Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/1F3D7F78DD8211EF8E6CD76A762E951A.roa
File: 1F3D7F78DD8211EF8E6CD76A762E951A.roa (raw, json)
Hash identifier: zr9mOOEpAw72/JZefMTyPFlI4TAyCVb1YiFHRT1Jgco=
Subject key identifier: 5D:F7:B4:8A:06:F8:32:F3:08:BC:AC:84:BD:A9:B3:F5:C4:60:04:2B
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 1E
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/1F3D7F78DD8211EF8E6CD76A762E951A.roa
Signing time: Tue 28 Jan 2025 14:14:01 +0000
ROA not before: Tue 28 Jan 2025 14:13:57 +0000
ROA not after: Wed 31 Jan 2035 14:13:57 +0000
asID: 30992
IP address blocks: 129.0.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Jan 28 14:13:57 2025 GMT
Not After : Jan 31 14:13:57 2035 GMT
Subject: CN=6798e629-2d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:89:d9:cf:8a:12:dc:0c:d7:5f:02:09:8a:17:
b0:71:bb:6e:ec:0e:51:2c:7a:72:bc:87:6e:b5:e2:
14:c0:d4:89:25:03:0d:81:50:71:0a:fb:d9:5f:57:
69:98:82:8b:25:10:69:f3:84:94:f8:19:fe:7a:2b:
e0:8b:78:04:02:35:b4:70:8f:1e:36:3d:c2:b3:51:
91:c0:eb:0b:88:03:b9:ee:5b:2f:70:e9:5d:05:e9:
54:3e:9b:a1:24:d4:89:b7:ed:2f:ee:94:34:f1:75:
e4:68:eb:93:d1:9d:64:be:a1:7f:59:7a:56:ce:7d:
c1:3f:83:fe:24:35:c6:62:10:06:74:83:df:45:0e:
86:8a:c1:92:7b:40:6b:97:8b:66:8d:27:17:0b:e4:
65:54:16:29:bd:05:1e:fa:83:b1:d4:96:1a:f5:a6:
42:8b:d3:9f:95:5d:31:f7:6b:3a:96:18:48:5b:1f:
50:ad:45:f5:16:a2:84:7e:bc:33:1c:00:f0:c9:f6:
2b:57:3f:e6:d1:5b:c6:e8:b6:22:59:10:f5:3d:d5:
56:b2:d8:68:9d:75:b0:e4:0f:bb:50:14:71:be:fc:
41:4f:b0:df:1f:22:52:d1:97:d5:62:b6:e5:bc:2d:
72:f9:50:51:76:fe:60:41:4a:79:96:05:75:a2:44:
36:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F7:B4:8A:06:F8:32:F3:08:BC:AC:84:BD:A9:B3:F5:C4:60:04:2B
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/1F3D7F78DD8211EF8E6CD76A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.109.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:48:97:e2:3d:cf:14:4a:f8:d0:95:05:4c:4d:7d:a8:d1:13:
8c:72:37:38:03:7e:36:c6:97:b9:cb:5e:da:63:84:1d:ce:95:
2f:48:11:24:9c:fe:30:b2:1a:06:b8:0b:6a:63:44:89:c6:6b:
55:9f:63:ca:71:ca:5c:fa:0f:a1:cf:98:18:19:70:fb:6a:d8:
71:89:e2:ca:71:c2:ca:ea:6e:93:e4:c4:f8:ab:41:39:f4:e3:
8a:77:32:9a:5a:dc:c3:7d:e1:6e:ed:3c:ee:f5:15:64:30:be:
f2:5d:72:11:44:c6:df:9e:c9:f3:2d:65:6f:ad:2b:31:f2:5e:
cd:d3:37:c9:1c:1d:11:27:47:7d:a9:5f:36:0b:01:5d:9a:25:
45:4f:99:51:74:90:23:86:c7:63:b0:52:b4:40:09:34:7f:42:
93:77:9f:0b:3d:11:68:2e:74:80:05:e9:4a:11:e9:b7:11:79:
dd:b0:04:2f:6f:4a:16:61:34:0e:a1:14:f0:f2:d2:a9:1b:ec:
df:72:8a:e3:a1:0c:e2:1c:f7:3b:5c:3b:72:4a:c8:3a:cf:22:
9c:75:56:8e:fa:47:6d:15:37:9b:42:dd:fc:3c:de:96:6a:3c:
01:1d:cc:bb:12:1a:67:2f:8f:89:63:1e:de:b6:e8:66:f1:88:
79:f0:71:69
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDEyODE0MTM1N1oXDTM1MDEzMTE0MTM1N1owGDEWMBQG
A1UEAxMNNjc5OGU2MjktMmQxOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2J2c+KEtwM118CCYoXsHG7buwOUSx6cryHbrXiFMDUiSUDDYFQcQr72V9X
aZiCiyUQafOElPgZ/nor4It4BAI1tHCPHjY9wrNRkcDrC4gDue5bL3DpXQXpVD6b
oSTUibftL+6UNPF15Gjrk9GdZL6hf1l6Vs59wT+D/iQ1xmIQBnSD30UOhorBkntA
a5eLZo0nFwvkZVQWKb0FHvqDsdSWGvWmQovTn5VdMfdrOpYYSFsfUK1F9RaihH68
MxwA8Mn2K1c/5tFbxui2IlkQ9T3VVrLYaJ11sOQPu1AUcb78QU+w3x8iUtGX1WK2
5bwtcvlQUXb+YEFKeZYFdaJENu8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRd97SK
Bvgy8wi8rIS9qbP1xGAEKzAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvMUYzRDdGNzhERDgyMTFFRjhFNkNENzZBNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAbTANBgkqhkiG9w0BAQsFAAOC
AQEAXUiX4j3PFEr40JUFTE19qNETjHI3OAN+NsaXucte2mOEHc6VL0gRJJz+MLIa
BrgLamNEicZrVZ9jynHKXPoPoc+YGBlw+2rYcYniynHCyupuk+TE+KtBOfTjincy
mlrcw33hbu087vUVZDC+8l1yEUTG357J8y1lb60rMfJezdM3yRwdESdHfalfNgsB
XZolRU+ZUXSQI4bHY7BStEAJNH9Ck3efCz0RaC50gAXpShHptxF53bAEL29KFmE0
DqEU8PLSqRvs33KK46EM4hz3O1w7ckrIOs8inHVWjvpHbRU3m0Ld/Dzelmo8AR3M
uxIaZy+PiWMe3rboZvGIefBxaQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:37:10 2025 by rpki-client