Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/33923BD85D8111F08841CD91DAE4EC9C.roa
File: 33923BD85D8111F08841CD91DAE4EC9C.roa (raw, json)
Hash identifier: 0BS1orOzmkifUgy2GdQUuxcjaiFal3NOe/1CRJt83xU=
Subject key identifier: CD:99:E7:3E:97:89:B5:71:25:40:BF:66:D4:E5:95:58:41:93:3C:AF
Certificate issuer: /CN=F3614659AF/serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Certificate serial: 06C5
Authority key identifier: 60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/33923BD85D8111F08841CD91DAE4EC9C.roa
Signing time: Thu 10 Jul 2025 11:29:55 +0000
ROA not before: Thu 10 Jul 2025 11:29:50 +0000
ROA not after: Wed 10 Jul 2030 11:29:50 +0000
asID: 20473
IP address blocks: 102.215.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl
rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.mft
rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Jul 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1733 (0x6c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3614659AF, serialNumber=60A0E5D1AC66C8AE3B7C9E6A8EF5BC04B8BBB88E
Validity
Not Before: Jul 10 11:29:50 2025 GMT
Not After : Jul 10 11:29:50 2030 GMT
Subject: CN=686fa433-a1a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2b:5e:9c:5d:cf:0c:0f:db:d9:c8:c8:c8:d7:
0e:f4:8a:db:0d:81:c5:35:0d:b2:4f:0a:4b:2d:4c:
7a:cb:b5:3c:6f:15:d1:db:cd:86:82:c6:a3:dd:18:
d2:0d:39:18:da:21:0f:df:41:eb:c3:54:43:de:92:
4e:d6:2c:c0:34:05:49:5e:4d:40:20:23:76:2d:80:
10:6c:39:40:62:03:1b:e8:c4:7b:96:ea:47:04:e0:
95:37:1a:fa:af:ba:9f:7a:25:d7:50:35:99:74:1c:
e0:6d:b6:be:cf:2d:3e:51:43:58:72:d5:a0:cf:f9:
e0:64:67:9c:51:44:97:fe:c5:0b:3c:cb:31:be:cc:
e5:af:0b:9a:e3:c3:de:97:7c:8d:00:8f:6f:a0:44:
54:07:cb:3f:e5:dc:e3:3e:ec:12:63:12:fc:6e:c7:
0e:b9:6c:b2:12:70:32:85:27:66:b0:36:e5:a3:88:
25:8f:25:44:88:de:6b:da:54:43:10:e9:89:13:bb:
6f:79:6b:85:f8:cf:08:eb:59:75:c3:8d:51:42:e8:
78:6f:5d:45:e9:44:88:92:78:a3:26:88:2c:2b:3a:
a2:2a:43:12:23:1a:f4:08:a3:e5:56:e8:34:5e:55:
bf:17:75:38:1c:17:d2:40:9f:4c:e3:2d:ab:f8:8c:
1d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:99:E7:3E:97:89:B5:71:25:40:BF:66:D4:E5:95:58:41:93:3C:AF
X509v3 Authority Key Identifier:
keyid:60:A0:E5:D1:AC:66:C8:AE:3B:7C:9E:6A:8E:F5:BC:04:B8:BB:B8:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/YKDl0axmyK47fJ5qjvW8BLi7uI4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/YKDl0axmyK47fJ5qjvW8BLi7uI4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3614659/6656DE746DF811ECBCC210765A40D577/33923BD85D8111F08841CD91DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.215.225.0/24
Signature Algorithm: sha256WithRSAEncryption
84:8c:99:7b:86:2f:ab:93:09:96:97:ee:cb:a9:09:39:78:7a:
c0:40:71:b5:a3:61:9b:fe:64:95:17:da:6f:c8:44:5d:b8:9f:
32:27:1d:b8:a1:74:0b:c1:1a:b7:a5:f2:c0:bb:18:1f:6b:f4:
56:eb:e3:8e:88:88:51:15:7d:79:a5:6a:f6:4a:07:60:15:9e:
99:50:ef:72:66:39:0c:b4:96:96:b3:1c:a1:56:a4:5d:0c:fe:
74:9f:80:f8:b7:be:43:c8:ea:d2:d1:01:b9:fc:ef:c8:31:ce:
75:89:05:ee:87:48:19:67:11:a9:12:dc:b3:6c:cf:46:17:b2:
ae:5f:b2:2c:c6:d3:98:ed:9e:42:ae:86:f3:e1:1f:be:b6:a7:
49:43:86:27:5b:3d:3e:3d:39:0d:87:8e:1a:ef:ca:e4:25:36:
f0:dd:46:99:f2:7f:6d:95:8b:1d:f8:b8:3b:22:8e:7d:fc:c1:
27:fb:12:b9:a2:78:41:0d:5c:b4:33:47:0e:51:60:6e:17:12:
ae:30:0b:8b:67:eb:81:57:6d:2a:47:25:f7:27:75:b8:dc:44:
b2:8e:fe:dd:e0:6a:db:b0:02:1a:cf:dd:9f:d3:e8:a3:c1:2c:
5b:12:fb:8d:0e:18:25:43:8d:53:8f:99:ef:cf:8c:b4:9d:77:
25:a4:e8:7a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBsUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTQ2NTlBRjExMC8GA1UEBRMoNjBBMEU1RDFBQzY2QzhBRTNCN0M5RTZBOEVGNUJD
MDRCOEJCQjg4RTAeFw0yNTA3MTAxMTI5NTBaFw0zMDA3MTAxMTI5NTBaMBgxFjAU
BgNVBAMTDTY4NmZhNDMzLWExYTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2K16cXc8MD9vZyMjI1w70itsNgcU1DbJPCkstTHrLtTxvFdHbzYaCxqPd
GNINORjaIQ/fQevDVEPekk7WLMA0BUleTUAgI3YtgBBsOUBiAxvoxHuW6kcE4JU3
Gvqvup96JddQNZl0HOBttr7PLT5RQ1hy1aDP+eBkZ5xRRJf+xQs8yzG+zOWvC5rj
w96XfI0Aj2+gRFQHyz/l3OM+7BJjEvxuxw65bLIScDKFJ2awNuWjiCWPJUSI3mva
VEMQ6YkTu295a4X4zwjrWXXDjVFC6HhvXUXpRIiSeKMmiCwrOqIqQxIjGvQIo+VW
6DReVb8XdTgcF9JAn0zjLav4jB1PAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzZnn
PpeJtXElQL9m1OWVWEGTPK8wHwYDVR0jBBgwFoAUYKDl0axmyK47fJ5qjvW8BLi7
uI4wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVBNDBENTc3L1lLRGww
YXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1lLRGwwYXhteUs0N2ZKNXFqdlc4QkxpN3VJNC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE0NjU5LzY2NTZERTc0NkRGODExRUNCQ0MyMTA3NjVB
NDBENTc3LzMzOTIzQkQ4NUQ4MTExRjA4ODQxQ0Q5MURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABm1+EwDQYJKoZIhvcNAQEL
BQADggEBAISMmXuGL6uTCZaX7supCTl4esBAcbWjYZv+ZJUX2m/IRF24nzInHbih
dAvBGrel8sC7GB9r9Fbr446IiFEVfXmlavZKB2AVnplQ73JmOQy0lpazHKFWpF0M
/nSfgPi3vkPI6tLRAbn878gxznWJBe6HSBlnEakS3LNsz0YXsq5fsizG05jtnkKu
hvPhH762p0lDhidbPT49OQ2HjhrvyuQlNvDdRpnyf22Vix34uDsijn38wSf7Ermi
eEENXLQzRw5RYG4XEq4wC4tn64FXbSpHJfcndbjcRLKO/t3gatuwAhrP3Z/T6KPB
LFsS+40OGCVDjVOPme/PjLSddyWk6Ho=
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:06:23 2025 by rpki-client