Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4D7CA476563C11F09714DEBCDAE4EC9C.roa
File: 4D7CA476563C11F09714DEBCDAE4EC9C.roa (raw, json)
Hash identifier: nMnx/tBSM/1I3hq0ORQ3KinVCMgSFQnNzXG5PYtvOLY=
Subject key identifier: C6:70:23:0D:BA:84:32:AD:38:85:D6:E1:DB:14:7D:DD:BB:B4:60:E4
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1B53
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4D7CA476563C11F09714DEBCDAE4EC9C.roa
Signing time: Tue 01 Jul 2025 05:29:05 +0000
ROA not before: Tue 01 Jul 2025 05:29:00 +0000
ROA not after: Thu 01 Jul 2027 05:29:00 +0000
asID: 834
IP address blocks: 154.16.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Jul 2025 01:18:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6995 (0x1b53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Jul 1 05:29:00 2025 GMT
Not After : Jul 1 05:29:00 2027 GMT
Subject: CN=68637221-e7b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2b:1e:f7:0d:a4:29:2e:82:13:7b:e1:59:90:
47:d9:ba:ad:3f:9e:4c:be:f2:e4:58:4a:ea:cc:82:
81:33:8b:ed:aa:a3:03:5f:bc:64:7c:23:ce:c6:d8:
9b:1e:01:8f:59:b1:fc:46:49:fb:4f:7c:39:25:b6:
58:46:83:f6:31:db:f0:5c:39:28:6f:d9:f2:3c:a9:
87:8f:6b:23:1c:c8:bd:2a:96:c1:8c:db:d0:84:19:
ef:fc:6d:b7:54:07:4b:92:ca:5e:d1:88:80:a8:1f:
2a:a7:17:88:45:2a:f2:12:2c:7d:2d:69:a6:5a:61:
a0:41:82:d1:d8:8c:fd:65:8a:6f:01:52:f5:8f:8b:
a9:a9:16:41:0a:e0:86:f8:56:c1:0a:16:48:b4:3c:
36:b4:4c:6f:57:4f:75:55:a8:b1:98:fc:e2:45:0b:
82:2f:5d:e6:44:34:1c:4b:c7:fb:4f:82:63:24:df:
c5:92:69:5d:b3:7d:36:ad:40:2d:43:df:d1:ad:2b:
73:4b:df:47:33:a0:68:bc:b4:19:5f:d5:fc:6c:58:
eb:54:71:25:27:94:cb:7e:d4:41:56:06:2e:9e:57:
b5:bc:d9:b0:f8:ec:74:ba:04:59:b0:8f:e7:6e:cf:
fb:e2:e9:c6:c1:c3:f7:77:3d:1d:b8:33:25:e1:c3:
e2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:70:23:0D:BA:84:32:AD:38:85:D6:E1:DB:14:7D:DD:BB:B4:60:E4
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/4D7CA476563C11F09714DEBCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.234.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:7c:b6:c7:51:0d:76:89:91:bf:14:27:e6:7d:e0:82:a4:44:
66:e3:58:07:0e:69:61:63:fc:4a:58:26:7f:01:d1:88:d8:e6:
d3:b4:0e:3e:ab:5e:5f:b8:4e:b5:4e:0b:ba:06:4e:38:e5:48:
57:97:ae:92:51:fd:9a:2d:57:a3:6c:a7:b6:73:95:50:a6:bc:
0a:9c:8f:e7:11:04:0a:f8:9c:f1:27:26:79:ec:3c:ba:cf:ca:
9f:08:e7:36:1e:3a:3d:a8:c2:3f:d4:8d:4b:e4:85:df:c6:ad:
cd:34:4a:ab:f3:78:15:1e:95:fd:8e:3b:29:cd:fe:c6:d4:ac:
a6:67:a2:bb:24:ee:71:c2:63:a4:48:ad:b5:cb:ad:55:8b:f8:
e8:b4:8c:ce:31:65:3a:cf:aa:24:99:26:21:a5:9b:24:53:0d:
a7:cd:ac:7f:be:fe:29:aa:dc:cf:ce:7e:98:02:09:c2:90:63:
71:48:65:34:a7:0e:d7:09:52:ce:94:6e:5a:30:34:64:a7:5b:
bc:f3:eb:2d:44:1b:f2:e3:97:71:75:98:f8:f5:c3:16:8d:64:
72:44:7f:1e:c1:f6:3d:b6:95:29:b0:fa:e0:2c:7f:d1:30:b7:
79:b9:99:24:e0:e8:49:21:89:eb:04:19:1b:7f:94:09:da:63:
5d:79:73:f7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICG1MwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA3MDEwNTI5MDBaFw0yNzA3MDEwNTI5MDBaMBgxFjAU
BgNVBAMTDTY4NjM3MjIxLWU3YjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/Kx73DaQpLoITe+FZkEfZuq0/nky+8uRYSurMgoEzi+2qowNfvGR8I87G
2JseAY9ZsfxGSftPfDkltlhGg/Yx2/BcOShv2fI8qYePayMcyL0qlsGM29CEGe/8
bbdUB0uSyl7RiICoHyqnF4hFKvISLH0taaZaYaBBgtHYjP1lim8BUvWPi6mpFkEK
4Ib4VsEKFki0PDa0TG9XT3VVqLGY/OJFC4IvXeZENBxLx/tPgmMk38WSaV2zfTat
QC1D39GtK3NL30czoGi8tBlf1fxsWOtUcSUnlMt+1EFWBi6eV7W82bD47HS6BFmw
j+duz/vi6cbBw/d3PR24MyXhw+InAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUxnAj
DbqEMq04hdbh2xR93bu0YOQwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzREN0NBNDc2NTYzQzExRjA5NzE0REVCQ0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEOowDQYJKoZIhvcNAQEL
BQADggEBALd8tsdRDXaJkb8UJ+Z94IKkRGbjWAcOaWFj/EpYJn8B0YjY5tO0Dj6r
Xl+4TrVOC7oGTjjlSFeXrpJR/ZotV6Nsp7ZzlVCmvAqcj+cRBAr4nPEnJnnsPLrP
yp8I5zYeOj2owj/UjUvkhd/Grc00SqvzeBUelf2OOynN/sbUrKZnorsk7nHCY6RI
rbXLrVWL+Oi0jM4xZTrPqiSZJiGlmyRTDafNrH++/imq3M/OfpgCCcKQY3FIZTSn
DtcJUs6UblowNGSnW7zz6y1EG/Ljl3F1mPj1wxaNZHJEfx7B9j22lSmw+uAsf9Ew
t3m5mSTg6EkhiesEGRt/lAnaY115c/c=
-----END CERTIFICATE-----
Generated at Thu Jul 3 01:10:30 2025 by rpki-client