Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/B3C9F522E71411EFA2E00F89762E951A.roa
File: B3C9F522E71411EFA2E00F89762E951A.roa (raw, json)
Hash identifier: 9C9VDXXQ6KQ5ThTqPs+xyYW2pc7hbMdz8GCDLQ9wuR4=
Subject key identifier: 06:3B:9C:73:C4:F9:D8:8D:AC:18:35:6C:33:82:19:0E:11:56:60:91
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 41
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/B3C9F522E71411EFA2E00F89762E951A.roa
Signing time: Sun 09 Feb 2025 18:35:57 +0000
ROA not before: Sun 09 Feb 2025 18:35:53 +0000
ROA not after: Mon 31 Dec 2035 18:35:53 +0000
asID: 30992
IP address blocks: 129.0.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65 (0x41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Feb 9 18:35:53 2025 GMT
Not After : Dec 31 18:35:53 2035 GMT
Subject: CN=67a8f58d-bedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1d:c1:8b:be:6d:a4:12:8b:23:cd:54:1f:29:
7b:ca:97:b8:a2:07:21:45:0f:82:9c:6f:87:ea:79:
e2:8b:47:4b:3c:81:33:5d:20:95:f0:1f:45:e3:e1:
b9:32:58:13:72:ab:8b:b1:78:47:58:b7:02:40:49:
e0:5e:40:c2:1e:d7:57:e5:7a:44:e5:b1:1a:13:16:
39:37:c4:1c:2d:c3:40:96:74:d4:e8:fd:40:91:35:
46:45:b6:d6:c5:55:00:d6:c3:b7:cd:01:a4:16:d4:
08:31:2d:1c:cf:45:04:88:3e:44:8e:15:fa:67:5c:
c3:6c:9a:16:3b:00:fa:15:ba:79:d9:ae:eb:d0:c5:
46:43:a2:1c:d7:11:0e:54:17:d5:8b:67:d1:e0:b7:
3c:10:cf:41:f0:69:36:99:60:86:98:5f:22:d9:6e:
88:07:5c:30:79:1a:13:b2:9b:c0:70:42:9e:c7:8e:
ba:9b:a7:16:a7:63:f1:a2:77:04:bb:f5:8f:bd:cd:
9e:db:3a:c2:de:9e:0b:9b:f2:a9:30:9d:9a:09:30:
9a:52:07:6d:b4:4a:f6:5e:c6:ff:b7:1f:1d:a1:43:
e1:4d:5c:72:9c:60:0a:24:92:74:90:71:15:e7:8d:
26:31:dd:30:5a:d1:f8:e1:c9:40:0f:9a:16:55:3d:
60:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3B:9C:73:C4:F9:D8:8D:AC:18:35:6C:33:82:19:0E:11:56:60:91
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/B3C9F522E71411EFA2E00F89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.84.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:57:62:53:27:2e:f3:c8:64:b0:01:2c:b5:a0:be:0d:da:c4:
e8:6e:2a:b1:c3:6a:18:a7:4d:c3:77:28:29:93:2a:62:f4:62:
d4:1a:d2:65:2b:f3:4a:07:02:ef:f1:99:92:43:67:8b:f8:d8:
45:bf:18:19:89:91:6a:47:76:98:42:85:e9:1b:77:4c:5d:76:
0e:7b:4f:bf:c8:88:e5:8d:43:db:2e:53:74:a2:33:58:2e:98:
81:bd:bc:6f:66:85:71:71:da:5f:b0:2d:90:a5:d4:60:0b:9b:
7c:48:0e:13:c3:31:25:45:33:c9:08:b6:60:3b:fa:4d:8e:d1:
98:8e:97:ed:bc:cc:7f:c4:54:13:a5:5f:a9:8d:bd:3d:35:fb:
76:0a:ec:aa:0d:7e:47:a1:81:3b:fb:86:ad:4b:3e:14:a2:c1:
8c:a6:37:76:c5:5c:82:f1:23:26:cb:a0:db:44:2a:83:e5:08:
c1:ea:3b:5c:18:5a:d6:b2:94:ec:96:cc:f2:5c:79:f0:8e:3b:
34:9d:88:62:a1:ee:9f:1f:b0:ca:5a:f5:0c:fa:10:b1:61:ba:
c0:88:72:bc:9e:61:bd:63:7d:3c:88:60:92:fb:1e:1e:ec:04:
da:29:f5:83:2b:84:33:5d:a7:f7:50:23:43:19:dc:7b:e2:78:
ea:2d:51:af
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBQTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDIwOTE4MzU1M1oXDTM1MTIzMTE4MzU1M1owGDEWMBQG
A1UEAxMNNjdhOGY1OGQtYmVkYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwdwYu+baQSiyPNVB8pe8qXuKIHIUUPgpxvh+p54otHSzyBM10glfAfRePh
uTJYE3Kri7F4R1i3AkBJ4F5Awh7XV+V6ROWxGhMWOTfEHC3DQJZ01Oj9QJE1RkW2
1sVVANbDt80BpBbUCDEtHM9FBIg+RI4V+mdcw2yaFjsA+hW6edmu69DFRkOiHNcR
DlQX1Ytn0eC3PBDPQfBpNplghphfItluiAdcMHkaE7KbwHBCnseOupunFqdj8aJ3
BLv1j73Nnts6wt6eC5vyqTCdmgkwmlIHbbRK9l7G/7cfHaFD4U1ccpxgCiSSdJBx
FeeNJjHdMFrR+OHJQA+aFlU9YOsCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQGO5xz
xPnYjawYNWwzghkOEVZgkTAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvQjNDOUY1MjJFNzE0MTFFRkEyRTAwRjg5NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAVDANBgkqhkiG9w0BAQsFAAOC
AQEA0FdiUycu88hksAEstaC+DdrE6G4qscNqGKdNw3coKZMqYvRi1BrSZSvzSgcC
7/GZkkNni/jYRb8YGYmRakd2mEKF6Rt3TF12DntPv8iI5Y1D2y5TdKIzWC6Ygb28
b2aFcXHaX7AtkKXUYAubfEgOE8MxJUUzyQi2YDv6TY7RmI6X7bzMf8RUE6VfqY29
PTX7dgrsqg1+R6GBO/uGrUs+FKLBjKY3dsVcgvEjJsug20Qqg+UIweo7XBha1rKU
7JbM8lx58I47NJ2IYqHunx+wylr1DPoQsWG6wIhyvJ5hvWN9PIhgkvseHuwE2in1
gyuEM12n91AjQxnce+J46i1Rrw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:06:19 2025 by rpki-client