Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/551FF1C81A0111F0B38D6B176EB8BCC6.roa
File: 551FF1C81A0111F0B38D6B176EB8BCC6.roa (raw, json)
Hash identifier: RETijn1A+UekrBWNoEpzKD+pFx2iu4VxWccZ1HPEBsI=
Subject key identifier: 99:B6:67:9E:CC:C1:10:C4:CD:9A:AB:69:FD:5F:D0:3D:23:8C:E6:9C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017947
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/551FF1C81A0111F0B38D6B176EB8BCC6.roa
Signing time: Tue 15 Apr 2025 13:55:48 +0000
ROA not before: Tue 15 Apr 2025 13:55:41 +0000
ROA not after: Wed 21 May 2025 13:55:41 +0000
asID: 209242
IP address blocks: 154.198.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96583 (0x17947)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 15 13:55:41 2025 GMT
Not After : May 21 13:55:41 2025 GMT
Subject: CN=67fe6564-fddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bc:6a:a9:98:e5:ec:21:4c:17:1a:98:c9:68:
3f:6a:30:bb:70:ab:e1:de:3b:8c:a3:a6:36:ba:00:
63:76:6e:11:b5:91:7a:91:08:81:43:71:c8:08:fe:
5c:41:28:08:7c:61:42:b9:26:37:aa:10:c4:85:4b:
a7:7b:7e:22:a6:ee:b0:58:3d:00:50:a4:bc:53:04:
99:0d:69:45:d5:47:11:9e:55:84:f9:9c:e1:6a:30:
fb:fc:dc:62:77:66:15:31:2d:7a:fb:ae:e7:7f:e1:
43:c5:2f:e4:5b:fd:10:31:a2:05:2f:47:70:99:11:
e9:b3:da:09:f5:54:29:06:2f:3a:ca:a0:0b:7c:45:
a0:0a:c0:c4:c1:be:00:77:f1:2a:b8:6f:27:3b:9c:
f9:07:d3:a8:ee:f5:73:c4:9c:0b:b1:fc:0a:58:a1:
2c:0c:7d:27:95:06:c2:56:17:07:81:52:6b:80:52:
d6:65:63:7a:64:d5:2b:3a:dd:d2:cd:cc:0b:4c:2d:
78:0c:61:81:3f:9d:40:8a:01:0f:c9:20:e0:9b:f5:
fc:98:cd:21:52:79:df:d2:ca:fb:b7:d9:9e:89:9c:
ca:fe:62:21:c7:de:98:31:d8:47:13:ee:52:6e:41:
ef:6a:22:40:09:b4:b5:64:3c:a0:ac:24:9f:59:6f:
6f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B6:67:9E:CC:C1:10:C4:CD:9A:AB:69:FD:5F:D0:3D:23:8C:E6:9C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/551FF1C81A0111F0B38D6B176EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.173.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:34:bc:fc:02:87:fb:4d:6f:e0:61:33:43:93:00:03:a7:c4:
33:87:7d:a1:7b:21:af:12:15:be:5d:bb:2f:79:0d:d4:6d:2b:
d4:0b:9c:e8:bf:c4:95:6b:f7:9d:39:0a:6f:70:00:72:a9:6c:
0d:dd:e5:de:10:29:fb:78:11:fb:e0:4e:05:85:a9:3e:da:e0:
9f:d3:4a:7f:95:de:6b:54:10:a4:27:1c:8d:a3:66:98:1c:70:
dd:56:7e:dc:df:a7:a1:23:32:32:7f:58:a7:09:26:1a:27:31:
1f:52:07:dc:3b:04:a8:18:e2:75:9d:77:39:4c:58:2f:1c:9f:
e2:d2:87:d4:56:04:b6:53:e6:53:94:cd:2f:67:45:14:83:b0:
ba:d2:f8:e9:a1:b5:04:6f:c8:b2:2f:16:67:4f:82:05:20:f3:
8e:3a:67:7f:7e:b2:ec:24:e9:26:c7:f2:e4:a5:4e:71:dd:33:
6e:9e:9b:d4:98:1b:fd:d1:d9:45:3c:1a:10:82:07:9b:27:9e:
4d:b3:a6:ec:94:90:4d:39:ca:ff:0d:55:5a:0b:b1:0c:c6:ce:
0d:40:43:6e:d8:b9:58:12:23:c4:16:d7:d5:0f:dc:ce:f9:42:
df:8b:b8:d1:e6:11:ab:9c:09:a5:4f:10:db:67:5c:55:8b:c2:
b5:c8:91:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXlHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDE1MTM1NTQxWhcNMjUwNTIxMTM1NTQxWjAYMRYw
FAYDVQQDEw02N2ZlNjU2NC1mZGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAkLxqqZjl7CFMFxqYyWg/ajC7cKvh3juMo6Y2ugBjdm4RtZF6kQiBQ3HI
CP5cQSgIfGFCuSY3qhDEhUune34ipu6wWD0AUKS8UwSZDWlF1UcRnlWE+ZzhajD7
/Nxid2YVMS16+67nf+FDxS/kW/0QMaIFL0dwmRHps9oJ9VQpBi86yqALfEWgCsDE
wb4Ad/EquG8nO5z5B9Oo7vVzxJwLsfwKWKEsDH0nlQbCVhcHgVJrgFLWZWN6ZNUr
Ot3SzcwLTC14DGGBP51AigEPySDgm/X8mM0hUnnf0sr7t9meiZzK/mIhx96YMdhH
E+5SbkHvaiJACbS1ZDygrCSfWW9vTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJm2
Z57MwRDEzZqraf1f0D0jjOacMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NTFGRjFDODFBMDExMUYwQjM4RDZCMTc2RUI4QkNDNi5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsatMA0GCSqGSIb3DQEB
CwUAA4IBAQAMNLz8Aof7TW/gYTNDkwADp8Qzh32heyGvEhW+XbsveQ3UbSvUC5zo
v8SVa/edOQpvcAByqWwN3eXeECn7eBH74E4Fhak+2uCf00p/ld5rVBCkJxyNo2aY
HHDdVn7c36ehIzIyf1inCSYaJzEfUgfcOwSoGOJ1nXc5TFgvHJ/i0ofUVgS2U+ZT
lM0vZ0UUg7C60vjpobUEb8iyLxZnT4IFIPOOOmd/frLsJOkmx/LkpU5x3TNunpvU
mBv90dlFPBoQggebJ55Ns6bslJBNOcr/DVVaC7EMxs4NQENu2LlYEiPEFtfVD9zO
+ULfi7jR5hGrnAmlTxDbZ1xVi8K1yJGg
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:03:48 2025 by rpki-client on console.sobornost.net