Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/B8FB5766DD5A11EFB2603D5E762E951A.roa
File: B8FB5766DD5A11EFB2603D5E762E951A.roa (raw, json)
Hash identifier: 2svHingahPmdzvx5gtKH1SYPhXizYnHWA4pucFmkyLA=
Subject key identifier: D4:D3:77:B2:7B:10:03:82:43:A7:07:35:B4:AA:3A:55:0E:66:C5:AA
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 0B
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/B8FB5766DD5A11EFB2603D5E762E951A.roa
Signing time: Tue 28 Jan 2025 09:31:59 +0000
ROA not before: Tue 28 Jan 2025 09:31:55 +0000
ROA not after: Wed 31 Jan 2035 09:31:55 +0000
asID: 30992
IP address blocks: 129.0.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Jan 28 09:31:55 2025 GMT
Not After : Jan 31 09:31:55 2035 GMT
Subject: CN=6798a40f-3d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:9e:6f:91:38:02:05:6a:82:63:7b:da:5d:f4:
30:7c:13:73:0c:12:dc:fe:6e:16:1d:d7:82:d9:fa:
6f:31:ba:fb:9e:49:ce:92:cb:fa:dc:b4:2f:25:a9:
52:23:1e:15:a7:b4:e3:d5:ff:56:c3:c3:92:65:bc:
18:d6:8d:26:f4:89:54:28:48:4a:f1:53:73:d9:d0:
89:97:93:bf:64:61:c0:10:a3:56:01:31:a5:57:84:
a3:f5:a4:0b:0d:92:cd:c9:cd:bf:bf:0c:3b:df:bf:
e8:88:76:9b:da:7a:71:67:46:e5:e2:ce:9f:46:63:
a7:24:43:45:75:f0:cf:99:31:e8:c8:f0:b2:eb:d0:
52:28:85:c4:24:38:35:ab:1b:57:ef:be:a0:43:cc:
5e:a4:65:a0:cc:85:13:26:a3:ca:3f:10:e3:52:2b:
05:3d:c8:cf:3c:b0:1a:ab:b4:32:54:cb:47:03:96:
ab:6f:af:17:b9:bc:d0:3c:76:f8:ab:23:5b:6d:5b:
48:e3:8c:26:aa:53:67:c1:06:b3:d9:da:b6:a3:85:
7b:0b:f6:65:a3:9d:59:65:7f:00:58:05:23:96:32:
ad:96:50:a8:22:a1:7c:aa:cd:b4:01:d4:52:10:a6:
44:51:d1:da:54:19:39:2e:db:46:5b:c1:36:16:08:
76:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D3:77:B2:7B:10:03:82:43:A7:07:35:B4:AA:3A:55:0E:66:C5:AA
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/B8FB5766DD5A11EFB2603D5E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.101.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:27:a6:06:0d:0f:52:fd:4c:84:2b:7c:37:d0:25:a3:38:3d:
53:30:e2:53:30:4d:2f:96:67:07:74:96:32:6f:71:bf:4a:4d:
fd:9a:e2:c0:81:33:58:69:b1:61:e0:cd:8e:d7:98:e8:a5:d0:
60:c3:74:ff:a6:4d:88:ad:de:4c:ef:f1:5b:6d:8b:01:c0:f8:
50:ad:46:ce:b4:a8:2b:a2:cf:7e:a4:9e:e8:e1:10:dd:44:ab:
bf:52:b1:d7:63:89:da:c9:58:82:d1:f9:c9:99:fc:46:1c:f8:
1c:ac:72:86:8b:d8:db:54:1f:6e:5b:68:0c:5b:55:ac:88:4c:
8c:d3:b9:cb:4a:84:77:fb:c3:30:fa:59:52:74:30:b6:96:18:
f4:38:2a:aa:e3:50:ca:c2:46:be:27:85:eb:5f:48:48:04:e1:
cd:d1:be:9e:c0:51:f1:76:f9:5a:7c:c3:e8:db:ef:7a:e4:ee:
38:39:89:90:d9:ab:06:ee:41:65:db:58:b0:f1:36:75:55:3a:
e7:29:4f:3c:3c:b7:b6:7d:ce:7a:44:07:42:2c:ad:f0:68:a3:
73:c5:9d:08:26:24:45:37:e7:e1:f0:fe:ab:13:a6:7e:a0:6a:
51:44:a9:ed:a7:cc:00:54:18:f7:26:7a:33:e5:c1:c7:e9:49:
55:19:00:1a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBCzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDEyODA5MzE1NVoXDTM1MDEzMTA5MzE1NVowGDEWMBQG
A1UEAxMNNjc5OGE0MGYtM2QwYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOueb5E4AgVqgmN72l30MHwTcwwS3P5uFh3Xgtn6bzG6+55JzpLL+ty0LyWp
UiMeFae049X/VsPDkmW8GNaNJvSJVChISvFTc9nQiZeTv2RhwBCjVgExpVeEo/Wk
Cw2SzcnNv78MO9+/6Ih2m9p6cWdG5eLOn0ZjpyRDRXXwz5kx6MjwsuvQUiiFxCQ4
NasbV+++oEPMXqRloMyFEyajyj8Q41IrBT3IzzywGqu0MlTLRwOWq2+vF7m80Dx2
+KsjW21bSOOMJqpTZ8EGs9natqOFewv2ZaOdWWV/AFgFI5YyrZZQqCKhfKrNtAHU
UhCmRFHR2lQZOS7bRlvBNhYIdv0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTU03ey
exADgkOnBzW0qjpVDmbFqjAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvQjhGQjU3NjZERDVBMTFFRkIyNjAzRDVFNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAZTANBgkqhkiG9w0BAQsFAAOC
AQEAjCemBg0PUv1MhCt8N9Alozg9UzDiUzBNL5ZnB3SWMm9xv0pN/ZriwIEzWGmx
YeDNjteY6KXQYMN0/6ZNiK3eTO/xW22LAcD4UK1GzrSoK6LPfqSe6OEQ3USrv1Kx
12OJ2slYgtH5yZn8Rhz4HKxyhovY21QfbltoDFtVrIhMjNO5y0qEd/vDMPpZUnQw
tpYY9DgqquNQysJGvieF619ISAThzdG+nsBR8Xb5WnzD6NvveuTuODmJkNmrBu5B
ZdtYsPE2dVU65ylPPDy3tn3OekQHQiyt8Gijc8WdCCYkRTfn4fD+qxOmfqBqUUSp
7afMAFQY9yZ6M+XBx+lJVRkAGg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:50:21 2025 by rpki-client