Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3633396/FC567508067711EC9D163D5AD8A014CE/B83520CE3C5411F0B678C6A7DAE4EC9C.roa
File: B83520CE3C5411F0B678C6A7DAE4EC9C.roa (raw, json)
Hash identifier: G6iOOYX+72GS+UQO3yIOd7hEz/TAFLzGnnM38j3t3+w=
Subject key identifier: E1:91:89:49:54:99:E5:F7:B1:F9:D7:0D:DA:EA:00:6E:30:3D:51:2B
Certificate issuer: /CN=F3633396AF/serialNumber=352BA71D11D76A483C9EC79B49646F8B45D838BA
Certificate serial: 0586
Authority key identifier: 35:2B:A7:1D:11:D7:6A:48:3C:9E:C7:9B:49:64:6F:8B:45:D8:38:BA
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/NSunHRHXakg8nsebSWRvi0XYOLo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3633396/FC567508067711EC9D163D5AD8A014CE/B83520CE3C5411F0B678C6A7DAE4EC9C.roa
Signing time: Thu 29 May 2025 06:18:22 +0000
ROA not before: Thu 29 May 2025 06:18:16 +0000
ROA not after: Mon 31 Dec 2035 06:18:16 +0000
asID: 327726
IP address blocks: 154.72.4.0/22 maxlen: 22
154.72.4.0/22 maxlen: 24
154.72.4.0/23 maxlen: 23
154.72.4.0/24 maxlen: 24
154.72.5.0/24 maxlen: 24
154.72.6.0/23 maxlen: 23
154.72.6.0/24 maxlen: 24
154.72.7.0/24 maxlen: 24
2c0f:f700::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3633396/FC567508067711EC9D163D5AD8A014CE/NSunHRHXakg8nsebSWRvi0XYOLo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3633396/FC567508067711EC9D163D5AD8A014CE/NSunHRHXakg8nsebSWRvi0XYOLo.mft
rsync://rpki.afrinic.net/repository/afrinic/NSunHRHXakg8nsebSWRvi0XYOLo.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Jul 2025 00:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1414 (0x586)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3633396AF, serialNumber=352BA71D11D76A483C9EC79B49646F8B45D838BA
Validity
Not Before: May 29 06:18:16 2025 GMT
Not After : Dec 31 06:18:16 2035 GMT
Subject: CN=6837fc2e-7a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:08:26:5a:89:26:7c:04:ff:e7:e7:32:f7:b1:
b8:a8:f8:f5:11:04:1e:20:98:c4:7f:0f:93:ed:4a:
5f:28:28:a7:f6:e1:ec:88:9e:2e:17:2f:7d:62:f1:
9e:29:58:d9:3d:40:0a:aa:cd:e7:0b:fc:86:9a:c2:
ce:4d:3c:6b:10:ef:a5:13:dc:91:83:11:cd:a6:88:
ba:16:ea:5b:b5:8e:9d:48:9e:0a:03:4b:bd:39:92:
b1:c1:33:ba:7b:fc:6e:ba:06:f5:02:06:4d:52:7f:
9e:13:dc:0d:ec:46:3c:37:49:9a:eb:ca:02:90:99:
65:f8:7d:7f:26:84:96:f0:78:05:e9:43:9d:64:1f:
2e:12:79:a5:aa:44:43:d8:74:dc:46:4d:62:c4:55:
30:89:72:d8:9e:14:f9:d5:9b:30:62:bf:a8:a8:a7:
fa:44:2e:88:16:2f:48:5c:84:4c:ae:4c:49:0a:10:
f8:1a:15:ee:35:3e:a6:f8:ab:bd:75:2f:e2:bb:3f:
7a:b6:37:d0:7d:81:b2:95:7b:0b:1b:db:5e:45:ef:
27:bd:f2:21:5c:80:ac:e6:a0:1f:b8:54:c2:2f:6a:
e3:39:ef:4e:77:9d:28:bf:59:59:6b:a0:f1:08:af:
ca:af:7c:93:07:e5:22:e0:e0:af:cf:32:98:8a:d5:
92:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:91:89:49:54:99:E5:F7:B1:F9:D7:0D:DA:EA:00:6E:30:3D:51:2B
X509v3 Authority Key Identifier:
keyid:35:2B:A7:1D:11:D7:6A:48:3C:9E:C7:9B:49:64:6F:8B:45:D8:38:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3633396/FC567508067711EC9D163D5AD8A014CE/NSunHRHXakg8nsebSWRvi0XYOLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/NSunHRHXakg8nsebSWRvi0XYOLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3633396/FC567508067711EC9D163D5AD8A014CE/B83520CE3C5411F0B678C6A7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.72.4.0/22
IPv6:
2c0f:f700::/32
Signature Algorithm: sha256WithRSAEncryption
a7:57:07:94:ba:04:5f:f1:37:5b:55:22:67:2d:08:fb:d9:60:
dc:57:e9:23:83:88:d2:27:30:31:36:e6:9b:a5:23:fe:ab:6d:
19:7c:8d:26:b8:bf:ee:a4:57:0c:51:33:6a:2d:77:5e:ec:38:
23:8b:e4:5a:52:60:9f:eb:5f:52:fd:5b:38:8e:aa:43:1c:d9:
b0:f1:47:c6:23:74:37:96:8f:ab:b7:85:cd:9c:42:6a:48:f4:
81:11:3a:4c:36:28:7e:61:68:ed:f4:5d:a2:35:c1:e6:67:69:
ad:2d:fe:b9:1e:d2:0c:93:d9:62:73:fb:88:aa:aa:5a:da:f4:
7d:78:17:25:bb:aa:9f:88:15:cb:80:a1:a1:b7:88:ff:f9:61:
7b:10:b7:93:d2:f7:d3:fb:0e:a9:49:73:5a:af:90:02:0b:02:
9a:25:a5:1c:f1:ed:36:94:3d:f9:b9:2a:3c:2f:cd:e4:ec:cb:
b2:be:7f:60:bd:ce:eb:60:8f:5c:c8:2d:5c:b3:2d:2d:8d:cc:
8f:bc:47:fa:75:26:e2:0c:ff:00:cf:67:c8:4d:20:32:74:61:
5a:7d:b9:69:90:07:77:db:f0:41:22:e8:c6:8f:6a:7d:a4:d6:
16:dd:f5:9e:aa:3e:09:20:11:43:f2:5a:5b:65:f6:ae:82:e1:
ee:ce:d6:fe
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBYYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzMzOTZBRjExMC8GA1UEBRMoMzUyQkE3MUQxMUQ3NkE0ODNDOUVDNzlCNDk2NDZG
OEI0NUQ4MzhCQTAeFw0yNTA1MjkwNjE4MTZaFw0zNTEyMzEwNjE4MTZaMBgxFjAU
BgNVBAMTDTY4MzdmYzJlLTdhOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC1CCZaiSZ8BP/n5zL3sbio+PURBB4gmMR/D5PtSl8oKKf24eyIni4XL31i
8Z4pWNk9QAqqzecL/Iaaws5NPGsQ76UT3JGDEc2miLoW6lu1jp1IngoDS705krHB
M7p7/G66BvUCBk1Sf54T3A3sRjw3SZrrygKQmWX4fX8mhJbweAXpQ51kHy4SeaWq
REPYdNxGTWLEVTCJctieFPnVmzBiv6iop/pELogWL0hchEyuTEkKEPgaFe41Pqb4
q711L+K7P3q2N9B9gbKVewsb215F7ye98iFcgKzmoB+4VMIvauM57053nSi/WVlr
oPEIr8qvfJMH5SLg4K/PMpiK1ZLpAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU4ZGJ
SVSZ5fex+dcN2uoAbjA9USswHwYDVR0jBBgwFoAUNSunHRHXakg8nsebSWRvi0XY
OLowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjMzMzk2L0ZDNTY3NTA4MDY3NzExRUM5RDE2M0Q1QUQ4QTAxNENFL05TdW5I
UkhYYWtnOG5zZWJTV1J2aTBYWU9Mby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL05TdW5IUkhYYWtnOG5zZWJTV1J2aTBYWU9Mby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjMzMzk2L0ZDNTY3NTA4MDY3NzExRUM5RDE2M0Q1QUQ4
QTAxNENFL0I4MzUyMENFM0M1NDExRjBCNjc4QzZBN0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAKaSAQwDQQCAAIwBwMFACwP
9wAwDQYJKoZIhvcNAQELBQADggEBAKdXB5S6BF/xN1tVImctCPvZYNxX6SODiNIn
MDE25pulI/6rbRl8jSa4v+6kVwxRM2otd17sOCOL5FpSYJ/rX1L9WziOqkMc2bDx
R8YjdDeWj6u3hc2cQmpI9IEROkw2KH5haO30XaI1weZnaa0t/rke0gyT2WJz+4iq
qlra9H14FyW7qp+IFcuAoaG3iP/5YXsQt5PS99P7DqlJc1qvkAILApolpRzx7TaU
Pfm5KjwvzeTsy7K+f2C9zutgj1zILVyzLS2NzI+8R/p1JuIM/wDPZ8hNIDJ0YVp9
uWmQB3fb8EEi6MaPan2k1hbd9Z6qPgkgEUPyWltl9q6C4e7O1v4=
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:58:31 2025 by rpki-client