9bMA0GCSqGSIb3DQEB
CwUAA4IBAQAkoj78+omPZP6guZUnGqlauYdP+HmQe1eqBCAUswQRMtB3PFNDJFiC
jopAFTX5MNR+y61MfO8/y7SoZUX9EDZ7dU8KK/as+FQHFQpK+rYthiXQsgwItZvl
m4ypYe6ljPoa1/i0bXdB8zHpPMd5zT+wnQTWlGGtkL0GIJ3xeDYSVhxPwr2oLO9N
gluENysdP4Uo/UQN4EQ5D4fR/I8ln2NILcHGWzsoEs+9ZpFuwApyvfVLeLF93JPw
b30S/kw6OUaRLe/UiHA8ZlNn5Mdotu4JMXkhYG8qFiQIOJryjHjT11DGJmacEyMk
KrVxXOgmTULfEogOPJKnpMBUHyLiFeH5
-----END CERTIFICATE-----
Generated at Mon May 12 19:25:56 2025 by rpki-client