Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5BCE0EFA7EA211F0A56084D8DAE4EC9C.roa
File: 5BCE0EFA7EA211F0A56084D8DAE4EC9C.roa (raw, json)
Hash identifier: 1uwDD1B8cur06iK4OkOdIvjSIBdSNK7Xw1yZpJT6Ha4=
Subject key identifier: 75:6D:08:2C:96:45:5E:33:FA:56:91:8D:5C:11:81:57:FE:D7:08:F2
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1BB6
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5BCE0EFA7EA211F0A56084D8DAE4EC9C.roa
Signing time: Thu 21 Aug 2025 15:20:24 +0000
ROA not before: Thu 21 Aug 2025 15:20:19 +0000
ROA not after: Sat 21 Aug 2027 15:20:19 +0000
asID: 834
IP address blocks: 154.16.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7094 (0x1bb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Aug 21 15:20:19 2025 GMT
Not After : Aug 21 15:20:19 2027 GMT
Subject: CN=68a73938-53b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ed:d1:aa:42:97:0a:36:f9:de:96:8a:d3:6d:
49:e5:45:fe:99:29:a1:26:d2:9d:f7:17:71:91:c2:
e6:de:d5:fd:fe:a4:04:f2:53:83:f5:40:67:07:f4:
a4:ea:c3:d8:83:65:cb:18:0a:0d:5e:e7:e5:30:d4:
c5:a5:72:55:5c:66:9c:62:a3:29:ee:56:dd:c8:d4:
c9:e7:6c:b3:82:e8:70:63:bb:98:bd:21:f5:ea:c0:
f4:d8:e7:78:1e:d1:35:4d:51:56:c4:a6:f9:00:80:
fb:b5:3a:95:e6:80:a9:7d:ee:6b:c8:40:9a:12:64:
60:25:2c:2a:30:1a:07:13:e8:44:fc:40:e1:e1:b7:
5e:38:98:70:6f:60:d4:f2:cd:fe:0e:d9:5c:ec:df:
ef:c4:87:c7:d0:06:49:d1:e2:98:5d:5f:b1:9c:97:
9c:74:3e:ce:eb:70:3f:a5:86:ad:62:d7:89:3f:12:
5e:af:09:18:44:8c:e8:07:cf:67:a3:33:79:85:70:
ad:93:90:b4:96:3c:cf:91:0b:ab:87:a9:4d:41:a1:
b6:d6:ad:f9:0f:9f:fc:e0:55:e1:82:96:c8:18:f0:
54:b4:88:58:d9:77:c4:af:60:fc:ba:fa:b9:75:c9:
aa:f6:43:3c:54:2a:da:55:ef:b8:ca:2b:7b:0c:17:
5f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6D:08:2C:96:45:5E:33:FA:56:91:8D:5C:11:81:57:FE:D7:08:F2
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/5BCE0EFA7EA211F0A56084D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.66.0/24
Signature Algorithm: sha256WithRSAEncryption
77:15:6a:47:4e:44:9b:2b:27:10:00:f5:17:1c:17:37:77:84:
be:6f:6d:ea:0c:76:0f:b6:d7:85:54:50:fd:e1:aa:b0:95:08:
9c:c2:1f:65:95:29:58:bc:52:31:a3:99:fb:bc:c9:2b:78:1d:
f5:60:93:27:6f:e2:0e:d8:80:c9:30:e0:02:b5:3e:e6:03:87:
6a:b6:01:2c:4f:9d:a6:0e:c3:cd:b1:58:da:9c:55:33:7d:c4:
6b:c2:85:5a:f5:af:61:2e:cc:d2:a4:46:4c:f7:96:3f:28:8a:
79:86:bd:8d:2c:17:30:50:8c:11:86:e2:a1:ff:c0:37:91:54:
da:bb:36:a7:64:76:12:a5:2b:a7:a1:d1:eb:ab:13:09:3c:4e:
35:64:22:ab:83:b2:54:b0:13:85:b1:bd:b1:df:26:dc:3c:58:
50:4d:6d:ba:28:01:c3:77:cf:8f:c9:fd:93:f2:0e:98:da:5e:
fe:8e:c3:f7:72:6b:90:20:7b:d6:ff:e6:44:5a:e4:88:1d:0b:
69:fb:fd:9d:77:32:91:bb:1e:9b:15:34:f7:31:dd:f1:db:4e:
ba:dd:e5:a6:8c:0d:32:65:c0:84:04:06:78:2a:b7:76:7a:a8:
9c:8b:f3:83:ee:d8:ba:9e:9b:7e:16:3d:79:47:35:7b:a1:67:
c7:83:ce:75
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICG7YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA4MjExNTIwMTlaFw0yNzA4MjExNTIwMTlaMBgxFjAU
BgNVBAMTDTY4YTczOTM4LTUzYjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDP7dGqQpcKNvnelorTbUnlRf6ZKaEm0p33F3GRwube1f3+pATyU4P1QGcH
9KTqw9iDZcsYCg1e5+Uw1MWlclVcZpxioynuVt3I1MnnbLOC6HBju5i9IfXqwPTY
53ge0TVNUVbEpvkAgPu1OpXmgKl97mvIQJoSZGAlLCowGgcT6ET8QOHht144mHBv
YNTyzf4O2Vzs3+/Eh8fQBknR4phdX7Gcl5x0Ps7rcD+lhq1i14k/El6vCRhEjOgH
z2ejM3mFcK2TkLSWPM+RC6uHqU1BobbWrfkPn/zgVeGClsgY8FS0iFjZd8SvYPy6
+rl1yar2QzxUKtpV77jKK3sMF1/ZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUdW0I
LJZFXjP6VpGNXBGBV/7XCPIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzVCQ0UwRUZBN0VBMjExRjBBNTYwODREOERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEIwDQYJKoZIhvcNAQEL
BQADggEBAHcVakdORJsrJxAA9RccFzd3hL5vbeoMdg+214VUUP3hqrCVCJzCH2WV
KVi8UjGjmfu8ySt4HfVgkydv4g7YgMkw4AK1PuYDh2q2ASxPnaYOw82xWNqcVTN9
xGvChVr1r2EuzNKkRkz3lj8oinmGvY0sFzBQjBGG4qH/wDeRVNq7NqdkdhKlK6eh
0eurEwk8TjVkIquDslSwE4WxvbHfJtw8WFBNbbooAcN3z4/J/ZPyDpjaXv6Ow/dy
a5Age9b/5kRa5IgdC2n7/Z13MpG7HpsVNPcx3fHbTrrd5aaMDTJlwIQEBngqt3Z6
qJyL84Pu2Lqem34WPXlHNXuhZ8eDznU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:06:16 2025 by rpki-client