Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2B76A00E83DF11F0AE39A48DDAE4EC9C.roa
File: 2B76A00E83DF11F0AE39A48DDAE4EC9C.roa (raw, json)
Hash identifier: K5mctOQRW83LaJJpKhOuj/Y2/MZiXlK9VQ2hbUPDyE4=
Subject key identifier: F6:76:9D:5C:70:BB:D0:D7:85:7B:C4:2D:4F:26:1B:8A:39:92:3A:D2
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1BE1
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2B76A00E83DF11F0AE39A48DDAE4EC9C.roa
Signing time: Thu 28 Aug 2025 07:18:18 +0000
ROA not before: Thu 28 Aug 2025 07:18:14 +0000
ROA not after: Sat 28 Aug 2027 07:18:14 +0000
asID: 14618
IP address blocks: 154.16.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 19 Sep 2025 01:15:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7137 (0x1be1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Aug 28 07:18:14 2025 GMT
Not After : Aug 28 07:18:14 2027 GMT
Subject: CN=68b002ba-5ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1b:b1:46:a9:5c:84:bc:e9:46:14:13:55:d8:
aa:3d:c9:80:70:15:a5:8a:63:8f:70:8e:ff:d7:93:
e0:85:71:4d:c5:44:b1:62:db:98:df:12:c0:71:68:
dd:7e:8f:4c:85:ef:83:0a:ae:5e:1b:b6:d5:00:74:
11:03:ef:b5:be:f0:bc:6f:59:b2:9b:34:51:27:88:
dc:12:98:28:34:df:85:e8:2c:0d:26:2e:3c:61:92:
f7:b5:73:cf:d8:3a:2c:0b:56:63:ae:8b:ce:44:af:
75:41:60:aa:a3:2c:94:c9:46:c6:82:a3:ad:02:96:
cf:62:c0:22:31:66:96:52:cd:2e:64:07:7f:03:49:
4f:54:be:2a:cf:7f:9e:55:16:d7:99:fe:cb:0c:dd:
6b:ba:4f:ac:83:49:21:0a:76:b2:0f:fe:08:c3:8f:
af:62:28:7c:c3:58:22:10:89:06:38:40:ab:19:29:
0e:44:bd:1f:52:06:7e:a6:5d:02:d5:b0:d4:b7:26:
36:70:f8:2c:13:31:f9:a5:5d:c2:3d:c9:d7:a1:09:
14:e0:da:17:fc:68:2c:19:0e:52:56:00:ba:d8:74:
21:7f:90:91:f4:76:71:63:9e:7b:cd:37:75:21:c7:
f3:82:05:88:31:71:3f:0f:0c:cc:0b:e6:7f:e1:6a:
ca:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:76:9D:5C:70:BB:D0:D7:85:7B:C4:2D:4F:26:1B:8A:39:92:3A:D2
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2B76A00E83DF11F0AE39A48DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.56.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:ad:e5:b5:80:a9:4c:df:c1:5b:de:45:c7:96:3f:4e:43:3c:
79:a0:ec:73:80:97:67:b7:9b:05:cd:5d:3a:7a:db:e3:85:f5:
19:be:21:f3:02:c0:b1:d6:a1:da:fd:90:10:11:5f:9c:c3:f7:
d7:89:dd:0e:5f:79:d0:3a:bf:fe:d1:92:7b:06:0d:73:1f:2e:
4a:70:06:84:7c:aa:1f:5b:bf:f3:01:cb:23:b3:81:31:cc:01:
46:c6:c7:96:57:01:b5:3f:2d:2e:b0:fd:0c:a9:e7:18:7e:66:
03:8c:5e:ab:98:5b:38:a6:03:b1:08:84:29:92:83:51:1e:68:
ca:81:7c:51:17:35:d3:f1:01:c0:aa:30:33:0b:9d:1a:92:5c:
e6:ea:c9:69:cb:b1:1e:c1:b9:d4:a0:2a:37:a8:e3:e0:49:31:
ef:33:82:b0:7e:9f:35:bb:01:3f:4d:cd:a0:c9:71:69:18:09:
64:71:c0:ff:38:7c:98:71:0a:ac:81:08:55:5f:c8:18:e2:a1:
40:48:bc:6f:59:f6:72:7c:30:d7:99:41:79:c1:99:b2:cb:de:
6e:01:3f:2c:a4:f6:6b:54:83:5e:55:bb:a5:54:4d:8e:87:5e:
0a:43:92:d4:fc:48:52:76:9a:94:87:2d:b7:12:a8:f9:43:2e:
bd:fd:9f:46
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICG+EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA4MjgwNzE4MTRaFw0yNzA4MjgwNzE4MTRaMBgxFjAU
BgNVBAMTDTY4YjAwMmJhLTVlZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCqG7FGqVyEvOlGFBNV2Ko9yYBwFaWKY49wjv/Xk+CFcU3FRLFi25jfEsBx
aN1+j0yF74MKrl4bttUAdBED77W+8LxvWbKbNFEniNwSmCg034XoLA0mLjxhkve1
c8/YOiwLVmOui85Er3VBYKqjLJTJRsaCo60Cls9iwCIxZpZSzS5kB38DSU9UvirP
f55VFteZ/ssM3Wu6T6yDSSEKdrIP/gjDj69iKHzDWCIQiQY4QKsZKQ5EvR9SBn6m
XQLVsNS3JjZw+CwTMfmlXcI9ydehCRTg2hf8aCwZDlJWALrYdCF/kJH0dnFjnnvN
N3Uhx/OCBYgxcT8PDMwL5n/haso9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9nad
XHC70NeFe8QtTyYbijmSOtIwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzJCNzZBMDBFODNERjExRjBBRTM5QTQ4RERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDgwDQYJKoZIhvcNAQEL
BQADggEBAH2t5bWAqUzfwVveRceWP05DPHmg7HOAl2e3mwXNXTp62+OF9Rm+IfMC
wLHWodr9kBARX5zD99eJ3Q5fedA6v/7RknsGDXMfLkpwBoR8qh9bv/MByyOzgTHM
AUbGx5ZXAbU/LS6w/Qyp5xh+ZgOMXquYWzimA7EIhCmSg1EeaMqBfFEXNdPxAcCq
MDMLnRqSXObqyWnLsR7BudSgKjeo4+BJMe8zgrB+nzW7AT9NzaDJcWkYCWRxwP84
fJhxCqyBCFVfyBjioUBIvG9Z9nJ8MNeZQXnBmbLL3m4BPyyk9mtUg15Vu6VUTY6H
XgpDktT8SFJ2mpSHLbcSqPlDLr39n0Y=
-----END CERTIFICATE-----
Generated at Wed Sep 17 13:09:27 2025 by rpki-client