Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/551ECE4A490B11F083999ADBDAE4EC9C.roa
File: 551ECE4A490B11F083999ADBDAE4EC9C.roa (raw, json)
Hash identifier: 6NS4iTWj1kCGEgiCBiHvOuDJ98KynjRdFj/VvSJMFgI=
Subject key identifier: A4:B9:5D:39:83:E1:73:47:C6:CD:EA:25:3C:C9:89:1F:F2:D2:BC:49
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018690
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/551ECE4A490B11F083999ADBDAE4EC9C.roa
Signing time: Sat 14 Jun 2025 10:35:47 +0000
ROA not before: Sat 14 Jun 2025 10:35:42 +0000
ROA not after: Sun 22 Jun 2025 10:35:42 +0000
asID: 134687
IP address blocks: 154.197.36.0/24 maxlen: 24
154.197.37.0/24 maxlen: 24
154.197.38.0/24 maxlen: 24
154.197.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99984 (0x18690)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 14 10:35:42 2025 GMT
Not After : Jun 22 10:35:42 2025 GMT
Subject: CN=684d5083-2527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1c:cf:03:e9:3f:35:75:e2:a5:fb:59:77:1b:
4a:70:62:2e:b9:95:1b:68:c8:50:88:d8:8e:4f:75:
3e:9a:48:ea:67:41:6c:50:16:4c:ef:86:58:05:83:
4b:26:98:8c:7f:60:07:b7:f8:c4:d6:f3:83:7d:bc:
ba:4a:f3:8e:29:a3:91:59:fe:07:dc:74:0f:51:b7:
4b:a6:39:3b:e4:16:fc:bf:7c:b3:04:22:8c:e2:ad:
64:e3:33:14:ed:ff:da:eb:b9:74:65:2b:4b:59:75:
fe:58:4c:00:8c:80:2b:bc:49:58:bf:bf:8d:c6:e8:
6b:4a:93:4f:e8:ac:e1:0d:2b:27:2f:b2:13:12:33:
e2:0e:fc:aa:44:4b:a2:bb:3e:8e:a3:f6:4e:b7:86:
b6:47:10:72:0f:87:70:22:a2:e3:27:34:7d:34:0a:
cf:bb:f9:1a:a7:e9:9f:94:67:3e:e2:14:38:1c:21:
3b:86:83:31:44:90:94:1f:9c:8f:66:21:29:d1:85:
5d:9c:83:b2:0f:8f:af:2e:1b:6d:c9:ed:b0:eb:99:
03:ba:7e:78:2e:8e:de:28:cd:ab:4f:21:32:9b:6b:
4b:f2:12:b2:bc:5b:e0:57:b2:a2:fb:21:92:4c:c2:
66:a4:84:b3:01:c6:a1:60:91:dc:88:b6:63:5f:cb:
6b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B9:5D:39:83:E1:73:47:C6:CD:EA:25:3C:C9:89:1F:F2:D2:BC:49
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/551ECE4A490B11F083999ADBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.36.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:17:d3:0b:5c:aa:b8:58:bc:39:79:c0:87:ae:0f:02:b0:06:
e8:7a:8a:7b:1d:fd:cb:56:54:1b:68:a7:67:ac:31:ea:08:2b:
6f:3a:82:45:b9:58:83:04:06:d6:11:ee:4f:ea:a3:76:42:81:
ea:99:b2:0b:90:e3:1f:3b:37:e9:a0:ef:fb:7b:7d:0a:be:99:
73:e3:9c:93:40:01:c3:fc:b8:bb:48:97:a3:5f:e5:70:33:d1:
f4:76:0f:b4:05:03:68:42:3d:7d:2a:6c:70:94:e5:77:f9:c6:
5b:15:58:ae:9a:a4:a1:e2:54:3f:6f:04:c9:d4:bc:ec:24:c2:
88:8d:2d:90:b8:53:d9:78:07:18:3a:54:25:b8:fe:9e:39:04:
68:f5:01:d0:e9:5e:b0:15:65:ab:9b:35:8b:6c:2f:d7:e9:a9:
90:b8:79:33:fd:9a:08:9d:e0:74:69:17:31:08:44:4c:b0:25:
c2:aa:50:36:95:51:03:7b:02:cc:29:f6:50:bb:f6:77:b2:21:
97:bd:fa:3c:bf:91:f8:00:ff:fe:d9:89:72:a8:c2:30:38:ea:
f1:ae:bf:2e:55:4d:d8:58:c3:c3:02:cd:70:a1:13:56:8b:27:
c8:8a:22:37:2b:be:44:4d:34:1d:2e:0a:41:3c:69:25:7c:70:
7d:03:63:4f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYaQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjE0MTAzNTQyWhcNMjUwNjIyMTAzNTQyWjAYMRYw
FAYDVQQDEw02ODRkNTA4My0yNTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwxzPA+k/NXXipftZdxtKcGIuuZUbaMhQiNiOT3U+mkjqZ0FsUBZM74ZY
BYNLJpiMf2AHt/jE1vODfby6SvOOKaORWf4H3HQPUbdLpjk75Bb8v3yzBCKM4q1k
4zMU7f/a67l0ZStLWXX+WEwAjIArvElYv7+NxuhrSpNP6KzhDSsnL7ITEjPiDvyq
REuiuz6Oo/ZOt4a2RxByD4dwIqLjJzR9NArPu/kap+mflGc+4hQ4HCE7hoMxRJCU
H5yPZiEp0YVdnIOyD4+vLhttye2w65kDun54Lo7eKM2rTyEym2tL8hKyvFvgV7Ki
+yGSTMJmpISzAcahYJHciLZjX8trEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKS5
XTmD4XNHxs3qJTzJiR/y0rxJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NTFFQ0U0QTQ5MEIxMUYwODM5OTlBREJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsUkMA0GCSqGSIb3DQEB
CwUAA4IBAQANF9MLXKq4WLw5ecCHrg8CsAboeop7Hf3LVlQbaKdnrDHqCCtvOoJF
uViDBAbWEe5P6qN2QoHqmbILkOMfOzfpoO/7e30Kvplz45yTQAHD/Li7SJejX+Vw
M9H0dg+0BQNoQj19KmxwlOV3+cZbFViumqSh4lQ/bwTJ1LzsJMKIjS2QuFPZeAcY
OlQluP6eOQRo9QHQ6V6wFWWrmzWLbC/X6amQuHkz/ZoIneB0aRcxCERMsCXCqlA2
lVEDewLMKfZQu/Z3siGXvfo8v5H4AP/+2YlyqMIwOOrxrr8uVU3YWMPDAs1woRNW
iyfIiiI3K75ETTQdLgpBPGklfHB9A2NP
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:04:46 2025 by rpki-client