Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/2EB0BC54E70F11EFBF4A1268762E951A.roa
File: 2EB0BC54E70F11EFBF4A1268762E951A.roa (raw, json)
Hash identifier: 1jrEr+w8kh2VQB/TRu48/EIry3GrfRf6fRHj0ymkhOQ=
Subject key identifier: 89:9D:4F:87:A8:86:32:D2:D0:13:73:7B:19:09:FC:F2:D9:70:DE:29
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 37
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/2EB0BC54E70F11EFBF4A1268762E951A.roa
Signing time: Sun 09 Feb 2025 17:56:27 +0000
ROA not before: Sun 09 Feb 2025 17:56:23 +0000
ROA not after: Mon 31 Dec 2035 17:56:23 +0000
asID: 30992
IP address blocks: 129.0.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55 (0x37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Feb 9 17:56:23 2025 GMT
Not After : Dec 31 17:56:23 2035 GMT
Subject: CN=67a8ec4a-f423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a0:7c:b6:2a:1a:d5:15:98:5b:1e:84:82:81:
2f:c5:c9:a0:70:43:87:0c:7f:c6:33:65:b5:59:bb:
a2:d4:db:21:64:8b:11:ca:18:9f:75:93:ea:89:b4:
5a:e7:4d:ff:1c:07:2c:85:6a:86:bc:73:11:d3:1c:
f4:c1:96:39:c4:1f:92:67:d1:03:ea:f5:f9:bf:42:
64:06:89:a7:03:fc:32:c9:ca:71:9c:f0:44:d3:db:
db:c4:62:93:4d:ea:de:8d:6b:c5:42:48:74:84:1a:
9c:18:22:68:fa:83:63:f6:13:fc:ba:46:08:14:48:
d6:df:a3:ce:de:a8:d8:14:ac:8a:6e:7b:99:e3:5e:
d0:f6:6c:09:9c:1a:fe:14:93:dc:7e:2c:a8:15:cd:
40:1c:f0:32:a8:5d:6b:e8:33:70:60:98:b1:ba:7f:
b1:2d:bd:2f:87:cc:14:67:c2:6c:a7:83:d3:02:9d:
49:02:69:ad:45:e1:77:cf:e1:41:3d:f2:26:a9:7d:
8e:91:5d:5f:78:40:1c:a9:82:7b:72:16:e2:29:41:
b5:b4:c5:e1:42:7e:26:ff:86:52:31:d4:d7:9b:56:
b2:6a:b9:14:26:4f:fc:85:b1:8b:d6:98:7e:00:fa:
4e:2f:a5:45:6a:f2:ce:e2:21:ec:1a:46:11:de:d6:
9f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9D:4F:87:A8:86:32:D2:D0:13:73:7B:19:09:FC:F2:D9:70:DE:29
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/2EB0BC54E70F11EFBF4A1268762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.79.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:93:66:5b:3f:7e:68:be:74:92:3e:92:58:aa:f1:1b:3a:08:
88:89:50:b9:19:08:c6:3d:83:79:55:12:1d:00:e7:ed:b6:79:
60:13:19:eb:9e:d1:b6:49:aa:77:06:a2:3e:8f:22:f2:ac:b0:
f0:86:c3:a2:67:2e:b8:f9:de:51:10:64:48:15:2e:88:58:34:
a1:6e:38:71:36:15:09:f2:de:db:0f:a5:6b:d2:1b:0a:38:eb:
f3:11:1a:86:f5:2f:51:3d:f8:02:2b:0c:f7:dd:b8:34:e2:12:
b8:38:08:ed:0f:72:8c:9a:57:6b:60:e3:b9:e9:db:be:9f:48:
ce:bb:da:aa:16:1d:9e:fb:73:13:57:bf:e1:73:50:79:34:7b:
4a:5e:e5:b5:f7:6d:33:52:ed:4b:5c:fd:79:cd:d4:c8:79:ea:
8b:36:47:ed:77:58:df:80:f3:9d:74:30:2a:97:be:9d:e8:4c:
27:ad:5b:13:23:95:c4:f6:05:dc:a3:78:98:9e:5a:39:62:dc:
41:7c:5c:14:77:0e:c1:5f:ed:9c:81:1c:43:8d:e2:a6:d3:43:
11:db:a1:6c:48:1c:47:be:9b:bf:4e:53:1f:20:5f:bc:9c:b3:
93:b0:9d:ab:f8:a2:dd:ab:a6:66:90:f7:2c:d8:cc:d6:39:39:
fa:e3:c6:60
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBNzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDIwOTE3NTYyM1oXDTM1MTIzMTE3NTYyM1owGDEWMBQG
A1UEAxMNNjdhOGVjNGEtZjQyMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMagfLYqGtUVmFsehIKBL8XJoHBDhwx/xjNltVm7otTbIWSLEcoYn3WT6om0
WudN/xwHLIVqhrxzEdMc9MGWOcQfkmfRA+r1+b9CZAaJpwP8MsnKcZzwRNPb28Ri
k03q3o1rxUJIdIQanBgiaPqDY/YT/LpGCBRI1t+jzt6o2BSsim57meNe0PZsCZwa
/hST3H4sqBXNQBzwMqhda+gzcGCYsbp/sS29L4fMFGfCbKeD0wKdSQJprUXhd8/h
QT3yJql9jpFdX3hAHKmCe3IW4ilBtbTF4UJ+Jv+GUjHU15tWsmq5FCZP/IWxi9aY
fgD6Ti+lRWryzuIh7BpGEd7Wn4MCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSJnU+H
qIYy0tATc3sZCfzy2XDeKTAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvMkVCMEJDNTRFNzBGMTFFRkJGNEExMjY4NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEATzANBgkqhkiG9w0BAQsFAAOC
AQEAP5NmWz9+aL50kj6SWKrxGzoIiIlQuRkIxj2DeVUSHQDn7bZ5YBMZ657Rtkmq
dwaiPo8i8qyw8IbDomcuuPneURBkSBUuiFg0oW44cTYVCfLe2w+la9IbCjjr8xEa
hvUvUT34AisM9924NOISuDgI7Q9yjJpXa2Djuenbvp9IzrvaqhYdnvtzE1e/4XNQ
eTR7Sl7ltfdtM1LtS1z9ec3UyHnqizZH7XdY34DznXQwKpe+nehMJ61bEyOVxPYF
3KN4mJ5aOWLcQXxcFHcOwV/tnIEcQ43iptNDEduhbEgcR76bv05THyBfvJyzk7Cd
q/ii3aumZpD3LNjM1jk5+uPGYA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:24:03 2025 by rpki-client