Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/00BC75E2DD6C11EFBCBF8D55762E951A.roa
File: 00BC75E2DD6C11EFBCBF8D55762E951A.roa (raw, json)
Hash identifier: y7EM7ly8esE3gmQ9LHHQhoYVLXQXppG8c2G1B/8sdG0=
Subject key identifier: 49:87:73:77:AF:7C:BF:57:16:18:89:A7:66:37:DF:39:5C:B9:74:77
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 1C
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/00BC75E2DD6C11EFBCBF8D55762E951A.roa
Signing time: Tue 28 Jan 2025 11:35:41 +0000
ROA not before: Tue 28 Jan 2025 11:35:38 +0000
ROA not after: Wed 31 Jan 2035 11:35:38 +0000
asID: 30992
IP address blocks: 129.0.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Jan 28 11:35:38 2025 GMT
Not After : Jan 31 11:35:38 2035 GMT
Subject: CN=6798c10d-9810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d5:eb:69:92:0f:a2:7a:b8:3c:47:a0:e0:ae:
00:ed:51:a8:6d:d4:88:65:12:0c:68:4a:08:b0:49:
bf:e2:f2:31:8f:b6:d8:96:63:c0:89:68:e0:74:a9:
a1:b4:dd:05:40:b4:e3:4e:88:b8:30:d5:4f:a2:21:
aa:07:33:d5:41:5a:95:3d:11:bc:33:62:ce:6f:b8:
85:72:4b:12:d1:46:38:eb:bf:d6:c2:6c:49:21:56:
dd:d1:77:c3:2e:7a:6a:92:a3:84:ee:f7:07:dc:b5:
2c:29:12:9a:61:56:d5:32:78:00:2d:5e:9a:34:94:
2d:89:85:e0:78:f6:56:8c:ec:9e:ff:63:2b:4e:cd:
2c:e7:75:4f:ce:11:9f:e7:f6:a3:de:da:10:ed:e9:
21:04:ff:05:72:f7:5f:d6:f7:64:66:96:3d:8f:ea:
cd:b2:14:0f:8b:7e:e3:de:af:62:8f:2f:91:9f:c4:
00:ce:a0:5e:e8:af:3d:0f:84:a7:5e:fa:2e:e9:a9:
58:3d:a6:8e:58:5d:aa:38:92:40:75:93:87:d1:7f:
04:8f:7c:a7:ff:cf:79:3f:c9:f7:58:dc:6e:95:7f:
b0:aa:b7:7d:ed:7a:21:b6:c2:44:52:6a:51:cd:20:
ac:3f:70:dd:c9:5c:83:9e:7d:4a:a5:52:42:0a:9c:
00:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:87:73:77:AF:7C:BF:57:16:18:89:A7:66:37:DF:39:5C:B9:74:77
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/00BC75E2DD6C11EFBCBF8D55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.108.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:93:c0:ff:53:c8:9e:a3:46:81:dc:b2:ba:a8:82:78:a3:45:
94:df:37:82:47:38:35:a9:35:df:f3:57:48:b4:24:d4:32:c9:
2a:33:58:81:9c:cb:8f:43:97:d7:95:67:c5:98:84:bb:77:f9:
0c:b8:fa:6d:fb:88:d4:7a:d8:c9:84:3f:04:72:a9:2c:b3:4c:
ee:f4:59:0a:f9:d3:86:35:bb:c4:bc:b2:2f:43:11:d3:f8:c1:
cb:fd:bb:c3:b3:5c:74:f2:7a:99:82:c8:3b:7f:a4:ae:d4:0e:
8d:8b:44:51:f9:61:ce:7b:9c:17:19:7b:b6:28:e8:24:0e:88:
f6:1b:fc:1c:3c:9a:d7:d2:c5:ce:62:51:39:ae:38:4b:85:96:
bf:9a:e8:e5:01:59:2a:16:56:56:aa:93:e5:fb:e0:c6:53:19:
7f:bd:14:57:2a:ea:89:3b:cb:ca:5e:33:5c:02:2a:07:a6:ed:
c9:c0:16:26:48:69:7a:95:75:07:02:20:39:71:7b:4f:8a:58:
3c:c4:ca:eb:06:e2:fb:57:f1:6e:2d:08:d8:e7:8e:76:d5:2d:
e7:9d:f9:0e:de:49:3f:9a:5a:45:6f:cb:10:65:f3:85:97:97:
92:06:85:69:d2:a3:0a:1d:58:97:18:74:a6:57:61:79:48:30:
cc:e6:b4:21
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDEyODExMzUzOFoXDTM1MDEzMTExMzUzOFowGDEWMBQG
A1UEAxMNNjc5OGMxMGQtOTgxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3V62mSD6J6uDxHoOCuAO1RqG3UiGUSDGhKCLBJv+LyMY+22JZjwIlo4HSp
obTdBUC0406IuDDVT6Ihqgcz1UFalT0RvDNizm+4hXJLEtFGOOu/1sJsSSFW3dF3
wy56apKjhO73B9y1LCkSmmFW1TJ4AC1emjSULYmF4Hj2Vozsnv9jK07NLOd1T84R
n+f2o97aEO3pIQT/BXL3X9b3ZGaWPY/qzbIUD4t+496vYo8vkZ/EAM6gXuivPQ+E
p176LumpWD2mjlhdqjiSQHWTh9F/BI98p//PeT/J91jcbpV/sKq3fe16IbbCRFJq
Uc0grD9w3clcg559SqVSQgqcAOMCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRJh3N3
r3y/VxYYiadmN985XLl0dzAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvMDBCQzc1RTJERDZDMTFFRkJDQkY4RDU1NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAbDANBgkqhkiG9w0BAQsFAAOC
AQEAKpPA/1PInqNGgdyyuqiCeKNFlN83gkc4Nak13/NXSLQk1DLJKjNYgZzLj0OX
15VnxZiEu3f5DLj6bfuI1HrYyYQ/BHKpLLNM7vRZCvnThjW7xLyyL0MR0/jBy/27
w7NcdPJ6mYLIO3+krtQOjYtEUflhznucFxl7tijoJA6I9hv8HDya19LFzmJROa44
S4WWv5ro5QFZKhZWVqqT5fvgxlMZf70UVyrqiTvLyl4zXAIqB6btycAWJkhpepV1
BwIgOXF7T4pYPMTK6wbi+1fxbi0I2OeOdtUt5535Dt5JP5paRW/LEGXzhZeXkgaF
adKjCh1Ylxh0pldheUgwzOa0IQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:18:04 2025 by rpki-client