Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/DD3C16F672E211F09AF665A7DAE4EC9C.roa
File: DD3C16F672E211F09AF665A7DAE4EC9C.roa (raw, json)
Hash identifier: 67phmLpraZ+TtW1XJir/6xrM9G94j8vX+qHMp4plIeo=
Subject key identifier: 49:2B:19:19:3E:83:94:EE:E2:D6:5F:56:B2:7E:96:48:B4:79:CB:D2
Certificate issuer: /CN=F36F731FAF/serialNumber=F5C0B63BAA5E7AF7A4386B637FD1206A3682D0C3
Certificate serial: 0315
Authority key identifier: F5:C0:B6:3B:AA:5E:7A:F7:A4:38:6B:63:7F:D1:20:6A:36:82:D0:C3
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/9cC2O6peevekOGtjf9EgajaC0MM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/DD3C16F672E211F09AF665A7DAE4EC9C.roa
Signing time: Wed 06 Aug 2025 16:31:55 +0000
ROA not before: Wed 06 Aug 2025 16:31:49 +0000
ROA not after: Tue 06 Aug 2030 16:31:49 +0000
asID: 29571
IP address blocks: 154.68.0.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/9cC2O6peevekOGtjf9EgajaC0MM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/9cC2O6peevekOGtjf9EgajaC0MM.mft
rsync://rpki.afrinic.net/repository/afrinic/9cC2O6peevekOGtjf9EgajaC0MM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:06:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 789 (0x315)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F731FAF, serialNumber=F5C0B63BAA5E7AF7A4386B637FD1206A3682D0C3
Validity
Not Before: Aug 6 16:31:49 2025 GMT
Not After : Aug 6 16:31:49 2030 GMT
Subject: CN=6893837b-269f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1e:71:56:a3:5a:96:48:8d:c3:9c:52:e1:96:
4f:bf:e0:c3:10:1f:3c:ef:6c:7b:99:da:ee:ef:d5:
5b:7e:16:29:04:04:47:ce:69:d8:64:a7:cb:48:51:
bc:00:a7:f4:a1:e5:47:11:71:ba:61:db:30:4d:e6:
40:60:02:ef:33:68:38:f7:f7:ec:6e:e3:1e:88:84:
11:88:62:90:2a:22:1c:92:5d:f9:50:54:bc:f2:de:
7a:d5:3a:e1:53:dc:ae:57:76:23:b7:ed:4b:8a:e0:
96:47:53:3e:f3:cb:5e:8e:22:c5:7a:41:b0:0e:29:
f5:d7:6b:bd:86:2c:03:a3:b1:78:ec:2a:53:77:fc:
ce:c5:d5:a6:c8:48:c7:e9:ed:47:e4:c6:09:e6:3a:
1e:e1:07:97:1a:09:2d:fd:52:ab:14:c2:9b:dc:b9:
0a:a9:6c:3c:31:ef:21:d2:a8:df:d0:ed:20:7c:cf:
09:a0:17:09:3e:ba:d0:d4:b6:a2:b4:da:f4:2c:7d:
7d:96:6d:d4:be:1e:0f:76:84:55:44:f9:ee:c0:81:
9b:be:2c:31:3d:a9:f9:4e:15:2a:a5:1a:39:15:de:
c7:d2:db:cb:6d:7d:f3:35:d3:76:9a:c2:0e:85:68:
da:80:ce:c0:e8:d7:4e:d2:8f:63:20:af:6d:28:92:
e3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:2B:19:19:3E:83:94:EE:E2:D6:5F:56:B2:7E:96:48:B4:79:CB:D2
X509v3 Authority Key Identifier:
keyid:F5:C0:B6:3B:AA:5E:7A:F7:A4:38:6B:63:7F:D1:20:6A:36:82:D0:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/9cC2O6peevekOGtjf9EgajaC0MM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/9cC2O6peevekOGtjf9EgajaC0MM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F731F/A187DF92379711EEA4C498314AD9E6FC/DD3C16F672E211F09AF665A7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.68.0.0/18
Signature Algorithm: sha256WithRSAEncryption
0d:98:42:18:24:6d:17:ab:1f:05:b5:5e:cd:29:c1:b0:be:af:
f2:70:5e:63:3b:a8:8e:f9:5d:9e:c2:75:69:2c:99:9d:cb:58:
a3:53:65:c2:22:61:27:63:95:44:a2:e5:1c:ad:3b:1e:a8:87:
c7:04:35:c0:9a:6b:69:5c:66:aa:d0:b8:41:39:13:d8:fe:d9:
51:e9:7b:24:ac:75:73:ef:a0:8f:04:a2:d6:ea:c1:ec:d3:c2:
dc:13:97:fb:8b:a0:bd:98:fd:1a:72:f4:49:ab:c1:53:20:4e:
36:d6:d3:0e:fc:b9:61:e5:5f:f5:bd:d0:ca:0a:c0:c9:6f:0a:
10:88:eb:37:c1:37:ae:44:01:b6:29:ff:58:65:13:6b:33:54:
19:23:74:3e:20:c7:4b:16:53:ad:d4:a1:f9:bb:c1:7d:23:53:
8b:61:d0:73:fc:2a:1a:ec:40:97:a2:7d:02:c7:7c:b9:aa:26:
56:4e:28:02:dc:ab:80:a1:4a:ad:90:8d:ff:58:5c:c4:cf:34:
a6:e3:1a:55:fd:4c:5c:5c:a2:53:34:58:a7:e8:2e:db:6f:54:
7a:9f:28:c3:b0:1d:56:05:6e:17:a5:e2:af:f3:2b:c8:e0:ca:
5c:6d:80:de:45:01:fa:cd:3f:fe:ef:13:1b:bb:64:de:12:72:
67:35:74:79
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAxUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjczMUZBRjExMC8GA1UEBRMoRjVDMEI2M0JBQTVFN0FGN0E0Mzg2QjYzN0ZEMTIw
NkEzNjgyRDBDMzAeFw0yNTA4MDYxNjMxNDlaFw0zMDA4MDYxNjMxNDlaMBgxFjAU
BgNVBAMTDTY4OTM4MzdiLTI2OWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEHnFWo1qWSI3DnFLhlk+/4MMQHzzvbHuZ2u7v1Vt+FikEBEfOadhkp8tI
UbwAp/Sh5UcRcbph2zBN5kBgAu8zaDj39+xu4x6IhBGIYpAqIhySXflQVLzy3nrV
OuFT3K5XdiO37UuK4JZHUz7zy16OIsV6QbAOKfXXa72GLAOjsXjsKlN3/M7F1abI
SMfp7UfkxgnmOh7hB5caCS39UqsUwpvcuQqpbDwx7yHSqN/Q7SB8zwmgFwk+utDU
tqK02vQsfX2WbdS+Hg92hFVE+e7AgZu+LDE9qflOFSqlGjkV3sfS28ttffM103aa
wg6FaNqAzsDo107Sj2Mgr20okuM9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUSSsZ
GT6DlO7i1l9Wsn6WSLR5y9IwHwYDVR0jBBgwFoAU9cC2O6peevekOGtjf9EgajaC
0MMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY3MzFGL0ExODdERjkyMzc5NzExRUVBNEM0OTgzMTRBRDlFNkZDLzljQzJP
NnBlZXZla09HdGpmOUVnYWphQzBNTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzljQzJPNnBlZXZla09HdGpmOUVnYWphQzBNTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY3MzFGL0ExODdERjkyMzc5NzExRUVBNEM0OTgzMTRB
RDlFNkZDL0REM0MxNkY2NzJFMjExRjA5QUY2NjVBN0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAaaRAAwDQYJKoZIhvcNAQEL
BQADggEBAA2YQhgkbRerHwW1Xs0pwbC+r/JwXmM7qI75XZ7CdWksmZ3LWKNTZcIi
YSdjlUSi5RytOx6oh8cENcCaa2lcZqrQuEE5E9j+2VHpeySsdXPvoI8EotbqwezT
wtwTl/uLoL2Y/Rpy9EmrwVMgTjbW0w78uWHlX/W90MoKwMlvChCI6zfBN65EAbYp
/1hlE2szVBkjdD4gx0sWU63Uofm7wX0jU4th0HP8KhrsQJeifQLHfLmqJlZOKALc
q4ChSq2Qjf9YXMTPNKbjGlX9TFxcolM0WKfoLttvVHqfKMOwHVYFbhel4q/zK8jg
ylxtgN5FAfrNP/7vExu7ZN4Scmc1dHk=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:06:50 2025 by rpki-client