Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/BFD118C27C3E11F0A02173AEDAE4EC9C.roa
File: BFD118C27C3E11F0A02173AEDAE4EC9C.roa (raw, json)
Hash identifier: E8rOx5Kz5JNVd/9IEaiBcjxCcyJDlnKMUqqptEDdwRw=
Subject key identifier: 31:31:75:F0:99:F7:EF:7E:E5:89:EE:B8:FD:EA:92:E6:59:16:C7:91
Certificate issuer: /CN=F3681ED0AF/serialNumber=4A83F31B1B0604CA6D0B72A453DAA3EB587B4C82
Certificate serial: 03A4
Authority key identifier: 4A:83:F3:1B:1B:06:04:CA:6D:0B:72:A4:53:DA:A3:EB:58:7B:4C:82
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/BFD118C27C3E11F0A02173AEDAE4EC9C.roa
Signing time: Mon 18 Aug 2025 14:22:20 +0000
ROA not before: Mon 18 Aug 2025 14:22:14 +0000
ROA not after: Thu 31 Aug 2034 14:22:14 +0000
asID: 30986
IP address blocks: 154.161.0.0/16 maxlen: 24
154.162.0.0/16 maxlen: 24
154.163.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.crl
rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.mft
rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 932 (0x3a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3681ED0AF, serialNumber=4A83F31B1B0604CA6D0B72A453DAA3EB587B4C82
Validity
Not Before: Aug 18 14:22:14 2025 GMT
Not After : Aug 31 14:22:14 2034 GMT
Subject: CN=68a3371c-901c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:39:91:39:2d:f8:13:f1:14:45:a8:a6:c3:42:
1b:f3:ab:6a:ff:6a:5a:d1:2a:02:f3:4f:83:ca:1f:
54:8f:f0:65:37:a8:19:ff:bb:e3:0a:2c:f0:0f:50:
f0:5f:f3:c2:7e:35:2b:07:21:24:ed:49:3d:4d:9e:
a6:a5:67:76:e1:37:25:93:d7:76:28:1a:ff:a8:ae:
bc:6b:68:3e:d7:d3:d4:e4:5e:f8:31:0b:2d:17:91:
31:01:a5:c7:9f:cf:42:3d:b6:2d:60:bf:68:20:3d:
60:0a:53:88:87:dc:20:15:11:61:bf:3c:fa:de:28:
5d:be:ca:a0:4e:9d:16:25:16:e0:cf:c8:4e:92:c0:
d4:29:28:f7:04:10:51:66:bd:5e:e3:6a:06:58:3e:
79:cb:1e:cc:c2:db:dd:42:30:99:89:7a:da:a2:91:
71:19:cc:0a:43:3f:04:05:eb:a6:7b:3f:b8:36:1e:
73:44:00:04:df:82:e9:f8:23:fc:69:1f:d7:37:4e:
78:98:04:51:df:1b:3b:11:c7:9d:c0:d7:8b:6a:59:
6a:cf:0d:a6:49:ac:56:51:3c:b6:c2:b2:2b:b3:97:
3e:3b:bb:af:a8:9a:ed:06:37:83:f4:3b:ec:31:e5:
70:89:57:dc:2d:3b:87:fe:bb:7b:a1:ec:d7:37:d7:
94:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:31:75:F0:99:F7:EF:7E:E5:89:EE:B8:FD:EA:92:E6:59:16:C7:91
X509v3 Authority Key Identifier:
keyid:4A:83:F3:1B:1B:06:04:CA:6D:0B:72:A4:53:DA:A3:EB:58:7B:4C:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/SoPzGxsGBMptC3KkU9qj61h7TII.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SoPzGxsGBMptC3KkU9qj61h7TII.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3681ED0/5251C078CE2411EDA092D0ACF1222468/BFD118C27C3E11F0A02173AEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.161.0.0-154.163.255.255
Signature Algorithm: sha256WithRSAEncryption
7f:b7:f0:f4:61:50:8a:e2:f1:a2:ae:76:53:f3:c5:9a:cf:4d:
47:ce:39:6d:04:6b:1d:f8:aa:6c:e7:05:78:41:61:64:ef:0f:
7c:90:bb:3c:e4:25:a2:47:d7:1e:4d:c0:2e:78:c8:9e:dd:36:
c0:c0:1a:47:5b:54:4d:c6:bb:72:4c:ab:92:ff:e8:19:3a:f3:
5e:67:66:ab:4a:7a:96:57:2e:6b:60:2d:ed:89:4d:54:ad:ea:
52:90:db:2d:db:22:f2:c8:52:25:ad:95:55:3a:c8:93:4a:57:
7e:b6:88:71:40:6b:7f:bc:72:ce:37:ec:3c:db:c1:00:6d:48:
b8:0c:5d:f9:a3:fc:06:52:00:dc:81:b1:99:a1:d0:c9:92:e2:
b6:39:35:50:f3:b1:69:7e:7d:f6:02:fc:09:e0:67:68:c7:8e:
c1:b9:7b:f6:47:40:63:e6:00:78:16:0b:13:d6:de:21:51:5d:
5e:52:47:24:68:32:bd:e0:5e:f8:d2:3d:72:e2:e6:a1:73:28:
ca:cd:73:ec:d9:74:75:4a:58:09:b3:10:d8:c4:89:f2:c8:88:
f4:44:84:55:b7:a7:f4:51:28:2c:6c:f1:c8:d3:eb:4d:c7:37:
d8:3d:5d:64:21:cf:2d:04:a9:16:c5:4e:e0:08:b5:67:15:ba:
08:6c:d4:9c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICA6QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODFFRDBBRjExMC8GA1UEBRMoNEE4M0YzMUIxQjA2MDRDQTZEMEI3MkE0NTNEQUEz
RUI1ODdCNEM4MjAeFw0yNTA4MTgxNDIyMTRaFw0zNDA4MzExNDIyMTRaMBgxFjAU
BgNVBAMTDTY4YTMzNzFjLTkwMWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUOZE5LfgT8RRFqKbDQhvzq2r/alrRKgLzT4PKH1SP8GU3qBn/u+MKLPAP
UPBf88J+NSsHISTtST1NnqalZ3bhNyWT13YoGv+orrxraD7X09TkXvgxCy0XkTEB
pcefz0I9ti1gv2ggPWAKU4iH3CAVEWG/PPreKF2+yqBOnRYlFuDPyE6SwNQpKPcE
EFFmvV7jagZYPnnLHszC291CMJmJetqikXEZzApDPwQF66Z7P7g2HnNEAATfgun4
I/xpH9c3TniYBFHfGzsRx53A14tqWWrPDaZJrFZRPLbCsiuzlz47u6+omu0GN4P0
O+wx5XCJV9wtO4f+u3uh7Nc315RDAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUMTF1
8Jn3737lie64/eqS5lkWx5EwHwYDVR0jBBgwFoAUSoPzGxsGBMptC3KkU9qj61h7
TIIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgxRUQwLzUyNTFDMDc4Q0UyNDExRURBMDkyRDBBQ0YxMjIyNDY4L1NvUHpH
eHNHQk1wdEMzS2tVOXFqNjFoN1RJSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1NvUHpHeHNHQk1wdEMzS2tVOXFqNjFoN1RJSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgxRUQwLzUyNTFDMDc4Q0UyNDExRURBMDkyRDBBQ0Yx
MjIyNDY4L0JGRDExOEMyN0MzRTExRjBBMDIxNzNBRURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwwCgMDAJqhAwMCmqAwDQYJKoZI
hvcNAQELBQADggEBAH+38PRhUIri8aKudlPzxZrPTUfOOW0Eax34qmznBXhBYWTv
D3yQuzzkJaJH1x5NwC54yJ7dNsDAGkdbVE3Gu3JMq5L/6Bk6815nZqtKepZXLmtg
Le2JTVSt6lKQ2y3bIvLIUiWtlVU6yJNKV362iHFAa3+8cs437DzbwQBtSLgMXfmj
/AZSANyBsZmh0MmS4rY5NVDzsWl+ffYC/AngZ2jHjsG5e/ZHQGPmAHgWCxPW3iFR
XV5SRyRoMr3gXvjSPXLi5qFzKMrNc+zZdHVKWAmzENjEifLIiPREhFW3p/RRKCxs
8cjT603HN9g9XWQhzy0EqRbFTuAItWcVughs1Jw=
-----END CERTIFICATE-----
Generated at Sun Aug 24 01:33:43 2025 by rpki-client