Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/55CDD89A11F711F0970EE756762E951A.roa
File: 55CDD89A11F711F0970EE756762E951A.roa (raw, json)
Hash identifier: ODqQuzYLMu2eX/P/fYtU6l1nceLek/NdsDew10BYGG8=
Subject key identifier: DD:7A:07:BA:38:7F:A5:6B:C8:E9:64:32:BA:C7:03:12:DD:6A:F6:EA
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0177D5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/55CDD89A11F711F0970EE756762E951A.roa
Signing time: Sat 05 Apr 2025 08:24:04 +0000
ROA not before: Sat 05 Apr 2025 08:23:58 +0000
ROA not after: Sat 10 May 2025 08:23:58 +0000
asID: 203020
IP address blocks: 154.217.16.0/24 maxlen: 24
154.217.17.0/24 maxlen: 24
154.217.18.0/24 maxlen: 24
154.217.19.0/24 maxlen: 24
154.217.20.0/24 maxlen: 24
154.217.49.0/24 maxlen: 24
154.217.50.0/24 maxlen: 24
154.217.51.0/24 maxlen: 24
154.217.52.0/24 maxlen: 24
154.217.53.0/24 maxlen: 24
154.217.54.0/24 maxlen: 24
154.217.55.0/24 maxlen: 24
154.217.56.0/24 maxlen: 24
154.217.57.0/24 maxlen: 24
154.217.58.0/24 maxlen: 24
154.217.59.0/24 maxlen: 24
154.217.60.0/24 maxlen: 24
154.217.61.0/24 maxlen: 24
154.217.62.0/24 maxlen: 24
154.217.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 13:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96213 (0x177d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 5 08:23:58 2025 GMT
Not After : May 10 08:23:58 2025 GMT
Subject: CN=67f0e8a4-d842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6d:31:f0:89:31:c4:37:b8:3f:7f:e4:9f:34:
a2:b0:36:f3:ee:38:4c:23:9e:eb:23:83:29:cd:ee:
dd:ed:3b:d6:dd:48:6e:d7:20:de:98:6f:68:44:ad:
0d:cb:d2:62:f0:39:4d:d4:23:8b:c1:cd:5c:e9:b2:
5b:14:11:4b:2e:26:b1:62:ce:b0:99:b1:63:e5:b6:
53:f2:8d:e9:a6:f0:ad:e3:84:2f:31:a7:78:c2:2d:
5f:c6:68:5e:fa:68:b8:c8:91:b1:88:9d:b8:11:02:
72:63:cb:c4:c8:40:9b:80:71:0c:89:99:1a:17:23:
2d:65:92:10:54:d2:e7:43:91:49:95:e7:d0:af:09:
ff:bc:a9:04:c7:97:b4:57:6f:3a:c0:89:de:22:06:
60:d3:02:d3:af:5c:27:02:d4:a6:e3:4b:f7:32:4d:
5d:f3:b2:47:54:d5:0b:74:c6:9c:fe:b5:37:5f:4e:
ce:73:8b:f5:28:7b:1d:bf:2b:9d:fd:da:f4:a5:fd:
18:8e:77:cc:6b:5d:50:4c:e8:4c:f9:58:8a:82:27:
b2:5e:8c:85:07:a4:fb:e9:38:00:69:df:c6:55:75:
46:1b:1d:29:48:02:d1:c5:bf:46:2d:8c:84:0a:28:
ef:30:3a:1e:8f:5a:5d:7b:05:e3:eb:8b:07:de:19:
6d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7A:07:BA:38:7F:A5:6B:C8:E9:64:32:BA:C7:03:12:DD:6A:F6:EA
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/55CDD89A11F711F0970EE756762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.16.0-154.217.20.255
154.217.49.0-154.217.63.255
Signature Algorithm: sha256WithRSAEncryption
16:7f:a8:fe:05:0a:09:21:cf:88:f8:4b:9b:63:a3:4e:36:14:
f8:39:46:b0:30:03:1c:c9:32:a2:70:c4:32:c9:92:df:53:f6:
33:3d:de:d4:f3:32:d4:6b:76:32:7d:cd:3b:29:0c:ba:7d:80:
6e:ac:76:ad:2e:de:e5:da:b4:a8:b4:61:b0:01:91:5c:39:36:
8f:7d:b8:a4:82:e8:00:47:7a:a3:60:da:9b:11:8f:7b:04:da:
17:a2:21:b0:db:28:61:33:02:0a:96:df:26:42:87:ef:80:96:
38:e5:38:df:40:a0:df:dd:c0:e7:1c:4f:1b:0d:80:75:6e:cb:
7f:b9:c1:9e:e7:69:2d:56:97:55:05:87:60:a4:be:05:f9:3c:
b2:fd:10:8e:c6:59:96:ed:69:26:45:65:47:9c:39:e2:e8:bc:
ef:e7:7f:57:ed:36:b6:90:5e:10:75:85:ee:57:84:e0:aa:2d:
c7:5d:e9:62:a7:0e:dc:be:82:3f:4b:bd:6d:4e:89:e4:06:5e:
b6:29:42:70:be:8e:ea:8a:cc:7b:87:fa:f3:44:7b:19:ff:c7:
50:e3:9e:41:c5:3c:3b:7e:9b:44:6f:35:a7:4f:a3:38:ca:9d:
57:ec:8b:38:de:21:d8:de:d0:47:0e:88:10:f2:cc:5d:63:7e:
54:bc:74:4a
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIDAXfVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA1MDgyMzU4WhcNMjUwNTEwMDgyMzU4WjAYMRYw
FAYDVQQDEw02N2YwZThhNC1kODQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyW0x8IkxxDe4P3/knzSisDbz7jhMI57rI4Mpze7d7TvW3Uhu1yDemG9o
RK0Ny9Ji8DlN1COLwc1c6bJbFBFLLiaxYs6wmbFj5bZT8o3ppvCt44QvMad4wi1f
xmhe+mi4yJGxiJ24EQJyY8vEyECbgHEMiZkaFyMtZZIQVNLnQ5FJlefQrwn/vKkE
x5e0V286wIneIgZg0wLTr1wnAtSm40v3Mk1d87JHVNULdMac/rU3X07Oc4v1KHsd
vyud/dr0pf0YjnfMa11QTOhM+ViKgieyXoyFB6T76TgAad/GVXVGGx0pSALRxb9G
LYyECijvMDoej1pdewXj64sH3hlt9QIDAQABo4ICuzCCArcwHQYDVR0OBBYEFN16
B7o4f6VryOlkMrrHAxLdavbqMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81NUNERDg5QTExRjcxMUYwOTcwRUU3NTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBASa2RADBACa2RQwDAME
AJrZMQMEBprZADANBgkqhkiG9w0BAQsFAAOCAQEAFn+o/gUKCSHPiPhLm2OjTjYU
+DlGsDADHMkyonDEMsmS31P2Mz3e1PMy1Gt2Mn3NOykMun2Abqx2rS7e5dq0qLRh
sAGRXDk2j324pILoAEd6o2DamxGPewTaF6IhsNsoYTMCCpbfJkKH74CWOOU430Cg
393A5xxPGw2AdW7Lf7nBnudpLVaXVQWHYKS+Bfk8sv0QjsZZlu1pJkVlR5w54ui8
7+d/V+02tpBeEHWF7leE4Kotx13pYqcO3L6CP0u9bU6J5AZetilCcL6O6orMe4f6
80R7Gf/HUOOeQcU8O36bRG81p0+jOMqdV+yLON4h2N7QRw6IEPLMXWN+VLx0Sg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:14:10 2025 by rpki-client on console.sobornost.net