Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9268CB68817B11F0A210F6E3DAE4EC9C.roa
File: 9268CB68817B11F0A210F6E3DAE4EC9C.roa (raw, json)
Hash identifier: tIGsbj7UPyrCE6RrIj/wkjs46RIBZMqpr0JeowdPFKM=
Subject key identifier: 13:62:64:B7:45:98:C4:75:D3:5C:23:D9:8A:87:C3:5C:0F:EA:D8:E1
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1BCC
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9268CB68817B11F0A210F6E3DAE4EC9C.roa
Signing time: Mon 25 Aug 2025 06:20:19 +0000
ROA not before: Mon 25 Aug 2025 06:20:14 +0000
ROA not after: Wed 25 Aug 2027 06:20:14 +0000
asID: 147176
IP address blocks: 154.16.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 09 Sep 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7116 (0x1bcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: Aug 25 06:20:14 2025 GMT
Not After : Aug 25 06:20:14 2027 GMT
Subject: CN=68ac00a3-dbff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b8:40:f6:14:52:54:8e:63:d7:e1:6c:d9:d6:
ef:d2:27:8a:5a:63:f0:c1:ff:1f:f1:96:9f:b5:a8:
c2:8c:7c:51:84:45:00:d1:97:aa:b9:83:87:f7:a3:
e0:d3:5e:65:99:69:61:55:7d:7c:ed:83:eb:ed:a5:
1f:3c:82:a3:99:f9:92:8f:1a:a5:36:ff:68:e3:2d:
99:4e:d4:99:45:bb:39:d2:94:0a:3b:25:4d:e3:4a:
88:d3:bd:bd:0a:67:ad:59:97:f3:dc:7c:1b:9e:53:
0d:bb:76:8e:79:64:0d:c9:31:3c:56:9a:2b:1d:af:
7d:91:16:00:0d:38:2e:71:55:f4:ed:57:53:59:ab:
8e:23:60:f8:5a:f9:fb:15:c8:b6:06:85:04:d1:fc:
34:0b:87:49:0c:52:db:a1:5e:40:fb:9f:bf:62:fe:
bd:19:39:d7:9f:8b:48:da:16:4f:74:fd:78:a6:02:
a6:fc:a2:34:2b:90:b3:05:96:b1:89:24:39:cc:cf:
a1:d8:06:79:9c:1c:61:06:ac:f4:de:c3:fb:de:98:
f5:68:c3:9a:06:65:bb:d3:11:7e:06:0a:6e:3d:50:
39:61:74:64:75:fd:a7:c7:2e:3a:82:04:01:d2:fd:
80:7b:5e:cc:86:c5:6e:3e:25:97:c1:7d:1c:2e:b3:
d0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:62:64:B7:45:98:C4:75:D3:5C:23:D9:8A:87:C3:5C:0F:EA:D8:E1
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9268CB68817B11F0A210F6E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.156.0/24
Signature Algorithm: sha256WithRSAEncryption
22:3c:0f:1d:c2:9f:91:5f:72:c9:43:9b:d4:16:07:7e:51:ca:
87:8c:e7:3c:7f:4d:0b:f9:8f:83:2c:7c:c7:a7:b2:0f:77:02:
ce:cd:63:bd:b3:b4:73:6a:47:61:d5:84:22:94:47:bc:60:cf:
e9:56:60:3b:b2:12:eb:a9:8a:6b:48:70:ad:09:3f:1c:7b:86:
e2:45:86:2d:11:8b:33:26:96:3c:11:05:c3:59:4b:b4:c6:a7:
56:58:83:9f:c4:de:ad:61:ea:b8:e6:bc:08:82:5a:cc:8d:77:
af:13:04:6e:28:04:99:11:b2:7f:02:76:aa:82:42:cb:26:0c:
3c:19:d5:c3:4b:2b:99:2f:23:63:36:2e:3a:67:ad:31:47:0d:
ee:0f:b7:80:67:f5:a6:56:55:6b:97:d7:7e:7d:09:6d:53:d3:
81:55:27:f3:0e:be:f5:44:0c:ed:ed:0a:18:24:9e:4a:ba:45:
8b:c3:36:82:03:8e:99:da:ee:60:f8:7e:83:45:22:7e:7b:73:
66:a1:78:0a:39:02:3f:e7:03:63:80:f5:e9:60:19:ad:f1:87:
33:1c:ed:29:8a:c0:3a:38:2a:92:3d:6d:43:42:d7:e2:8b:2c:
b5:35:bb:fe:01:17:63:a6:8d:7e:78:e5:8e:9e:93:8b:e9:bc:
01:ff:8b:42
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICG8wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA4MjUwNjIwMTRaFw0yNzA4MjUwNjIwMTRaMBgxFjAU
BgNVBAMTDTY4YWMwMGEzLWRiZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDzuED2FFJUjmPX4WzZ1u/SJ4paY/DB/x/xlp+1qMKMfFGERQDRl6q5g4f3
o+DTXmWZaWFVfXztg+vtpR88gqOZ+ZKPGqU2/2jjLZlO1JlFuznSlAo7JU3jSojT
vb0KZ61Zl/PcfBueUw27do55ZA3JMTxWmisdr32RFgANOC5xVfTtV1NZq44jYPha
+fsVyLYGhQTR/DQLh0kMUtuhXkD7n79i/r0ZOdefi0jaFk90/XimAqb8ojQrkLMF
lrGJJDnMz6HYBnmcHGEGrPTew/vemPVow5oGZbvTEX4GCm49UDlhdGR1/afHLjqC
BAHS/YB7XsyGxW4+JZfBfRwus9AfAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUE2Jk
t0WYxHXTXCPZiofDXA/q2OEwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzkyNjhDQjY4ODE3QjExRjBBMjEwRjZFM0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEJwwDQYJKoZIhvcNAQEL
BQADggEBACI8Dx3Cn5FfcslDm9QWB35RyoeM5zx/TQv5j4MsfMensg93As7NY72z
tHNqR2HVhCKUR7xgz+lWYDuyEuupimtIcK0JPxx7huJFhi0RizMmljwRBcNZS7TG
p1ZYg5/E3q1h6rjmvAiCWsyNd68TBG4oBJkRsn8CdqqCQssmDDwZ1cNLK5kvI2M2
LjpnrTFHDe4Pt4Bn9aZWVWuX1359CW1T04FVJ/MOvvVEDO3tChgknkq6RYvDNoID
jpna7mD4foNFIn57c2aheAo5Aj/nA2OA9elgGa3xhzMc7SmKwDo4KpI9bUNC1+KL
LLU1u/4BF2OmjX545Y6ek4vpvAH/i0I=
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:28:21 2025 by rpki-client