Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/27B58DE24D0011F09B67D4A8DAE4EC9C.roa
File: 27B58DE24D0011F09B67D4A8DAE4EC9C.roa (raw, json)
Hash identifier: DB3QGNLPvT0fKa6A0Z28p0OQ2/0JfEF/fV/NLF30y7M=
Subject key identifier: AC:C2:66:C2:94:31:0E:8E:38:34:C0:F5:CC:35:2B:DC:09:E3:80:69
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0CEE
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/27B58DE24D0011F09B67D4A8DAE4EC9C.roa
Signing time: Thu 19 Jun 2025 11:25:51 +0000
ROA not before: Thu 19 Jun 2025 11:25:46 +0000
ROA not after: Tue 19 Jun 2035 11:25:46 +0000
asID: 214036
IP address blocks: 192.142.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3310 (0xcee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR, serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Validity
Not Before: Jun 19 11:25:46 2025 GMT
Not After : Jun 19 11:25:46 2035 GMT
Subject: CN=6853f3bf-8a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:2d:dd:b6:d1:98:02:78:61:9f:97:cb:bc:8d:
80:07:53:c1:07:cf:9f:85:6b:ba:c1:34:7c:20:f8:
fc:99:c9:f4:b3:c6:0a:f6:3b:1c:59:a1:92:b2:7d:
d9:e6:c9:1b:39:15:2e:b1:50:fb:39:c3:1b:c1:3a:
36:d6:c9:15:10:df:43:6c:e4:e9:9a:91:a3:18:40:
b6:77:1b:7d:7e:b2:c2:22:92:22:eb:f5:7b:4e:b3:
e3:74:37:13:8a:a2:90:c5:5a:56:27:0c:69:90:c7:
bb:42:04:f4:f2:b9:87:92:ec:84:46:29:91:54:4e:
fe:6b:e0:ca:52:84:30:00:c7:0a:c6:85:e0:ca:49:
25:e6:e9:46:cf:34:4e:cd:bf:0c:df:ca:83:82:fb:
42:63:ac:85:ae:76:88:de:6d:c3:74:0c:06:67:f3:
96:6c:c8:2a:f0:6a:56:e5:80:38:11:22:9e:a7:bf:
c7:3c:94:3b:9d:f8:f6:3d:c4:de:55:25:ad:39:9a:
52:a7:c4:b9:7f:f9:5d:5e:26:04:76:a8:cb:66:ef:
5c:a5:85:62:ba:67:4c:01:1a:2a:4d:fa:4d:7c:fe:
83:21:04:fa:7d:64:b5:bf:89:3e:76:f8:74:6d:be:
ab:d3:b0:94:06:94:09:02:b0:f7:89:7c:7a:15:be:
45:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C2:66:C2:94:31:0E:8E:38:34:C0:F5:CC:35:2B:DC:09:E3:80:69
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/27B58DE24D0011F09B67D4A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.53.0/24
Signature Algorithm: sha256WithRSAEncryption
34:14:56:7e:d4:c3:b1:19:27:65:31:b3:9e:1f:92:5f:70:a7:
17:53:c3:59:63:4f:cc:20:d4:0d:e8:67:e1:d5:a1:0b:73:0f:
3f:bc:89:bd:6c:18:77:d1:94:53:c2:b3:b3:e7:f7:e8:84:ef:
74:d8:6b:76:16:8d:5d:a8:c0:47:9d:9b:f6:5d:e0:be:6d:dd:
22:0f:30:38:a0:be:48:49:80:e3:51:e5:70:4d:5f:5c:8b:26:
12:fb:70:c7:1c:4f:54:a7:79:65:d9:35:73:61:0f:86:d8:cd:
e7:57:9e:0f:cf:df:0f:0e:6f:3a:c8:f6:a5:e2:62:76:bd:f3:
4d:0b:fb:3f:83:41:85:de:c9:96:4d:5a:3c:3f:c3:ad:cb:36:
cd:41:83:b6:ae:38:ed:92:12:a0:c7:3b:a9:b9:07:ec:4d:d3:
e1:f4:4c:a2:b4:45:c5:c3:f0:a4:7a:cf:0f:2d:c4:07:1a:e1:
fc:0e:d6:10:18:5f:f9:2f:2a:0b:04:cf:bb:73:f3:3a:b7:9f:
34:ab:05:37:83:2b:a9:38:de:6f:b7:70:d4:af:4f:c6:c4:50:
82:60:0b:92:58:8c:78:6c:c6:31:d2:7f:59:71:78:7f:87:c8:
8a:d6:59:23:26:c2:a0:65:bf:f4:63:d8:d0:a9:68:27:06:e4:
8b:23:80:87
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDO4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNTA2MTkxMTI1NDZaFw0zNTA2MTkxMTI1NDZaMBgxFjAU
BgNVBAMTDTY4NTNmM2JmLThhMGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDjLd220ZgCeGGfl8u8jYAHU8EHz5+Fa7rBNHwg+PyZyfSzxgr2OxxZoZKy
fdnmyRs5FS6xUPs5wxvBOjbWyRUQ30Ns5OmakaMYQLZ3G31+ssIikiLr9XtOs+N0
NxOKopDFWlYnDGmQx7tCBPTyuYeS7IRGKZFUTv5r4MpShDAAxwrGheDKSSXm6UbP
NE7NvwzfyoOC+0JjrIWudojebcN0DAZn85ZsyCrwalblgDgRIp6nv8c8lDud+PY9
xN5VJa05mlKnxLl/+V1eJgR2qMtm71ylhWK6Z0wBGipN+k18/oMhBPp9ZLW/iT52
+HRtvqvTsJQGlAkCsPeJfHoVvkUtAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUrMJm
wpQxDo44NMD1zDUr3AnjgGkwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzI3QjU4REUyNEQwMDExRjA5QjY3RDRBOERBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjjUwDQYJKoZIhvcNAQELBQAD
ggEBADQUVn7Uw7EZJ2Uxs54fkl9wpxdTw1ljT8wg1A3oZ+HVoQtzDz+8ib1sGHfR
lFPCs7Pn9+iE73TYa3YWjV2owEedm/Zd4L5t3SIPMDigvkhJgONR5XBNX1yLJhL7
cMccT1SneWXZNXNhD4bYzedXng/P3w8ObzrI9qXiYna9800L+z+DQYXeyZZNWjw/
w63LNs1Bg7auOO2SEqDHO6m5B+xN0+H0TKK0RcXD8KR6zw8txAca4fwO1hAYX/kv
KgsEz7tz8zq3nzSrBTeDK6k43m+3cNSvT8bEUIJgC5JYjHhsxjHSf1lxeH+HyIrW
WSMmwqBlv/Rj2NCpaCcG5IsjgIc=
-----END CERTIFICATE-----
Generated at Sun Jun 29 12:36:44 2025 by rpki-client