Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9387CF66ED911F08660F8DFDAE4EC9C.roa
File: C9387CF66ED911F08660F8DFDAE4EC9C.roa (raw, json)
Hash identifier: S+GE8vozeSQCB565XsenYPNlRRAN/8bsqIXZ4DVA1Qs=
Subject key identifier: C7:BD:B3:91:50:0C:FB:D0:FD:A7:F5:7D:BD:5F:C7:7B:10:1D:1B:C0
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1B92
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9387CF66ED911F08660F8DFDAE4EC9C.roa
Signing time: Fri 01 Aug 2025 13:16:51 +0000
ROA not before: Fri 01 Aug 2025 13:16:46 +0000
ROA not after: Sun 01 Aug 2027 13:16:46 +0000
asID: 29802
IP address blocks: 154.16.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 10 Aug 2025 00:09:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7058 (0x1b92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Aug 1 13:16:46 2025 GMT
Not After : Aug 1 13:16:46 2027 GMT
Subject: CN=688cbe43-d2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e4:f6:8e:75:b4:93:b2:89:74:0d:fb:36:6f:
ac:f4:98:91:ec:f6:c4:7c:ba:62:ef:f3:ed:13:b4:
06:0a:02:04:81:dd:41:37:8e:17:6d:03:c0:98:d8:
69:a3:c7:fe:c8:0f:2a:aa:f5:45:a1:e0:63:1d:81:
9b:73:32:19:e0:6e:ff:4d:c1:77:f9:66:37:b3:85:
84:6e:a1:9c:bb:d2:8e:68:59:97:1c:0f:95:68:d5:
be:0a:61:c0:6e:35:4b:47:4f:83:da:2b:86:88:f3:
2c:23:75:d4:82:46:7f:89:bc:ec:5f:8b:81:53:db:
d8:78:66:3a:a1:01:22:81:93:49:95:86:00:b6:fa:
a2:cd:bc:8b:a5:3c:21:75:52:48:25:ab:f1:20:f9:
23:63:fd:3e:30:95:99:b2:38:68:68:2e:6c:f2:3e:
d7:63:b5:b3:c9:02:ff:33:75:c1:92:d5:48:4e:32:
b1:76:e3:cd:ba:04:26:12:77:97:33:71:4b:c2:98:
4b:8e:08:e0:37:94:70:10:0c:8a:68:9e:7b:13:4e:
ef:04:6a:ae:29:59:60:b7:2a:a3:17:eb:52:c9:46:
ae:17:84:6e:f4:53:63:1e:4b:4c:4f:80:15:8e:37:
8d:97:c6:31:2c:58:da:d4:10:09:27:2b:c1:ae:1b:
83:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BD:B3:91:50:0C:FB:D0:FD:A7:F5:7D:BD:5F:C7:7B:10:1D:1B:C0
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C9387CF66ED911F08660F8DFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.82.0/24
Signature Algorithm: sha256WithRSAEncryption
70:6c:aa:a3:bf:8d:32:10:7a:38:15:c2:d9:d2:7c:b0:ba:fa:
e6:fa:64:52:ae:b3:ae:53:81:fe:43:d0:1f:67:76:a7:c9:4c:
56:c9:b4:0a:53:8d:23:35:f2:b6:a0:1c:a4:1b:49:1a:4c:2c:
68:5c:67:90:19:a7:29:22:37:07:bd:39:08:9f:4c:02:72:b2:
04:46:b9:11:0b:f1:7b:70:61:24:ef:17:dc:62:7a:35:79:2c:
cf:a3:68:dc:c8:6d:f3:27:ab:9f:3e:d0:1d:ec:4c:17:f6:fc:
89:51:09:33:16:7f:8d:cd:8f:53:27:4b:22:cc:ed:78:37:23:
bd:95:9f:b3:01:cb:d8:74:68:6b:56:c0:4c:10:0a:2e:b6:c2:
09:57:c0:2c:5c:cf:e8:f3:10:6f:64:df:19:23:26:18:4a:b7:
10:73:52:4f:80:d4:b8:b3:cf:29:c2:4b:7b:db:03:cc:6d:b8:
75:33:17:b4:8c:46:8d:e1:84:8a:b2:0e:d9:a3:03:7f:03:06:
b7:1e:b1:7c:98:c6:3a:9f:72:0c:51:c8:03:e3:9e:bf:4f:2d:
30:8b:d4:44:a0:1c:a1:31:94:b6:aa:61:48:05:13:e2:8c:0d:
0c:30:b8:a8:66:3a:01:0b:02:4f:cd:8a:79:ae:74:82:70:60:
46:fb:10:91
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICG5IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA4MDExMzE2NDZaFw0yNzA4MDExMzE2NDZaMBgxFjAU
BgNVBAMTDTY4OGNiZTQzLWQyZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDP5PaOdbSTsol0Dfs2b6z0mJHs9sR8umLv8+0TtAYKAgSB3UE3jhdtA8CY
2Gmjx/7IDyqq9UWh4GMdgZtzMhngbv9NwXf5ZjezhYRuoZy70o5oWZccD5Vo1b4K
YcBuNUtHT4PaK4aI8ywjddSCRn+JvOxfi4FT29h4ZjqhASKBk0mVhgC2+qLNvIul
PCF1Ukglq/Eg+SNj/T4wlZmyOGhoLmzyPtdjtbPJAv8zdcGS1UhOMrF24826BCYS
d5czcUvCmEuOCOA3lHAQDIponnsTTu8Eaq4pWWC3KqMX61LJRq4XhG70U2MeS0xP
gBWON42XxjEsWNrUEAknK8GuG4NfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUx72z
kVAM+9D9p/V9vV/HexAdG8AwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0M5Mzg3Q0Y2NkVEOTExRjA4NjYwRjhERkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFIwDQYJKoZIhvcNAQEL
BQADggEBAHBsqqO/jTIQejgVwtnSfLC6+ub6ZFKus65Tgf5D0B9ndqfJTFbJtApT
jSM18ragHKQbSRpMLGhcZ5AZpykiNwe9OQifTAJysgRGuREL8XtwYSTvF9xiejV5
LM+jaNzIbfMnq58+0B3sTBf2/IlRCTMWf43Nj1MnSyLM7Xg3I72Vn7MBy9h0aGtW
wEwQCi62wglXwCxcz+jzEG9k3xkjJhhKtxBzUk+A1LizzynCS3vbA8xtuHUzF7SM
Ro3hhIqyDtmjA38DBrcesXyYxjqfcgxRyAPjnr9PLTCL1ESgHKExlLaqYUgFE+KM
DQwwuKhmOgELAk/NinmudIJwYEb7EJE=
-----END CERTIFICATE-----
Generated at Fri Aug 8 10:12:29 2025 by rpki-client