Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/8F66F9F2625011F093EF34AEDAE4EC9C.roa
File: 8F66F9F2625011F093EF34AEDAE4EC9C.roa (raw, json)
Hash identifier: azeXExxPadQBtZQAbA3QmCVU3GUpPn3GgN81W/kzNws=
Subject key identifier: 85:F6:76:5B:75:05:50:FA:2E:63:6D:BC:C1:4B:CF:02:81:CC:89:8D
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 0727
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/8F66F9F2625011F093EF34AEDAE4EC9C.roa
Signing time: Wed 16 Jul 2025 14:24:19 +0000
ROA not before: Wed 16 Jul 2025 14:24:15 +0000
ROA not after: Fri 17 Jul 2026 14:24:15 +0000
asID: 60171
IP address blocks: 102.177.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Jul 2025 00:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1831 (0x727)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Jul 16 14:24:15 2025 GMT
Not After : Jul 17 14:24:15 2026 GMT
Subject: CN=6877b613-b021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4a:aa:a3:e6:b8:65:e9:3f:4a:2a:b8:d9:64:
f9:fc:73:1d:a3:03:dc:ee:a3:6d:4b:97:d1:fa:1a:
df:fd:fb:a8:7b:24:a9:9a:14:87:9c:e6:eb:55:03:
6d:f4:56:15:66:e3:d4:c6:5c:00:80:9a:6c:cc:70:
0b:f7:f2:c8:e9:e6:9e:68:fb:58:07:ac:d3:27:da:
6c:6e:6e:b8:3b:a4:a8:3a:9f:cf:c3:ec:e6:30:7b:
c5:ca:b5:e4:e1:db:ff:0d:1c:38:4e:89:81:33:5a:
70:59:f5:d2:df:11:23:80:e2:99:f1:93:d1:f4:ca:
44:20:5f:57:16:b9:4d:d0:fe:6d:06:e8:c2:b6:3e:
8d:d9:e6:a8:7f:ac:e9:16:a8:5a:a6:be:df:37:bd:
40:a4:de:ea:2c:87:ce:79:67:f1:c1:ba:b9:07:ba:
b6:c2:8a:55:7b:ef:b2:35:d0:f7:ad:a0:d3:15:f1:
f5:3b:58:e4:f3:a8:81:92:73:58:cf:41:84:a6:a3:
82:57:35:10:33:2a:da:88:8c:27:ae:1c:af:1a:5d:
20:a8:b2:53:96:c0:24:eb:3a:08:88:82:66:b5:9a:
66:e4:cc:32:1c:48:fb:7e:fc:36:cc:70:7c:c4:f7:
f0:c6:c8:69:f9:a5:cf:3f:84:51:34:51:b2:c9:36:
07:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F6:76:5B:75:05:50:FA:2E:63:6D:BC:C1:4B:CF:02:81:CC:89:8D
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/8F66F9F2625011F093EF34AEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.157.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4f:c9:62:8f:28:8c:4e:dd:a4:1f:0b:ae:cb:2b:bc:1d:d2:
5d:94:a1:d4:46:a9:c4:a5:f0:6a:f2:72:17:38:bd:88:d0:35:
c3:b5:00:b8:df:d5:3a:63:d4:9e:a5:c7:3e:d8:67:c2:e9:55:
01:08:7b:d0:7c:25:b9:91:a8:20:6a:d9:05:33:20:b7:5a:97:
6c:35:5c:38:36:8e:52:45:e0:e2:fe:cc:dc:45:7b:35:06:1c:
1b:74:fd:1c:64:08:90:41:d6:9b:f4:c3:f9:8f:ff:f1:eb:0b:
4f:0b:54:5f:14:f8:a5:ce:fe:e5:ac:68:3e:6b:5f:e5:f8:e9:
f0:56:0d:fb:3d:15:68:51:78:1a:71:a0:5f:80:c4:42:4c:da:
ff:ec:3c:76:3f:bb:94:62:6f:ba:ad:4a:9f:24:54:fb:4c:47:
0e:07:0f:c4:4c:7a:b6:40:8e:15:16:83:62:67:c8:1e:ae:f6:
3f:fb:9c:61:10:89:d0:04:7d:1a:e7:b9:cc:90:83:59:1a:c3:
85:5d:b6:63:01:93:a2:2e:a5:14:93:20:45:a7:eb:50:17:20:
b8:41:4f:29:fe:ac:07:42:16:cb:bc:d6:fa:f0:64:88:59:ef:
cb:f7:cb:74:64:ab:a6:c8:f0:49:61:c1:fd:9d:3f:9c:25:5e:
d3:b6:f6:14
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBycwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNTA3MTYxNDI0MTVaFw0yNjA3MTcxNDI0MTVaMBgxFjAU
BgNVBAMTDTY4NzdiNjEzLWIwMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDHSqqj5rhl6T9KKrjZZPn8cx2jA9zuo21Ll9H6Gt/9+6h7JKmaFIec5utV
A230VhVm49TGXACAmmzMcAv38sjp5p5o+1gHrNMn2mxubrg7pKg6n8/D7OYwe8XK
teTh2/8NHDhOiYEzWnBZ9dLfESOA4pnxk9H0ykQgX1cWuU3Q/m0G6MK2Po3Z5qh/
rOkWqFqmvt83vUCk3uosh855Z/HBurkHurbCilV777I10PetoNMV8fU7WOTzqIGS
c1jPQYSmo4JXNRAzKtqIjCeuHK8aXSCoslOWwCTrOgiIgma1mmbkzDIcSPt+/DbM
cHzE9/DGyGn5pc8/hFE0UbLJNgfVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhfZ2
W3UFUPouY228wUvPAoHMiY0wHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzhGNjZGOUYyNjI1MDExRjA5M0VGMzRBRURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsZ0wDQYJKoZIhvcNAQEL
BQADggEBAExPyWKPKIxO3aQfC67LK7wd0l2UodRGqcSl8Grychc4vYjQNcO1ALjf
1Tpj1J6lxz7YZ8LpVQEIe9B8JbmRqCBq2QUzILdal2w1XDg2jlJF4OL+zNxFezUG
HBt0/RxkCJBB1pv0w/mP//HrC08LVF8U+KXO/uWsaD5rX+X46fBWDfs9FWhReBpx
oF+AxEJM2v/sPHY/u5Rib7qtSp8kVPtMRw4HD8RMerZAjhUWg2JnyB6u9j/7nGEQ
idAEfRrnucyQg1kaw4VdtmMBk6IupRSTIEWn61AXILhBTyn+rAdCFsu81vrwZIhZ
78v3y3Rkq6bI8Elhwf2dP5wlXtO29hQ=
-----END CERTIFICATE-----
Generated at Thu Jul 24 04:53:36 2025 by rpki-client