Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/A5EC6916DD6011EFB4384D86762E951A.roa
File: A5EC6916DD6011EFB4384D86762E951A.roa (raw, json)
Hash identifier: AY+AO3HoFPCTXZ9NdsdrMBRaTdh3Wbi9aeFXDZL9Kl4=
Subject key identifier: 6E:15:BA:AD:73:6D:96:4D:9A:6B:CB:BE:35:26:96:33:E3:D9:C2:44
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 1A
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/A5EC6916DD6011EFB4384D86762E951A.roa
Signing time: Tue 28 Jan 2025 10:14:24 +0000
ROA not before: Tue 28 Jan 2025 10:14:20 +0000
ROA not after: Wed 31 Jan 2035 10:14:20 +0000
asID: 30992
IP address blocks: 129.0.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Jan 28 10:14:20 2025 GMT
Not After : Jan 31 10:14:20 2035 GMT
Subject: CN=6798ae00-4be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:84:30:09:55:e9:82:6b:03:11:56:11:e1:88:
ad:fe:cb:c5:95:ef:2b:90:50:2c:c2:69:b7:06:7d:
31:c6:ed:2c:6b:1d:ed:4f:35:22:c3:80:d2:e1:f2:
bc:8e:01:de:dc:56:cd:ed:d5:60:ac:78:9f:51:97:
76:cc:51:e1:49:31:bc:e7:8c:b1:44:1e:26:64:8a:
60:69:71:8f:cc:05:a8:f7:e7:2b:10:47:e9:bc:44:
b8:16:6c:2c:f6:10:0c:0d:78:c9:d0:70:11:ab:f4:
90:f0:61:88:aa:e1:72:77:1d:d7:e2:b3:4d:5e:12:
94:cf:2f:7d:ee:08:15:86:03:d5:64:78:e5:1b:d8:
ae:7f:f1:31:ac:6b:d9:13:54:90:ce:11:6a:a9:dc:
22:7c:bb:0e:e8:3f:e3:bb:7a:7d:9f:df:f8:d5:5e:
ba:0c:77:71:4a:e3:24:bb:11:17:3c:9f:b2:6b:5f:
c5:26:83:b7:ac:9c:ad:65:13:6e:84:81:bc:22:ac:
aa:54:69:d2:05:f4:ee:9e:ef:b1:c9:f9:64:72:2f:
b8:a6:b6:c1:1b:62:63:a2:2c:a2:18:6b:e2:84:06:
c0:15:ae:14:6d:99:c3:f8:b4:bc:40:79:30:f9:55:
23:67:74:74:14:51:db:64:f7:ea:25:f2:1a:01:e9:
04:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:15:BA:AD:73:6D:96:4D:9A:6B:CB:BE:35:26:96:33:E3:D9:C2:44
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/A5EC6916DD6011EFB4384D86762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.107.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:b3:77:d7:d8:57:14:84:df:3b:8d:ab:4f:d1:55:8e:c1:cb:
09:61:2a:1c:2c:a9:78:77:4f:24:42:be:0a:b7:ef:53:94:c0:
6e:96:34:e8:ec:d2:b1:bc:9f:7b:64:0c:96:1b:99:87:d4:fd:
bd:4c:6f:07:f9:2a:d5:36:81:3a:3c:e5:90:e3:a2:c8:a4:5c:
c7:04:1c:ec:f3:64:52:7d:10:e0:f3:e5:dc:fd:7d:10:e0:ae:
e3:a6:76:08:8f:a2:e4:22:d3:b4:1d:9a:3c:2b:bd:5a:28:fa:
1d:ea:7b:6c:40:80:bd:e1:07:b2:5f:ef:1f:69:4e:42:7b:39:
0a:42:e5:80:08:9d:60:cc:43:89:23:94:40:5c:c7:23:43:a1:
83:54:53:e4:a2:b5:bf:3b:4c:ff:6e:35:b6:98:89:94:e1:b4:
17:63:92:cb:57:74:c4:9a:03:e0:b0:fc:c7:7c:59:6c:f8:85:
d0:5e:6e:de:85:80:ac:d6:6d:d5:ab:af:83:b0:df:6a:64:11:
b4:5b:d1:93:1c:da:75:16:bf:53:bb:83:9b:db:91:1e:ab:57:
cb:2a:27:97:f5:00:34:49:4c:22:72:1d:5c:97:0d:e2:12:b5:
b3:31:b4:5d:7f:14:32:05:8e:07:93:5e:32:44:ab:46:c5:d6:
d2:b0:1c:8c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDEyODEwMTQyMFoXDTM1MDEzMTEwMTQyMFowGDEWMBQG
A1UEAxMNNjc5OGFlMDAtNGJlMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGEMAlV6YJrAxFWEeGIrf7LxZXvK5BQLMJptwZ9McbtLGsd7U81IsOA0uHy
vI4B3txWze3VYKx4n1GXdsxR4UkxvOeMsUQeJmSKYGlxj8wFqPfnKxBH6bxEuBZs
LPYQDA14ydBwEav0kPBhiKrhcncd1+KzTV4SlM8vfe4IFYYD1WR45RvYrn/xMaxr
2RNUkM4RaqncIny7Dug/47t6fZ/f+NVeugx3cUrjJLsRFzyfsmtfxSaDt6ycrWUT
boSBvCKsqlRp0gX07p7vscn5ZHIvuKa2wRtiY6Isohhr4oQGwBWuFG2Zw/i0vEB5
MPlVI2d0dBRR22T36iXyGgHpBH8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRuFbqt
c22WTZpry741JpYz49nCRDAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvQTVFQzY5MTZERDYwMTFFRkI0Mzg0RDg2NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAazANBgkqhkiG9w0BAQsFAAOC
AQEAurN319hXFITfO42rT9FVjsHLCWEqHCypeHdPJEK+CrfvU5TAbpY06OzSsbyf
e2QMlhuZh9T9vUxvB/kq1TaBOjzlkOOiyKRcxwQc7PNkUn0Q4PPl3P19EOCu46Z2
CI+i5CLTtB2aPCu9Wij6Hep7bECAveEHsl/vH2lOQns5CkLlgAidYMxDiSOUQFzH
I0Ohg1RT5KK1vztM/241tpiJlOG0F2OSy1d0xJoD4LD8x3xZbPiF0F5u3oWArNZt
1auvg7DfamQRtFvRkxzadRa/U7uDm9uRHqtXyyonl/UANElMInIdXJcN4hK1szG0
XX8UMgWOB5NeMkSrRsXW0rAcjA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:48:08 2025 by rpki-client