Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/31AC1B067F2B11F0A2FC2DE1DAE4EC9C.roa
File: 31AC1B067F2B11F0A2FC2DE1DAE4EC9C.roa (raw, json)
Hash identifier: pJmfeAp3o89ojiARZABIHNF+5KqQANGXnVyfWK3JWAo=
Subject key identifier: 0A:94:4F:58:BF:48:24:58:23:BE:DC:A0:2B:B6:27:E5:9C:3E:B5:52
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 076C
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/31AC1B067F2B11F0A2FC2DE1DAE4EC9C.roa
Signing time: Fri 22 Aug 2025 07:39:55 +0000
ROA not before: Fri 22 Aug 2025 07:39:49 +0000
ROA not after: Sun 30 Aug 2026 07:39:49 +0000
asID: 174
IP address blocks: 102.177.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1900 (0x76c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Aug 22 07:39:49 2025 GMT
Not After : Aug 30 07:39:49 2026 GMT
Subject: CN=68a81eca-4035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:15:3e:f3:49:6e:b8:00:3f:39:4a:8c:32:0e:
85:c1:60:29:04:71:c0:af:d5:78:16:1d:c0:50:ed:
64:d9:67:7c:b4:74:e2:19:0e:87:69:86:cf:52:3d:
85:58:29:66:ae:01:d2:2b:c3:b2:c8:67:b0:84:c4:
84:c7:c3:85:01:3e:76:21:f0:54:fb:09:c5:37:f9:
bf:14:1c:66:63:18:b3:cd:8d:c8:56:11:97:38:a0:
1c:4c:a8:22:8e:d1:fb:87:ba:97:7d:48:9e:0e:64:
56:6c:73:90:34:ca:c8:42:39:12:ae:5b:41:a6:d8:
60:66:db:6b:aa:9b:03:dc:32:0c:ba:66:15:7b:d0:
55:99:7f:2a:05:a3:1f:99:92:46:18:eb:61:eb:ae:
8c:d5:aa:f7:93:19:25:81:20:30:dc:c3:61:5c:6e:
e0:20:0e:81:2c:a8:57:46:8f:55:d9:86:e2:a6:95:
94:c3:eb:46:ce:33:a7:a4:ee:dc:59:fd:13:1e:90:
1e:4b:fb:f7:3b:3a:f8:49:a1:60:f6:45:21:d5:91:
7f:fd:be:31:b5:2a:c2:ba:07:82:d3:51:46:89:22:
70:7e:c0:65:54:aa:66:e2:b7:d7:ec:40:57:26:9f:
0d:6e:b4:59:aa:41:a9:57:27:cc:a6:73:fa:85:8b:
24:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:94:4F:58:BF:48:24:58:23:BE:DC:A0:2B:B6:27:E5:9C:3E:B5:52
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/31AC1B067F2B11F0A2FC2DE1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.146.0/23
Signature Algorithm: sha256WithRSAEncryption
87:7b:d9:30:20:fc:8b:15:d0:39:48:8d:47:f8:79:03:53:6b:
3b:ed:9d:c7:0a:90:1c:cd:a4:a3:39:10:e0:56:d1:c2:ad:91:
85:38:1c:eb:71:5a:65:aa:d9:da:17:0f:57:81:03:7a:fd:0e:
98:c7:1b:21:07:37:c7:7b:c8:ad:5d:c6:34:75:1b:43:a5:3f:
9f:46:92:be:40:21:22:53:25:68:a9:e0:fb:3c:8b:f8:3f:40:
7d:ea:73:ac:94:4a:7a:e9:fb:77:02:45:01:49:03:b7:cb:72:
8c:97:68:75:1f:20:3c:04:38:6e:26:bc:4d:dd:d9:53:08:71:
38:33:ee:ae:1b:f1:14:b3:81:cd:59:d1:e9:32:16:8f:3f:09:
58:96:1e:6f:88:49:59:9b:23:a2:7c:e6:bf:61:4f:5e:90:fb:
30:12:d2:f5:22:84:c7:22:f5:7f:1e:e1:a3:cb:6d:e9:c9:5e:
72:a6:2a:20:3f:4a:d4:6a:be:e1:be:36:86:48:e8:c5:00:0f:
3f:87:03:52:67:22:23:25:ad:19:d7:db:ee:89:b2:79:90:46:
fc:e8:e1:9b:51:5b:06:d7:b5:4c:f0:7f:1d:8e:63:b9:5c:a5:
be:48:3d:2e:ce:d1:f0:c5:57:0d:44:1b:6f:e4:c2:92:f8:1b:
46:3f:0c:98
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB2wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNTA4MjIwNzM5NDlaFw0yNjA4MzAwNzM5NDlaMBgxFjAU
BgNVBAMTDTY4YTgxZWNhLTQwMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQFT7zSW64AD85SowyDoXBYCkEccCv1XgWHcBQ7WTZZ3y0dOIZDodphs9S
PYVYKWauAdIrw7LIZ7CExITHw4UBPnYh8FT7CcU3+b8UHGZjGLPNjchWEZc4oBxM
qCKO0fuHupd9SJ4OZFZsc5A0yshCORKuW0Gm2GBm22uqmwPcMgy6ZhV70FWZfyoF
ox+ZkkYY62HrrozVqveTGSWBIDDcw2FcbuAgDoEsqFdGj1XZhuKmlZTD60bOM6ek
7txZ/RMekB5L+/c7OvhJoWD2RSHVkX/9vjG1KsK6B4LTUUaJInB+wGVUqmbit9fs
QFcmnw1utFmqQalXJ8ymc/qFiySPAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCpRP
WL9IJFgjvtygK7Yn5Zw+tVIwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzMxQUMxQjA2N0YyQjExRjBBMkZDMkRFMURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFmsZIwDQYJKoZIhvcNAQEL
BQADggEBAId72TAg/IsV0DlIjUf4eQNTazvtnccKkBzNpKM5EOBW0cKtkYU4HOtx
WmWq2doXD1eBA3r9DpjHGyEHN8d7yK1dxjR1G0OlP59Gkr5AISJTJWip4Ps8i/g/
QH3qc6yUSnrp+3cCRQFJA7fLcoyXaHUfIDwEOG4mvE3d2VMIcTgz7q4b8RSzgc1Z
0ekyFo8/CViWHm+ISVmbI6J85r9hT16Q+zAS0vUihMci9X8e4aPLbenJXnKmKiA/
StRqvuG+NoZI6MUADz+HA1JnIiMlrRnX2+6JsnmQRvzo4ZtRWwbXtUzwfx2OY7lc
pb5IPS7O0fDFVw1EG2/kwpL4G0Y/DJg=
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:09:11 2025 by rpki-client