Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/4D0F66DCDCC411EF87DBFE61762E951A.roa
File: 4D0F66DCDCC411EF87DBFE61762E951A.roa (raw, json)
Hash identifier: 0pJAdh2krN7PN7ET77uSv5aEr89tUKUcawXGqKdQ8KE=
Subject key identifier: 2B:6E:09:70:2C:75:19:FD:7B:F6:C6:4B:1A:07:F5:3A:41:08:37:C1
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 02
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/4D0F66DCDCC411EF87DBFE61762E951A.roa
Signing time: Mon 27 Jan 2025 15:35:14 +0000
ROA not before: Mon 27 Jan 2025 15:35:10 +0000
ROA not after: Wed 31 Jan 2035 15:35:10 +0000
asID: 30992
IP address blocks: 129.0.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Jan 27 15:35:10 2025 GMT
Not After : Jan 31 15:35:10 2035 GMT
Subject: CN=6797a7b2-2b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cb:3b:4b:a4:d3:47:90:35:18:cc:2f:d3:62:
f5:89:65:e1:22:0d:b5:db:17:60:de:47:21:f5:62:
99:91:d5:58:46:88:84:c8:bb:c5:c1:dc:4a:66:7c:
06:72:66:9f:48:b3:6e:45:53:76:a6:da:b3:04:e9:
8d:cb:09:c4:10:f2:7f:7f:35:57:c5:86:ae:e6:72:
10:78:1b:c9:ad:21:5a:71:f3:d6:1d:f9:1d:e0:05:
d6:e3:36:36:21:e5:83:84:e0:f1:a2:6e:e2:7a:1b:
d8:c5:4a:cf:9c:d2:ce:71:2d:bf:da:15:5d:55:1b:
63:9f:26:ed:63:a6:75:79:85:cd:fa:2f:a1:d4:f0:
25:b9:c0:c9:c4:d3:9f:8b:ac:2f:7b:1d:b1:f2:d0:
91:fb:78:27:b7:5a:a1:00:59:77:d0:1c:6a:64:91:
c2:5c:84:34:5d:a6:e9:dd:55:e5:b5:78:8b:4e:1e:
65:68:0a:d6:4d:44:1c:62:93:10:5b:c5:f7:a1:d9:
50:ff:d7:61:d7:43:e9:f9:a3:2d:66:3f:0e:b2:46:
5a:27:f3:7e:0d:6e:dc:f1:a4:24:c2:48:f2:eb:a6:
71:b0:63:57:4a:1c:7f:4c:13:0b:0e:8f:5b:83:00:
67:26:b8:47:d9:f7:11:ab:46:7c:54:94:ee:fd:8b:
a0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:6E:09:70:2C:75:19:FD:7B:F6:C6:4B:1A:07:F5:3A:41:08:37:C1
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/4D0F66DCDCC411EF87DBFE61762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.0.0/24
Signature Algorithm: sha256WithRSAEncryption
53:9a:c8:6b:df:4e:0e:41:b4:bf:5f:15:09:0e:03:7d:5a:bc:
ad:47:77:bb:46:4c:67:64:96:70:90:0b:7d:db:1c:fc:da:5f:
a2:0f:ea:ad:34:86:22:83:37:4f:c1:57:b3:e3:75:58:64:ab:
7e:af:9e:01:4b:97:ab:55:d0:88:e6:47:ac:46:f4:e6:4a:46:
3a:f2:e2:2c:b8:8d:27:f3:7f:19:d1:d5:ba:65:bc:3e:c7:a2:
71:c6:95:ce:e9:2b:cf:72:60:f4:41:60:e7:04:00:99:9c:f6:
58:e5:72:39:4d:0e:18:a5:4e:7f:fb:2a:7e:55:f1:ad:8b:60:
82:7f:e5:3f:df:35:ff:3e:c9:7d:b5:76:fe:04:d4:72:c5:7f:
8a:18:3d:00:ac:f8:d8:83:a5:ff:01:82:9a:ca:ce:93:04:09:
77:72:3d:ea:8d:c9:74:db:e3:b9:6e:7f:3b:40:24:16:ac:1b:
88:97:7a:00:85:5a:5c:b2:f8:9d:c3:4d:99:d9:22:c7:c4:03:
89:f2:4b:9d:d6:b7:36:6f:ab:7a:b1:d5:8c:f9:6f:43:77:a2:
16:b8:77:b2:dc:f8:37:51:83:8e:6e:04:fd:a8:a0:9e:2e:0c:
42:bb:96:e9:4d:fa:ae:99:9f:20:74:f8:93:9b:e1:1c:6c:02:
9a:fb:a7:88
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDEyNzE1MzUxMFoXDTM1MDEzMTE1MzUxMFowGDEWMBQG
A1UEAxMNNjc5N2E3YjItMmI0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfLO0uk00eQNRjML9Ni9Yll4SINtdsXYN5HIfVimZHVWEaIhMi7xcHcSmZ8
BnJmn0izbkVTdqbaswTpjcsJxBDyf381V8WGruZyEHgbya0hWnHz1h35HeAF1uM2
NiHlg4Tg8aJu4nob2MVKz5zSznEtv9oVXVUbY58m7WOmdXmFzfovodTwJbnAycTT
n4usL3sdsfLQkft4J7daoQBZd9AcamSRwlyENF2m6d1V5bV4i04eZWgK1k1EHGKT
EFvF96HZUP/XYddD6fmjLWY/DrJGWifzfg1u3PGkJMJI8uumcbBjV0ocf0wTCw6P
W4MAZya4R9n3EatGfFSU7v2LoCUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQrbglw
LHUZ/Xv2xksaB/U6QQg3wTAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvNEQwRjY2RENEQ0M0MTFFRjg3REJGRTYxNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAADANBgkqhkiG9w0BAQsFAAOC
AQEAU5rIa99ODkG0v18VCQ4DfVq8rUd3u0ZMZ2SWcJALfdsc/Npfog/qrTSGIoM3
T8FXs+N1WGSrfq+eAUuXq1XQiOZHrEb05kpGOvLiLLiNJ/N/GdHVumW8PseiccaV
zukrz3Jg9EFg5wQAmZz2WOVyOU0OGKVOf/sqflXxrYtggn/lP981/z7JfbV2/gTU
csV/ihg9AKz42IOl/wGCmsrOkwQJd3I96o3JdNvjuW5/O0AkFqwbiJd6AIVaXLL4
ncNNmdkix8QDifJLnda3Nm+rerHVjPlvQ3eiFrh3stz4N1GDjm4E/aigni4MQruW
6U36rpmfIHT4k5vhHGwCmvuniA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:09:18 2025 by rpki-client