Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/591D33B4840311F0A77B64F5DAE4EC9C.roa
File: 591D33B4840311F0A77B64F5DAE4EC9C.roa (raw, json)
Hash identifier: KKjs72tQMMcJfTehebh3igFkn69k8zXYHn3PeD37EGw=
Subject key identifier: 2F:A3:A2:AC:3A:43:A7:6A:93:05:46:19:11:E1:1E:DB:B7:C7:39:D5
Certificate issuer: /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial: 077E
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/591D33B4840311F0A77B64F5DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 11:37:17 +0000
ROA not before: Thu 28 Aug 2025 11:37:12 +0000
ROA not after: Mon 29 Sep 2025 11:37:12 +0000
asID: 200113
IP address blocks: 102.177.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 09 Sep 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1918 (0x77e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Validity
Not Before: Aug 28 11:37:12 2025 GMT
Not After : Sep 29 11:37:12 2025 GMT
Subject: CN=68b03f6d-7626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b7:77:a5:02:d5:bf:39:5c:26:23:43:ec:c8:
71:75:aa:5d:2b:69:b7:37:94:96:f3:c4:42:53:42:
a7:e6:f1:7f:99:45:b2:51:f0:cc:fc:66:33:98:60:
19:3c:b2:9a:4e:da:c7:b6:84:b7:02:ef:4f:27:e6:
fe:7e:44:96:e7:ec:c6:2f:a0:ec:97:a2:b2:60:e9:
d7:63:a2:32:7c:35:8c:0d:06:d0:86:17:78:09:77:
e2:9a:cb:79:2c:16:71:cf:72:85:d8:2e:4f:f4:a3:
ae:28:9a:d5:bf:c2:f0:f9:fd:73:8f:13:f6:2b:42:
f7:6e:2c:1c:f2:65:34:09:2d:ae:92:ec:c2:13:d5:
e7:e6:bd:2b:1e:c9:cd:dc:ef:cb:b2:b4:5f:fd:0f:
f9:9d:ef:3a:e8:33:32:7d:d3:03:5e:14:9b:b9:92:
a7:9b:5e:af:86:2c:22:2c:49:9b:da:89:eb:81:84:
b3:4d:56:50:5d:6b:7c:3e:89:a8:b3:05:5a:72:d1:
2c:59:a8:d3:37:ce:49:e7:0a:c8:36:de:54:f4:ac:
c7:66:31:f6:cf:27:d7:55:d3:e3:b8:3b:1b:51:ac:
dd:81:22:d4:7d:a5:e3:85:bb:91:50:d2:e2:de:b7:
fe:8e:c4:75:3a:b2:03:2f:a9:18:d5:cd:7f:0a:a1:
e5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A3:A2:AC:3A:43:A7:6A:93:05:46:19:11:E1:1E:DB:B7:C7:39:D5
X509v3 Authority Key Identifier:
keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/591D33B4840311F0A77B64F5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
102.177.184.0/24
Signature Algorithm: sha256WithRSAEncryption
80:4f:79:bd:0d:ee:b9:e5:b2:66:d1:f8:a3:86:a3:35:aa:71:
79:1f:90:e6:d6:f9:78:76:e6:43:51:e7:38:05:a6:1c:25:1c:
94:ba:7e:9e:47:5e:55:da:1a:0b:5e:cc:32:f9:48:9e:bc:6f:
f0:72:d9:6f:8f:67:4b:e8:cd:03:64:05:d4:93:78:8f:f6:87:
b1:ab:0f:61:45:ab:2a:7f:c7:25:7d:21:18:76:5e:6d:11:3f:
a3:c9:d1:41:2b:05:1e:70:da:84:86:60:89:aa:9f:f1:e7:ae:
da:68:46:13:24:6f:c2:4a:1c:c8:d2:7e:02:aa:2e:ac:da:a7:
ed:1f:58:27:50:e8:7d:e5:fe:af:c7:8a:7d:33:61:4b:33:6c:
34:37:ad:8f:27:40:ff:0b:17:25:82:f2:26:d2:33:d0:51:6c:
b7:91:b6:d8:53:84:77:35:56:f1:5f:f8:9e:c7:40:ba:c5:95:
54:c2:79:4b:5d:22:52:fa:12:9d:35:4f:25:6d:31:a0:0c:78:
19:1c:66:49:d6:8a:9f:bd:d1:2f:3d:43:79:29:bc:7f:fd:6c:
f7:55:fc:ec:b0:b9:58:73:31:41:75:a1:42:1c:48:43:03:76:
d9:8c:e4:a7:5b:dd:8f:5c:4a:45:4d:da:af:a0:c1:a4:ed:72:
da:ee:79:e0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB34wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNTA4MjgxMTM3MTJaFw0yNTA5MjkxMTM3MTJaMBgxFjAU
BgNVBAMTDTY4YjAzZjZkLTc2MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/t3elAtW/OVwmI0PsyHF1ql0rabc3lJbzxEJTQqfm8X+ZRbJR8Mz8ZjOY
YBk8sppO2se2hLcC708n5v5+RJbn7MYvoOyXorJg6ddjojJ8NYwNBtCGF3gJd+Ka
y3ksFnHPcoXYLk/0o64omtW/wvD5/XOPE/YrQvduLBzyZTQJLa6S7MIT1efmvSse
yc3c78uytF/9D/md7zroMzJ90wNeFJu5kqebXq+GLCIsSZvaieuBhLNNVlBda3w+
iaizBVpy0SxZqNM3zknnCsg23lT0rMdmMfbPJ9dV0+O4OxtRrN2BItR9peOFu5FQ
0uLet/6OxHU6sgMvqRjVzX8KoeW5AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUL6Oi
rDpDp2qTBUYZEeEe27fHOdUwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzU5MUQzM0I0ODQwMzExRjBBNzdCNjRGNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsbgwDQYJKoZIhvcNAQEL
BQADggEBAIBPeb0N7rnlsmbR+KOGozWqcXkfkObW+Xh25kNR5zgFphwlHJS6fp5H
XlXaGgtezDL5SJ68b/By2W+PZ0vozQNkBdSTeI/2h7GrD2FFqyp/xyV9IRh2Xm0R
P6PJ0UErBR5w2oSGYImqn/HnrtpoRhMkb8JKHMjSfgKqLqzap+0fWCdQ6H3l/q/H
in0zYUszbDQ3rY8nQP8LFyWC8ibSM9BRbLeRtthThHc1VvFf+J7HQLrFlVTCeUtd
IlL6Ep01TyVtMaAMeBkcZknWip+90S89Q3kpvH/9bPdV/OywuVhzMUF1oUIcSEMD
dtmM5Kdb3Y9cSkVN2q+gwaTtctrueeA=
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:45:50 2025 by rpki-client