Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/971449FADD5F11EFA3B35B7F762E951A.roa
File: 971449FADD5F11EFA3B35B7F762E951A.roa (raw, json)
Hash identifier: O/UnJEfpoStkh1iBmk5+WnDltBgh7Ls1BY+41hPq/2s=
Subject key identifier: 7E:D9:00:2A:48:56:0D:0E:4A:F5:82:F0:CB:FE:B1:E9:32:61:49:3B
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 18
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/971449FADD5F11EFA3B35B7F762E951A.roa
Signing time: Tue 28 Jan 2025 10:06:50 +0000
ROA not before: Tue 28 Jan 2025 10:06:46 +0000
ROA not after: Wed 31 Jan 2035 10:06:46 +0000
asID: 30992
IP address blocks: 129.0.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Jan 28 10:06:46 2025 GMT
Not After : Jan 31 10:06:46 2035 GMT
Subject: CN=6798ac3a-1036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8f:98:d6:fd:ce:4f:93:92:5c:30:68:6b:f3:
81:2e:35:b9:47:6d:98:0b:d1:e2:73:48:0c:49:a6:
cb:4b:81:be:92:56:c2:74:2e:38:ff:23:ea:37:43:
d3:da:ab:58:2e:7c:d2:ff:e5:59:aa:61:63:78:6d:
9c:e9:9a:7e:78:7c:84:a4:02:ba:56:a3:77:31:7d:
54:35:fe:87:b3:1e:68:08:15:fe:6f:6c:c1:da:bd:
28:6e:9e:73:e4:f7:26:9b:04:82:04:5d:8f:bd:25:
4e:90:c0:4c:cd:ec:1a:a1:da:da:df:17:b3:04:a0:
f2:ed:9d:04:d6:35:78:3b:b8:36:72:d3:4c:6b:d2:
bc:47:f2:19:6b:16:c3:d0:62:a6:7d:c9:c5:87:31:
76:f9:e4:bd:d0:bb:30:e4:5d:dc:18:9a:9c:49:a9:
15:38:7d:0a:3b:b2:14:0c:41:b6:b0:e0:54:71:0e:
2d:0f:db:39:0c:72:d0:0d:d1:cd:c9:6f:2e:ee:09:
e0:5c:a5:7e:28:22:60:8a:5b:b7:2b:79:e6:65:6e:
61:00:08:71:40:62:e7:75:35:94:c0:68:86:0f:72:
34:2f:c7:d3:51:84:54:f0:87:09:06:82:58:07:cb:
35:89:74:cd:d1:62:67:33:a1:8d:13:82:09:e3:5b:
5c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D9:00:2A:48:56:0D:0E:4A:F5:82:F0:CB:FE:B1:E9:32:61:49:3B
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/971449FADD5F11EFA3B35B7F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.76.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:c5:f8:15:7a:b9:99:31:4f:2d:f6:b8:15:26:9f:7c:79:a2:
a5:01:71:ea:cd:8b:46:a8:0b:17:10:75:64:fb:73:9a:bd:68:
8a:82:63:fe:4b:07:93:ee:fa:56:b4:4f:6b:b6:18:c3:34:72:
37:37:4e:19:13:35:6e:f6:fc:ce:0c:99:96:98:74:c8:b6:be:
51:ad:6a:42:8c:38:97:3e:64:40:ea:78:16:7c:0f:d2:b0:71:
31:14:23:b4:3f:7b:a0:29:fb:52:83:ca:32:63:6f:f2:58:fd:
9c:f8:9c:91:17:01:b9:f9:99:45:f9:18:77:f9:07:be:38:e9:
43:08:91:92:28:a1:93:66:2d:5c:cd:77:55:99:41:14:18:bb:
68:fb:a7:b4:1c:ea:02:9b:e8:17:84:57:e0:8b:6d:23:28:96:
4e:93:4c:8f:70:6f:18:54:16:1f:29:fd:d5:9a:56:d1:21:4b:
89:ed:52:8c:b7:4c:80:45:d3:a8:68:85:8c:47:c1:a2:d6:0f:
87:1a:bb:37:2b:be:bd:fc:2b:4d:0e:66:48:25:db:b7:72:86:
e8:8a:d7:c8:2b:d3:1e:f6:5b:2e:e1:4b:cd:99:40:63:38:17:
43:75:26:94:50:06:af:e8:05:de:9c:0e:c4:15:b0:15:01:89:
6b:e0:b7:05
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBGDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDEyODEwMDY0NloXDTM1MDEzMTEwMDY0NlowGDEWMBQG
A1UEAxMNNjc5OGFjM2EtMTAzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuPmNb9zk+TklwwaGvzgS41uUdtmAvR4nNIDEmmy0uBvpJWwnQuOP8j6jdD
09qrWC580v/lWaphY3htnOmafnh8hKQCulajdzF9VDX+h7MeaAgV/m9swdq9KG6e
c+T3JpsEggRdj70lTpDATM3sGqHa2t8XswSg8u2dBNY1eDu4NnLTTGvSvEfyGWsW
w9Bipn3JxYcxdvnkvdC7MORd3BianEmpFTh9CjuyFAxBtrDgVHEOLQ/bOQxy0A3R
zclvLu4J4FylfigiYIpbtyt55mVuYQAIcUBi53U1lMBohg9yNC/H01GEVPCHCQaC
WAfLNYl0zdFiZzOhjROCCeNbXAsCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBR+2QAq
SFYNDkr1gvDL/rHpMmFJOzAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvOTcxNDQ5RkFERDVGMTFFRkEzQjM1QjdGNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEATDANBgkqhkiG9w0BAQsFAAOC
AQEAssX4FXq5mTFPLfa4FSaffHmipQFx6s2LRqgLFxB1ZPtzmr1oioJj/ksHk+76
VrRPa7YYwzRyNzdOGRM1bvb8zgyZlph0yLa+Ua1qQow4lz5kQOp4FnwP0rBxMRQj
tD97oCn7UoPKMmNv8lj9nPickRcBufmZRfkYd/kHvjjpQwiRkiihk2YtXM13VZlB
FBi7aPuntBzqApvoF4RX4IttIyiWTpNMj3BvGFQWHyn91ZpW0SFLie1SjLdMgEXT
qGiFjEfBotYPhxq7Nyu+vfwrTQ5mSCXbt3KG6IrXyCvTHvZbLuFLzZlAYzgXQ3Um
lFAGr+gF3pwOxBWwFQGJa+C3BQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:29:17 2025 by rpki-client