Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F55C1B1E45D311F08C7CE0DFDAE4EC9C.roa
File: F55C1B1E45D311F08C7CE0DFDAE4EC9C.roa (raw, json)
Hash identifier: KyWx71rrfxhOt9YklgmKW8avjCxjFWaKd1AJApR7jVo=
Subject key identifier: C4:B1:77:65:CB:83:E9:16:09:3A:F2:9E:80:5C:45:7D:3E:36:4D:61
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0185AB
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F55C1B1E45D311F08C7CE0DFDAE4EC9C.roa
Signing time: Tue 10 Jun 2025 08:21:51 +0000
ROA not before: Tue 10 Jun 2025 08:21:46 +0000
ROA not after: Wed 10 Jun 2026 08:21:46 +0000
asID: 153706
IP address blocks: 154.193.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99755 (0x185ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 10 08:21:46 2025 GMT
Not After : Jun 10 08:21:46 2026 GMT
Subject: CN=6847eb1f-1137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2e:59:26:24:74:86:a9:9e:6e:3b:a0:e6:b7:
e8:5d:1e:f4:09:98:44:81:21:13:7d:9e:80:9e:07:
44:96:96:a4:62:1a:19:1e:e1:5a:56:e8:4b:df:f8:
49:c0:71:c9:e6:bb:8a:2d:4c:b1:d1:76:2d:85:68:
e6:9a:53:c0:71:dd:ea:e9:21:a8:01:e8:fa:37:f6:
85:15:e1:84:35:e8:16:6d:b4:b9:28:68:f9:fc:ae:
a1:95:17:7a:c1:72:a1:8c:95:cb:9a:92:b1:2e:2d:
88:13:8f:a0:85:3c:9f:65:78:7e:fd:2f:7b:1b:38:
83:f7:94:9f:fc:e7:25:7f:67:b1:55:41:57:cd:3a:
4a:48:c4:aa:9e:2d:04:a8:6c:f8:75:66:44:17:42:
6a:7a:74:e7:70:82:dc:91:ae:c2:3f:aa:11:cf:af:
fb:31:65:64:03:f4:84:fd:9a:91:2d:46:96:3c:d9:
2a:9c:9b:a5:49:a3:e8:c8:7e:58:e2:0d:40:74:65:
08:98:38:5a:41:81:c4:80:48:86:10:9b:a8:75:f7:
22:d2:72:db:27:43:d6:fa:2d:ab:1f:43:2e:ae:f0:
c1:05:bb:6a:28:7c:7a:ad:ef:12:dd:98:43:ce:52:
58:d1:c8:f5:e5:df:80:14:5d:78:09:ea:8a:21:f5:
55:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B1:77:65:CB:83:E9:16:09:3A:F2:9E:80:5C:45:7D:3E:36:4D:61
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F55C1B1E45D311F08C7CE0DFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.247.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:26:b8:9d:cd:d5:d4:53:79:11:98:87:e6:c3:85:08:3b:29:
87:dd:04:9e:48:62:4d:f9:2f:e2:d7:24:41:03:f0:af:91:16:
41:96:15:5e:7c:fe:51:74:8c:a0:a7:fe:96:50:21:e1:45:08:
4d:6c:80:24:87:c0:bb:c9:5f:29:cd:da:f7:d8:d2:52:b0:70:
64:58:e0:02:37:4f:91:cf:5f:fe:9c:3e:fe:b9:e7:c6:e3:d2:
b4:3b:09:33:fd:08:d8:03:3c:20:99:7c:1c:9e:6b:7f:2e:5c:
fb:30:74:51:15:4d:7b:4c:58:14:f6:5a:30:cf:6a:ce:1f:fa:
03:6b:c1:39:9e:86:ce:dd:0b:07:57:75:3a:eb:e7:89:37:72:
9b:99:2a:dc:1a:1a:10:19:c4:49:bf:ca:73:2d:28:2a:aa:ca:
f3:5e:ce:f0:47:99:4b:62:63:fe:ce:67:e4:94:73:b2:63:cf:
74:1d:f6:6d:b3:5a:60:cf:02:2f:9f:53:de:c5:b3:79:86:ee:
0f:03:68:54:0f:24:09:30:ed:11:ba:7f:72:ef:5c:57:dd:4a:
cf:9f:f2:6b:91:30:ff:d8:75:b9:7e:f3:99:75:eb:7c:04:9e:
1b:2d:1d:eb:de:b4:f7:4d:fa:2c:c2:d2:49:02:84:d3:1a:aa:
14:f7:de:44
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYWrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjEwMDgyMTQ2WhcNMjYwNjEwMDgyMTQ2WjAYMRYw
FAYDVQQDEw02ODQ3ZWIxZi0xMTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAty5ZJiR0hqmebjug5rfoXR70CZhEgSETfZ6AngdElpakYhoZHuFaVuhL
3/hJwHHJ5ruKLUyx0XYthWjmmlPAcd3q6SGoAej6N/aFFeGENegWbbS5KGj5/K6h
lRd6wXKhjJXLmpKxLi2IE4+ghTyfZXh+/S97GziD95Sf/Oclf2exVUFXzTpKSMSq
ni0EqGz4dWZEF0JqenTncILcka7CP6oRz6/7MWVkA/SE/ZqRLUaWPNkqnJulSaPo
yH5Y4g1AdGUImDhaQYHEgEiGEJuodfci0nLbJ0PW+i2rH0MurvDBBbtqKHx6re8S
3ZhDzlJY0cj15d+AFF14CeqKIfVVwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFMSx
d2XLg+kWCTrynoBcRX0+Nk1hMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNTVDMUIxRTQ1RDMxMUYwOEM3Q0UwREZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsH3MA0GCSqGSIb3DQEB
CwUAA4IBAQAOJridzdXUU3kRmIfmw4UIOymH3QSeSGJN+S/i1yRBA/CvkRZBlhVe
fP5RdIygp/6WUCHhRQhNbIAkh8C7yV8pzdr32NJSsHBkWOACN0+Rz1/+nD7+uefG
49K0Owkz/QjYAzwgmXwcnmt/Llz7MHRRFU17TFgU9lowz2rOH/oDa8E5nobO3QsH
V3U66+eJN3KbmSrcGhoQGcRJv8pzLSgqqsrzXs7wR5lLYmP+zmfklHOyY890HfZt
s1pgzwIvn1PexbN5hu4PA2hUDyQJMO0Run9y71xX3UrPn/JrkTD/2HW5fvOZdet8
BJ4bLR3r3rT3TfoswtJJAoTTGqoU995E
-----END CERTIFICATE-----
Generated at Sun Jun 15 05:32:46 2025 by rpki-client