Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9C3133463AF011F0AB8A2395DAE4EC9C.roa
File: 9C3133463AF011F0AB8A2395DAE4EC9C.roa (raw, json)
Hash identifier: +cBNyyw60W5wcXurlT5awDyGO62VYqH0s+pgv77ISjM=
Subject key identifier: C9:F0:CD:1C:0C:8B:EF:AB:E7:0C:1D:37:D8:7E:09:D0:C5:DA:72:D8
Certificate issuer: /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial: 1B09
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9C3133463AF011F0AB8A2395DAE4EC9C.roa
Signing time: Tue 27 May 2025 11:49:14 +0000
ROA not before: Tue 27 May 2025 11:49:09 +0000
ROA not after: Thu 27 May 2027 11:49:09 +0000
asID: 61317
IP address blocks: 154.16.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Jun 2025 00:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6921 (0x1b09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Validity
Not Before: May 27 11:49:09 2025 GMT
Not After : May 27 11:49:09 2027 GMT
Subject: CN=6835a6ba-3a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:7d:b2:b8:e6:01:f3:a5:3f:27:5a:99:b6:
5b:8c:ab:0e:a0:1f:de:ba:de:04:03:7c:2b:cb:e9:
c2:cb:30:20:c5:fb:8c:55:56:6e:22:7d:06:75:ce:
6c:a3:cf:5b:e0:a9:b3:f2:80:6f:f3:d2:ea:4c:d3:
72:13:6d:55:ec:e2:8e:5e:70:48:84:d1:ad:77:d2:
c2:7c:70:e9:53:43:62:37:a4:86:96:cc:6f:a9:89:
85:12:b6:da:ea:08:25:e0:0d:bc:c9:1f:61:fc:db:
ce:2f:3f:0d:02:d0:4c:63:b4:06:1e:ce:50:fb:4f:
2f:27:29:5c:98:78:72:6a:df:de:7e:0c:97:91:bf:
19:7a:1d:92:6d:a9:9d:ac:f0:09:ed:99:c9:64:e4:
36:fc:dd:39:4b:9c:82:42:70:97:c4:c0:b3:47:cf:
54:65:18:0c:1e:f9:cd:20:f8:e2:2d:90:10:31:17:
1d:71:e1:b0:38:8d:27:25:61:df:b6:f5:1e:2a:cb:
4c:b1:61:01:e7:96:0a:02:13:43:dc:35:8f:c8:36:
e7:75:c3:8b:e4:ad:4c:da:fe:b3:c7:5c:fa:6d:6f:
1c:80:61:1d:96:3d:f0:51:1a:2b:f3:d6:ee:79:f3:
9c:08:99:a6:86:14:a7:13:4e:33:f5:63:fe:7d:ad:
74:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F0:CD:1C:0C:8B:EF:AB:E7:0C:1D:37:D8:7E:09:D0:C5:DA:72:D8
X509v3 Authority Key Identifier:
keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/9C3133463AF011F0AB8A2395DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.16.92.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f9:01:23:8a:e2:2a:f6:d8:50:43:46:ea:e5:c3:4f:23:9b:
d0:ba:c9:52:14:87:d1:09:d5:e5:08:31:5c:e2:8b:49:fc:be:
fa:10:da:37:24:55:4e:b5:44:05:fb:67:c3:45:91:92:e5:8c:
9e:72:e6:49:ee:31:13:6e:1f:9b:72:96:d2:c7:f3:cf:96:46:
64:f0:46:c8:54:dc:ab:e7:2c:e0:56:7f:35:15:b8:f9:07:05:
0a:fe:7a:e6:bd:00:2a:05:8d:69:41:b6:07:41:7c:d3:d7:2a:
6b:2b:45:44:ed:2d:79:0b:37:09:dc:b7:79:55:be:72:5e:d3:
b9:7e:e2:97:50:7b:32:01:44:78:da:4f:92:de:f8:d0:4b:ba:
aa:9a:c6:3a:8c:7f:9d:d6:4e:ed:e1:fe:33:55:0d:d0:4f:d3:
e3:8d:01:84:ee:a9:83:12:87:82:de:ea:be:5d:3b:a3:33:16:
49:e5:bd:0d:f6:46:8c:f8:0a:f1:22:ad:2e:ff:fd:29:e9:bc:
9f:10:07:37:3e:9b:a6:ef:8d:e1:58:53:99:9f:ff:de:ec:fe:
7a:9b:04:78:fb:dd:c1:61:b8:c3:c3:8c:bd:35:67:32:75:27:
4c:d0:09:a8:74:44:5d:f3:bf:e2:9c:eb:b6:34:24:9f:4c:f9:
f3:3f:c9:e7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGwkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA1MjcxMTQ5MDlaFw0yNzA1MjcxMTQ5MDlaMBgxFjAU
BgNVBAMTDTY4MzVhNmJhLTNhOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCx8X2yuOYB86U/J1qZtluMqw6gH9663gQDfCvL6cLLMCDF+4xVVm4ifQZ1
zmyjz1vgqbPygG/z0upM03ITbVXs4o5ecEiE0a130sJ8cOlTQ2I3pIaWzG+piYUS
ttrqCCXgDbzJH2H8284vPw0C0ExjtAYezlD7Ty8nKVyYeHJq395+DJeRvxl6HZJt
qZ2s8Antmclk5Db83TlLnIJCcJfEwLNHz1RlGAwe+c0g+OItkBAxFx1x4bA4jScl
Yd+29R4qy0yxYQHnlgoCE0PcNY/INud1w4vkrUza/rPHXPptbxyAYR2WPfBRGivz
1u5585wImaaGFKcTTjP1Y/59rXSRAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUyfDN
HAyL76vnDB032H4J0MXactgwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzlDMzEzMzQ2M0FGMDExRjBBQjhBMjM5NURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEFwwDQYJKoZIhvcNAQEL
BQADggEBAE/5ASOK4ir22FBDRurlw08jm9C6yVIUh9EJ1eUIMVzii0n8vvoQ2jck
VU61RAX7Z8NFkZLljJ5y5knuMRNuH5tyltLH88+WRmTwRshU3KvnLOBWfzUVuPkH
BQr+eua9ACoFjWlBtgdBfNPXKmsrRUTtLXkLNwnct3lVvnJe07l+4pdQezIBRHja
T5Le+NBLuqqaxjqMf53WTu3h/jNVDdBP0+ONAYTuqYMSh4Le6r5dO6MzFknlvQ32
Roz4CvEirS7//SnpvJ8QBzc+m6bvjeFYU5mf/97s/nqbBHj73cFhuMPDjL01ZzJ1
J0zQCah0RF3zv+Kc67Y0JJ9M+fM/yec=
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:54:21 2025 by rpki-client