Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/16EF696C32FF11F09CBD2DABDAE4EC9C.roa
File: 16EF696C32FF11F09CBD2DABDAE4EC9C.roa (raw, json)
Hash identifier: I1v4vOoCLPSCkaZZNVhu6p9Vuju88B2tT3MYURrbIEU=
Subject key identifier: CF:E8:D7:16:C0:25:22:B5:3E:0C:AD:CD:84:95:7D:0B:0F:96:6B:F0
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1AD8
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/16EF696C32FF11F09CBD2DABDAE4EC9C.roa
Signing time: Sat 17 May 2025 09:12:43 +0000
ROA not before: Sat 17 May 2025 09:12:38 +0000
ROA not after: Wed 17 May 2028 09:12:38 +0000
asID: 211192
IP address blocks: 154.16.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6872 (0x1ad8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 17 09:12:38 2025 GMT
Not After : May 17 09:12:38 2028 GMT
Subject: CN=6828530b-8dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d1:32:66:39:9d:c7:fc:43:36:e9:cd:40:38:
96:a5:3e:c6:f4:a0:4d:e5:46:21:d0:84:fd:b4:e8:
12:e0:15:72:94:e4:4b:e5:76:a7:35:69:2b:bd:fa:
2e:9b:8e:a9:2f:14:62:6e:7c:54:48:43:2c:50:71:
93:14:0d:b7:4c:fd:55:08:d7:07:aa:b7:f5:6c:17:
40:d7:39:de:72:c5:03:39:e4:c8:ba:f7:9e:a4:8b:
1d:3b:c3:90:21:af:54:2a:86:e5:29:39:38:a9:14:
b9:26:f8:d6:9f:b6:61:3c:1a:a7:61:4a:d6:c8:61:
7a:79:10:34:be:74:7f:e8:20:0c:b0:38:1f:3b:64:
e2:03:47:07:d3:a3:ad:fd:4a:6d:bb:46:ae:e2:a6:
f1:38:85:5d:5d:2c:51:8b:fa:a0:25:64:35:cd:be:
49:2a:5e:d4:16:5e:72:f1:a0:ef:ac:0e:6f:49:71:
8c:e7:e9:27:91:fe:98:93:80:1a:da:00:7c:9d:ae:
4c:ca:c2:39:f1:31:6b:98:ec:eb:db:b4:4a:b4:7f:
48:fc:8e:dd:b3:4e:63:21:e6:ce:94:21:85:c2:72:
c2:87:f2:d5:07:38:d5:25:aa:c9:e7:ad:63:2c:47:
16:91:c6:4b:24:f2:08:dc:41:f8:94:ab:8f:0f:39:
ee:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E8:D7:16:C0:25:22:B5:3E:0C:AD:CD:84:95:7D:0B:0F:96:6B:F0
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/16EF696C32FF11F09CBD2DABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.203.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:5a:e6:da:ac:9d:d7:01:20:75:61:08:4a:42:42:64:9d:46:
b9:07:8d:5f:c6:94:ab:aa:92:da:50:e0:52:0d:9e:e3:9b:a3:
6a:36:a5:fa:d7:76:f1:96:06:65:a1:9b:10:13:49:aa:ab:e9:
75:f1:37:99:58:a5:d7:bc:6c:3f:b1:bb:fc:73:6a:26:36:72:
f9:7e:a5:6a:88:b4:3b:cc:37:68:78:2c:3f:52:4e:f2:7a:ae:
35:25:77:1c:47:5e:d8:d2:89:d6:e7:b7:47:cd:b4:c5:bc:bd:
41:80:c2:8c:f3:c3:f1:b7:97:0f:53:bf:f7:d6:5d:28:c0:9b:
c0:e6:bc:a6:50:25:05:df:35:73:f1:76:fd:24:58:8f:ef:05:
73:ac:93:61:c8:30:90:aa:d4:c3:6c:89:5f:c1:33:74:f3:f4:
ef:da:ed:2b:42:a3:92:04:7f:61:69:42:d2:34:0c:26:c8:d1:
17:cc:a2:a8:68:20:27:f1:42:68:ce:99:78:1f:74:f9:da:09:
c3:70:7d:8c:55:db:0a:d6:dd:3d:f5:fc:8f:19:91:51:18:74:
3e:74:92:52:ce:46:de:6c:04:52:cd:65:45:31:ab:9d:e9:96:
50:4b:5c:7e:ad:98:58:77:c5:99:22:7d:4b:f5:f5:64:30:2c:
15:d9:04:a3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGtgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA1MTcwOTEyMzhaFw0yODA1MTcwOTEyMzhaMBgxFjAU
BgNVBAMTDTY4Mjg1MzBiLThkYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDR0TJmOZ3H/EM26c1AOJalPsb0oE3lRiHQhP206BLgFXKU5Evldqc1aSu9
+i6bjqkvFGJufFRIQyxQcZMUDbdM/VUI1weqt/VsF0DXOd5yxQM55Mi6956kix07
w5Ahr1QqhuUpOTipFLkm+NaftmE8GqdhStbIYXp5EDS+dH/oIAywOB87ZOIDRwfT
o639Sm27Rq7ipvE4hV1dLFGL+qAlZDXNvkkqXtQWXnLxoO+sDm9JcYzn6SeR/piT
gBraAHydrkzKwjnxMWuY7OvbtEq0f0j8jt2zTmMh5s6UIYXCcsKH8tUHONUlqsnn
rWMsRxaRxksk8gjcQfiUq48POe7/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUz+jX
FsAlIrU+DK3NhJV9Cw+Wa/AwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzE2RUY2OTZDMzJGRjExRjA5Q0JEMkRBQkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEMswDQYJKoZIhvcNAQEL
BQADggEBAIpa5tqsndcBIHVhCEpCQmSdRrkHjV/GlKuqktpQ4FINnuObo2o2pfrX
dvGWBmWhmxATSaqr6XXxN5lYpde8bD+xu/xzaiY2cvl+pWqItDvMN2h4LD9STvJ6
rjUldxxHXtjSidbnt0fNtMW8vUGAwozzw/G3lw9Tv/fWXSjAm8DmvKZQJQXfNXPx
dv0kWI/vBXOsk2HIMJCq1MNsiV/BM3Tz9O/a7StCo5IEf2FpQtI0DCbI0RfMoqho
ICfxQmjOmXgfdPnaCcNwfYxV2wrW3T31/I8ZkVEYdD50klLORt5sBFLNZUUxq53p
llBLXH6tmFh3xZkifUv19WQwLBXZBKM=
-----END CERTIFICATE-----
Generated at Wed Jun 4 11:27:03 2025 by rpki-client