Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/D91C373CE71311EF8A4F3F84762E951A.roa
File: D91C373CE71311EF8A4F3F84762E951A.roa (raw, json)
Hash identifier: L6t5A3CpklDtC6Pr0bb6KhzuYz40rl6jXuCDamji6jo=
Subject key identifier: E1:07:0E:0D:8E:C6:A9:65:58:43:A8:17:93:F0:DC:B4:AA:92:F5:DB
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 3B
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/D91C373CE71311EF8A4F3F84762E951A.roa
Signing time: Sun 09 Feb 2025 18:29:50 +0000
ROA not before: Sun 09 Feb 2025 18:29:46 +0000
ROA not after: Mon 31 Dec 2035 18:29:46 +0000
asID: 30992
IP address blocks: 129.0.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59 (0x3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Feb 9 18:29:46 2025 GMT
Not After : Dec 31 18:29:46 2035 GMT
Subject: CN=67a8f41e-c709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a9:5a:ed:ca:38:83:2d:8a:db:13:3c:09:3b:
51:ba:79:85:16:9d:38:4d:6c:c2:40:79:da:10:f8:
95:15:00:ea:f9:57:29:07:ab:35:8b:5c:e7:2f:55:
6e:53:40:9c:49:3d:26:79:fd:f6:d6:87:04:e4:af:
e6:4b:be:5f:65:42:d9:f2:d0:52:a5:31:96:01:b5:
40:8a:96:67:46:10:ab:7e:1a:bf:a8:7e:3f:1a:48:
f4:78:3e:b4:31:0b:c2:28:43:a3:d5:7d:c9:7e:58:
23:2b:f5:23:f8:5e:66:b8:46:39:6e:22:33:8d:03:
41:fc:59:88:37:10:da:b1:b5:b7:aa:19:2d:7b:28:
d1:be:a3:be:cc:8b:eb:d1:16:54:00:53:31:aa:50:
b4:74:4c:48:12:81:fa:96:39:79:41:6d:93:9e:19:
e0:71:a7:20:22:30:3a:a3:ad:53:4e:8a:7d:22:de:
81:ec:e3:b9:32:b6:97:df:7b:dd:4f:7c:39:e9:c9:
61:e5:73:91:11:ad:70:9b:3d:74:95:59:a4:65:0a:
aa:c6:28:82:a1:09:ac:01:2b:08:ea:38:14:86:6d:
8c:15:7f:2b:c2:68:e6:12:34:00:29:2b:2c:21:9c:
32:c6:90:1e:20:b8:b7:77:28:fe:cf:de:7d:56:dd:
b9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:07:0E:0D:8E:C6:A9:65:58:43:A8:17:93:F0:DC:B4:AA:92:F5:DB
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/D91C373CE71311EF8A4F3F84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.81.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ae:28:05:00:3e:21:7b:81:b8:aa:af:f2:80:59:4b:de:bd:
85:6a:22:60:b6:a9:3d:90:52:26:c1:14:9b:31:59:cb:99:de:
3c:b4:a5:93:f6:c9:3d:94:6c:43:82:72:f7:68:1c:96:19:5d:
23:8e:d0:ff:dd:cc:f3:09:0e:94:08:9b:c5:e0:ff:fe:a5:72:
19:b5:f6:31:19:41:c4:26:17:37:34:4d:38:20:fd:06:f0:6f:
63:7c:86:4f:81:b9:02:13:34:c7:0a:43:b9:b0:29:b5:04:8c:
4d:1d:66:ed:4f:54:6b:fe:18:ae:50:74:4c:d7:88:32:78:46:
b4:67:c6:c4:bc:c5:d5:ff:f2:d5:3d:32:07:a1:fa:02:2c:0c:
d7:36:73:ec:90:58:f2:bf:46:86:d9:54:29:7c:52:3b:5f:e5:
b6:69:0c:ee:6e:3b:b5:5e:eb:6d:ad:2f:23:a5:27:89:17:4c:
52:c7:5d:7a:f9:9b:04:41:36:39:31:7f:54:fc:da:57:0d:57:
4a:04:71:fc:87:6e:df:19:bc:11:2a:c2:c9:27:6e:92:2a:b6:
c2:68:10:ab:d6:4f:97:66:8c:63:c9:f0:84:69:6c:41:68:e6:
9b:bd:2e:36:40:f2:df:a7:be:03:cf:94:00:61:9c:d2:58:a1:
4c:66:a6:0a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBOzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDIwOTE4Mjk0NloXDTM1MTIzMTE4Mjk0NlowGDEWMBQG
A1UEAxMNNjdhOGY0MWUtYzcwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6pWu3KOIMtitsTPAk7Ubp5hRadOE1swkB52hD4lRUA6vlXKQerNYtc5y9V
blNAnEk9Jnn99taHBOSv5ku+X2VC2fLQUqUxlgG1QIqWZ0YQq34av6h+PxpI9Hg+
tDELwihDo9V9yX5YIyv1I/heZrhGOW4iM40DQfxZiDcQ2rG1t6oZLXso0b6jvsyL
69EWVABTMapQtHRMSBKB+pY5eUFtk54Z4HGnICIwOqOtU06KfSLegezjuTK2l997
3U98OenJYeVzkRGtcJs9dJVZpGUKqsYogqEJrAErCOo4FIZtjBV/K8Jo5hI0ACkr
LCGcMsaQHiC4t3co/s/efVbduYkCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBThBw4N
jsapZVhDqBeT8Ny0qpL12zAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvRDkxQzM3M0NFNzEzMTFFRjhBNEYzRjg0NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEAUTANBgkqhkiG9w0BAQsFAAOC
AQEACq4oBQA+IXuBuKqv8oBZS969hWoiYLapPZBSJsEUmzFZy5nePLSlk/bJPZRs
Q4Jy92gclhldI47Q/93M8wkOlAibxeD//qVyGbX2MRlBxCYXNzRNOCD9BvBvY3yG
T4G5AhM0xwpDubAptQSMTR1m7U9Ua/4YrlB0TNeIMnhGtGfGxLzF1f/y1T0yB6H6
AiwM1zZz7JBY8r9GhtlUKXxSO1/ltmkM7m47tV7rba0vI6UniRdMUsddevmbBEE2
OTF/VPzaVw1XSgRx/Idu3xm8ESrCySdukiq2wmgQq9ZPl2aMY8nwhGlsQWjmm70u
NkDy36e+A8+UAGGc0lihTGamCg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:53:21 2025 by rpki-client