Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/50CC203EDD5B11EF9DB00261762E951A.roa
File: 50CC203EDD5B11EF9DB00261762E951A.roa (raw, json)
Hash identifier: Z4PnVh8Bk+c+XTp3EPhtMIoJmqM2+4Q4V57HhoRV0LY=
Subject key identifier: 67:71:C5:52:4A:0C:20:69:16:7A:FF:75:41:6B:CE:21:5C:DF:5D:E2
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 0F
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/50CC203EDD5B11EF9DB00261762E951A.roa
Signing time: Tue 28 Jan 2025 09:36:14 +0000
ROA not before: Tue 28 Jan 2025 09:36:10 +0000
ROA not after: Wed 31 Jan 2035 09:36:10 +0000
asID: 30992
IP address blocks: 129.0.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Jan 28 09:36:10 2025 GMT
Not After : Jan 31 09:36:10 2035 GMT
Subject: CN=6798a50e-80d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:24:b5:24:23:7c:5b:3b:8a:39:f0:3b:38:1d:
e4:29:00:aa:15:26:66:5d:29:80:a0:13:22:71:59:
f7:aa:7e:72:ba:96:de:f2:ef:9c:ea:7f:96:40:3f:
3c:b9:16:04:09:45:d2:e3:db:17:ca:4e:72:ad:bc:
e5:d5:7b:19:b2:98:13:85:de:e8:a3:16:2b:96:29:
e1:2a:25:33:28:9a:63:63:60:8a:08:a9:0a:a8:d8:
c8:67:f8:71:e1:be:7b:9a:86:19:71:f3:4f:10:6f:
de:91:f7:9e:7e:ea:53:24:15:d1:5c:f8:cd:dd:90:
56:7d:c6:5e:d1:fe:39:d8:2d:64:38:d0:eb:6f:bb:
9b:b7:17:da:eb:f9:55:03:8e:6c:6c:bc:e1:9e:f7:
2a:36:29:f6:43:c2:9c:1b:5f:5e:3c:78:45:91:fd:
11:1d:6e:47:e7:65:17:7f:c7:43:7b:91:25:60:c2:
3e:af:67:66:95:60:8e:b1:02:21:da:c1:f2:7a:17:
e0:a3:52:f7:a4:c0:d0:4d:c1:42:be:9a:72:dd:93:
d0:80:2c:4d:7d:62:11:ee:d0:a7:7c:0e:e8:72:0e:
af:1f:8f:8b:34:02:70:d9:4b:ca:40:10:31:1f:6c:
08:26:30:7c:65:45:4f:1e:6b:23:93:ea:4c:71:c1:
a2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:71:C5:52:4A:0C:20:69:16:7A:FF:75:41:6B:CE:21:5C:DF:5D:E2
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/50CC203EDD5B11EF9DB00261762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.103.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:76:05:99:de:24:f4:b0:07:65:be:ab:a5:ea:42:b1:de:6e:
19:39:6d:91:e6:4f:20:1c:6e:16:06:4f:27:e7:06:18:92:7b:
e1:f2:bc:41:33:f1:4b:a4:81:34:49:19:0f:50:f4:0d:a6:dd:
50:33:57:f3:a8:44:0a:16:ce:d7:42:e4:f7:73:ac:d4:6d:10:
2a:1c:43:14:05:79:0f:94:83:ef:e7:d7:b8:b0:ec:bc:3e:0b:
63:2e:32:4a:39:13:e7:10:5b:74:56:e0:20:6b:56:a6:ff:49:
c0:1f:12:93:39:89:dd:1a:bd:98:4d:11:ef:44:91:27:25:42:
b6:1a:2e:0d:19:8d:95:05:4b:5d:d9:d3:ad:ab:c2:a9:59:54:
85:a3:b8:15:02:5b:75:2a:d9:64:a1:24:c7:3d:4f:27:e0:8d:
b0:c9:e0:4f:d8:5d:f6:87:96:04:1b:3f:92:8f:3a:04:ac:cd:
d2:de:79:fa:e7:af:50:05:f6:3b:09:6e:c0:a4:a2:68:34:6b:
70:ac:c9:28:df:9c:08:63:9f:ed:1a:6b:4a:bc:1b:d8:e1:0b:
de:09:a0:d2:12:3c:18:27:18:11:02:0c:c2:45:87:4b:70:9f:
8b:99:86:f7:e6:c6:6a:8b:d4:f0:95:bc:28:8b:1c:1b:3f:76:
1e:a5:97:09
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDEyODA5MzYxMFoXDTM1MDEzMTA5MzYxMFowGDEWMBQG
A1UEAxMNNjc5OGE1MGUtODBkMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUktSQjfFs7ijnwOzgd5CkAqhUmZl0pgKATInFZ96p+crqW3vLvnOp/lkA/
PLkWBAlF0uPbF8pOcq285dV7GbKYE4Xe6KMWK5Yp4SolMyiaY2NgigipCqjYyGf4
ceG+e5qGGXHzTxBv3pH3nn7qUyQV0Vz4zd2QVn3GXtH+OdgtZDjQ62+7m7cX2uv5
VQOObGy84Z73KjYp9kPCnBtfXjx4RZH9ER1uR+dlF3/HQ3uRJWDCPq9nZpVgjrEC
IdrB8noX4KNS96TA0E3BQr6act2T0IAsTX1iEe7Qp3wO6HIOrx+PizQCcNlLykAQ
MR9sCCYwfGVFTx5rI5PqTHHBoksCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRnccVS
SgwgaRZ6/3VBa84hXN9d4jAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvNTBDQzIwM0VERDVCMTFFRjlEQjAwMjYxNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAZzANBgkqhkiG9w0BAQsFAAOC
AQEAqnYFmd4k9LAHZb6rpepCsd5uGTltkeZPIBxuFgZPJ+cGGJJ74fK8QTPxS6SB
NEkZD1D0DabdUDNX86hEChbO10Lk93Os1G0QKhxDFAV5D5SD7+fXuLDsvD4LYy4y
SjkT5xBbdFbgIGtWpv9JwB8SkzmJ3Rq9mE0R70SRJyVCthouDRmNlQVLXdnTravC
qVlUhaO4FQJbdSrZZKEkxz1PJ+CNsMngT9hd9oeWBBs/ko86BKzN0t55+uevUAX2
OwluwKSiaDRrcKzJKN+cCGOf7RprSrwb2OEL3gmg0hI8GCcYEQIMwkWHS3Cfi5mG
9+bGaovU8JW8KIscGz92HqWXCQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:31:55 2025 by rpki-client