Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/BDF4436EE70E11EFBF868065762E951A.roa
File: BDF4436EE70E11EFBF868065762E951A.roa (raw, json)
Hash identifier: ABlF2DLPUzccMWKARFsuerTVc/Hf91fdWN1Myk8K5eY=
Subject key identifier: 11:4C:11:50:04:9A:FE:62:51:A9:11:AC:B0:31:2E:0B:8A:99:BA:DA
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 33
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/BDF4436EE70E11EFBF868065762E951A.roa
Signing time: Sun 09 Feb 2025 17:53:17 +0000
ROA not before: Sun 09 Feb 2025 17:53:14 +0000
ROA not after: Mon 31 Dec 2035 17:53:14 +0000
asID: 30992
IP address blocks: 129.0.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51 (0x33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Feb 9 17:53:14 2025 GMT
Not After : Dec 31 17:53:14 2035 GMT
Subject: CN=67a8eb8d-4225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f0:85:35:f3:78:50:d7:a9:bc:43:30:fa:ec:
2a:7f:e5:de:71:7d:39:53:5c:bf:6e:2f:86:15:39:
80:52:08:2f:dd:fc:63:82:2a:49:a1:13:7e:14:c6:
98:87:b7:d6:2e:97:3d:ec:f3:7b:ad:2d:16:11:2b:
92:76:1a:90:c5:a0:54:19:dd:40:0d:ae:2d:78:43:
e7:9c:48:0a:42:9c:21:de:ac:87:07:43:27:80:33:
e2:b2:62:33:e5:81:d5:f5:2e:68:4d:43:f1:f9:68:
cf:0c:c3:1f:4e:fd:a0:80:15:b3:c5:ba:7c:6f:28:
91:db:8d:84:f5:f0:06:3d:77:d3:0c:1f:30:f1:f8:
eb:dd:ee:50:ce:53:74:ef:6f:bb:79:fe:b3:4d:45:
72:a4:ae:17:01:1b:0f:8a:67:dc:71:4c:32:6e:2c:
22:56:48:36:7f:55:46:78:2b:82:48:0f:00:86:a5:
fa:14:97:81:56:4f:63:02:a6:7a:58:77:ef:5f:f8:
3a:25:d8:5a:61:2c:4f:a6:cb:44:3a:8f:40:22:81:
3b:80:d0:b8:42:f9:6a:de:7d:04:41:c8:60:66:6b:
b4:c1:1b:3b:12:6b:ab:ac:f1:fd:16:f7:c6:68:22:
81:53:9a:14:cb:cf:7a:fa:9f:e2:1c:7b:f2:00:06:
40:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:4C:11:50:04:9A:FE:62:51:A9:11:AC:B0:31:2E:0B:8A:99:BA:DA
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/BDF4436EE70E11EFBF868065762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.77.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:2d:f3:b7:79:d0:a4:50:58:5b:2d:4c:ff:4d:f3:04:42:4d:
1e:97:3a:0e:75:86:6f:a7:95:7d:93:2d:6c:80:7f:e5:44:79:
28:4c:ed:41:42:65:4a:d1:c1:7e:31:57:5f:1a:97:29:ed:3e:
fc:43:d7:c1:e9:08:36:e1:9c:b1:70:2b:53:bc:dd:c7:65:3d:
40:7b:75:f3:d0:55:91:0f:dd:bb:12:59:a5:16:ee:94:9a:ce:
19:74:fe:5e:8a:a8:e4:18:9d:ee:18:3a:de:8d:c9:26:c3:f2:
36:e7:3c:35:06:b6:af:70:9d:98:16:19:ad:8f:13:9e:a9:7f:
54:21:03:5d:b1:11:65:37:85:cb:15:7c:21:6f:ee:30:dc:99:
d9:ac:0e:6d:44:23:50:73:2c:a8:18:b6:f5:ba:bd:59:38:4f:
49:66:a9:93:fa:3f:e6:09:6e:44:6f:a8:e4:f2:95:73:6b:a3:
4c:63:61:b0:34:01:fd:57:79:8e:25:10:53:22:47:c0:99:05:
3a:1a:5c:85:95:0f:45:2e:37:c8:97:0e:c4:a5:bb:5b:56:b7:
b3:cb:dd:8f:80:ce:43:80:aa:71:c3:0c:71:83:7b:da:93:17:
1b:60:5a:05:64:8d:d0:8c:8b:64:ba:14:61:c9:07:42:47:9f:
1f:e7:18:2c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBMzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDIwOTE3NTMxNFoXDTM1MTIzMTE3NTMxNFowGDEWMBQG
A1UEAxMNNjdhOGViOGQtNDIyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjwhTXzeFDXqbxDMPrsKn/l3nF9OVNcv24vhhU5gFIIL938Y4IqSaETfhTG
mIe31i6XPezze60tFhErknYakMWgVBndQA2uLXhD55xICkKcId6shwdDJ4Az4rJi
M+WB1fUuaE1D8flozwzDH079oIAVs8W6fG8okduNhPXwBj130wwfMPH4693uUM5T
dO9vu3n+s01FcqSuFwEbD4pn3HFMMm4sIlZINn9VRngrgkgPAIal+hSXgVZPYwKm
elh371/4OiXYWmEsT6bLRDqPQCKBO4DQuEL5at59BEHIYGZrtMEbOxJrq6zx/Rb3
xmgigVOaFMvPevqf4hx78gAGQJ8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQRTBFQ
BJr+YlGpEaywMS4Lipm62jAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvQkRGNDQzNkVFNzBFMTFFRkJGODY4MDY1NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEATTANBgkqhkiG9w0BAQsFAAOC
AQEA0i3zt3nQpFBYWy1M/03zBEJNHpc6DnWGb6eVfZMtbIB/5UR5KEztQUJlStHB
fjFXXxqXKe0+/EPXwekINuGcsXArU7zdx2U9QHt189BVkQ/duxJZpRbulJrOGXT+
Xoqo5Bid7hg63o3JJsPyNuc8NQa2r3CdmBYZrY8Tnql/VCEDXbERZTeFyxV8IW/u
MNyZ2awObUQjUHMsqBi29bq9WThPSWapk/o/5gluRG+o5PKVc2ujTGNhsDQB/Vd5
jiUQUyJHwJkFOhpchZUPRS43yJcOxKW7W1a3s8vdj4DOQ4CqccMMcYN72pMXG2Ba
BWSN0IyLZLoUYckHQkefH+cYLA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:26:39 2025 by rpki-client