Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/06E8A27AE71611EF9638C291762E951A.roa
File: 06E8A27AE71611EF9638C291762E951A.roa (raw, json)
Hash identifier: Ot/zGZbzI2R4LzAmgGX8PT7Pb1NjpFW5prBl7CcOnKE=
Subject key identifier: C5:0F:90:B9:D6:87:12:8E:A3:26:CD:16:A9:70:4B:57:D3:E0:9F:E8
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 45
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/06E8A27AE71611EF9638C291762E951A.roa
Signing time: Sun 09 Feb 2025 18:45:26 +0000
ROA not before: Sun 09 Feb 2025 18:45:23 +0000
ROA not after: Mon 31 Dec 2035 18:45:23 +0000
asID: 30992
IP address blocks: 129.0.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69 (0x45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Feb 9 18:45:23 2025 GMT
Not After : Dec 31 18:45:23 2035 GMT
Subject: CN=67a8f7c6-b1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:36:c7:56:8e:c4:a6:92:97:48:e7:5f:05:56:
8c:6f:4b:b6:af:70:8f:63:d6:6f:21:0c:93:3a:48:
a2:d2:1a:2a:70:ad:56:fe:76:41:9e:ce:34:a6:dd:
51:86:35:99:98:1b:43:0d:ca:a9:e6:b0:57:3c:f9:
24:70:3c:0c:c1:dd:02:79:5a:f5:a5:77:59:60:34:
2d:68:4a:33:61:fc:49:3a:5b:39:84:d0:98:96:79:
ea:d0:ba:29:6a:22:bd:11:30:dc:a1:c1:2e:40:e6:
ba:7d:69:84:eb:44:06:cd:1c:0b:f0:f4:93:c9:e6:
d5:e0:81:c9:2a:74:db:d3:b8:57:4e:80:ae:ac:54:
d7:cc:90:3d:d3:26:0d:1f:ce:99:53:60:f2:ed:ac:
fc:bd:ef:a4:63:0f:5d:47:cc:bd:65:08:8f:eb:b5:
8a:1d:8c:69:72:2f:3b:6f:8a:3a:10:58:7c:91:d5:
bf:6b:e8:0e:6f:ac:5b:58:41:b3:b6:47:92:14:b5:
a0:e9:37:8d:cf:fc:e7:73:a3:22:e4:9f:08:82:e5:
8d:f0:87:33:59:b4:f5:81:1c:68:7c:da:8a:8e:79:
2f:99:e8:22:b1:84:63:18:35:1b:6a:3e:b4:ee:43:
77:7e:7d:50:5b:d3:00:f5:bc:4f:5a:b2:c4:bb:c2:
65:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:0F:90:B9:D6:87:12:8E:A3:26:CD:16:A9:70:4B:57:D3:E0:9F:E8
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/06E8A27AE71611EF9638C291762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.85.0/24
Signature Algorithm: sha256WithRSAEncryption
16:37:36:b9:f3:88:37:3f:49:95:bc:22:69:07:9b:26:a6:e8:
a2:55:f6:8e:73:51:8b:28:65:80:63:5f:1f:86:72:b1:d2:6c:
4c:6b:77:07:3f:6e:2e:40:ff:e4:eb:41:3a:73:e3:93:9a:54:
e4:c2:f8:15:36:91:af:d7:e0:52:88:c7:1e:41:c0:cc:7b:b4:
ff:74:d4:08:fa:35:c8:de:0f:ad:dd:e9:a1:78:6a:99:f5:cd:
96:6a:82:59:f3:24:68:d8:85:7c:bb:87:b1:96:54:8b:f5:90:
8b:ff:a7:4a:3a:35:df:b6:9f:c0:a4:c2:02:f9:63:66:44:83:
20:b0:28:01:04:fb:27:b3:9c:ae:17:2e:55:39:16:88:61:15:
76:e6:3b:45:fa:f9:89:a5:6d:98:e0:e5:be:6a:83:17:66:3d:
2a:30:c7:4c:aa:a4:ff:72:48:50:30:9c:8e:c1:42:e6:48:d8:
cb:13:52:d3:74:8c:78:a1:46:e2:11:93:b0:46:fe:9e:fb:5c:
ac:2e:33:5e:6f:5e:cb:6a:c6:40:36:ae:7d:3a:2b:9d:eb:18:
66:70:c4:76:28:7b:7e:d3:85:5e:26:1e:2c:6f:dc:4f:94:ff:
97:68:fa:9e:ba:ab:a6:c0:21:ec:c2:31:54:eb:12:eb:6d:e9:
60:62:76:3b
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBRTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDIwOTE4NDUyM1oXDTM1MTIzMTE4NDUyM1owGDEWMBQG
A1UEAxMNNjdhOGY3YzYtYjFkYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKA2x1aOxKaSl0jnXwVWjG9Ltq9wj2PWbyEMkzpIotIaKnCtVv52QZ7ONKbd
UYY1mZgbQw3KqeawVzz5JHA8DMHdAnla9aV3WWA0LWhKM2H8STpbOYTQmJZ56tC6
KWoivREw3KHBLkDmun1phOtEBs0cC/D0k8nm1eCBySp029O4V06ArqxU18yQPdMm
DR/OmVNg8u2s/L3vpGMPXUfMvWUIj+u1ih2MaXIvO2+KOhBYfJHVv2voDm+sW1hB
s7ZHkhS1oOk3jc/853OjIuSfCILljfCHM1m09YEcaHzaio55L5noIrGEYxg1G2o+
tO5Dd359UFvTAPW8T1qyxLvCZXUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTFD5C5
1ocSjqMmzRapcEtX0+Cf6DAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvMDZFOEEyN0FFNzE2MTFFRjk2MzhDMjkxNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAVTANBgkqhkiG9w0BAQsFAAOC
AQEAFjc2ufOINz9JlbwiaQebJqboolX2jnNRiyhlgGNfH4ZysdJsTGt3Bz9uLkD/
5OtBOnPjk5pU5ML4FTaRr9fgUojHHkHAzHu0/3TUCPo1yN4Prd3poXhqmfXNlmqC
WfMkaNiFfLuHsZZUi/WQi/+nSjo137afwKTCAvljZkSDILAoAQT7J7OcrhcuVTkW
iGEVduY7Rfr5iaVtmODlvmqDF2Y9KjDHTKqk/3JIUDCcjsFC5kjYyxNS03SMeKFG
4hGTsEb+nvtcrC4zXm9ey2rGQDaufTornesYZnDEdih7ftOFXiYeLG/cT5T/l2j6
nrqrpsAh7MIxVOsS623pYGJ2Ow==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:37:11 2025 by rpki-client