Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/F24D34A4E70E11EF92E4DB65762E951A.roa
File: F24D34A4E70E11EF92E4DB65762E951A.roa (raw, json)
Hash identifier: k/G9qck3d7Q62Hncuvh/EiwNmOeryAJ5cmUhSVW8eXA=
Subject key identifier: C1:5C:D7:FA:46:D9:BD:6C:45:DD:2E:75:7B:D5:C0:6E:2A:FB:FC:42
Certificate issuer: /CN=F363DCF2AR/serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Certificate serial: 35
Authority key identifier: C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
Authority info access: rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/F24D34A4E70E11EF92E4DB65762E951A.roa
Signing time: Sun 09 Feb 2025 17:54:45 +0000
ROA not before: Sun 09 Feb 2025 17:54:41 +0000
ROA not after: Mon 31 Dec 2035 17:54:41 +0000
asID: 30992
IP address blocks: 129.0.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.mft
rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 14 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53 (0x35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363DCF2AR, serialNumber=C4BBCDEF9DC7E68F9184C80C08718C206EDDF70B
Validity
Not Before: Feb 9 17:54:41 2025 GMT
Not After : Dec 31 17:54:41 2035 GMT
Subject: CN=67a8ebe5-744b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6b:ba:94:0b:e2:d9:11:68:19:05:8b:5e:b6:
cf:77:e4:14:0b:13:c9:50:21:53:1f:1c:02:ba:27:
f5:4e:fe:7d:c3:01:e6:06:2b:da:cb:60:a8:10:5d:
c4:3d:15:b0:52:1b:2d:a7:24:c7:1b:9e:0b:aa:fb:
50:4b:fb:45:ff:81:4b:6e:bc:8b:71:ac:87:1d:3a:
bf:19:e0:f0:bd:5a:83:91:7e:2c:47:d5:05:04:42:
09:0a:07:56:a6:10:57:d3:87:12:41:48:6e:7f:f1:
6f:76:a9:35:8d:8a:9e:80:9e:b1:00:92:50:c4:dc:
6d:67:0a:6b:05:8e:c3:d4:3b:83:0a:80:7e:84:cb:
18:18:6a:9e:3a:94:d9:c7:56:1a:77:24:f8:21:88:
a8:62:d9:c7:b1:85:ef:9b:f7:1b:75:2c:00:32:39:
ba:0d:74:b8:b2:2e:91:22:de:97:89:8d:d7:47:cb:
b0:be:99:30:b6:51:2c:fc:ee:d0:9f:3d:ee:f3:3c:
ae:14:4a:bb:b1:20:f4:43:59:f0:c6:ac:8e:f6:91:
8d:95:f2:db:12:53:5a:50:d1:1c:f5:8c:1a:ed:c0:
e2:7e:a2:4a:6c:cf:0b:02:51:fc:d6:90:e6:1c:5f:
fd:84:a1:01:85:88:62:97:42:39:da:2d:84:b3:ea:
d4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:5C:D7:FA:46:D9:BD:6C:45:DD:2E:75:7B:D5:C0:6E:2A:FB:FC:42
X509v3 Authority Key Identifier:
keyid:C4:BB:CD:EF:9D:C7:E6:8F:91:84:C8:0C:08:71:8C:20:6E:DD:F7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/xLvN753H5o-RhMgMCHGMIG7d9ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/xLvN753H5o-RhMgMCHGMIG7d9ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363DCF2/A18531B6DCBE11EFBE2B50BB762E951A/F24D34A4E70E11EF92E4DB65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.0.78.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:2b:4e:9e:a6:c0:b1:cf:10:3a:d3:77:85:97:62:98:6e:2e:
e7:ec:14:9a:e3:59:45:f8:b3:a5:0d:f6:c9:40:94:20:5b:1d:
84:53:b3:6e:cc:64:65:fc:6c:60:76:1e:9d:a2:87:e2:c8:34:
f4:f3:0a:7a:3b:0b:f1:ff:84:3a:31:8b:65:e3:06:17:ff:86:
b9:56:c9:4a:58:13:c8:12:ed:e4:10:59:6b:8d:6e:e2:a0:a3:
bb:47:3f:cc:b6:9f:c6:60:5f:bb:33:10:c4:82:64:f9:c4:ac:
9a:04:ae:0d:47:d3:6c:ac:98:6f:25:65:36:9e:a8:07:31:e4:
a3:ea:69:ad:f3:b7:bc:d9:d3:96:fc:f1:f7:79:58:ae:be:ba:
0a:ca:7d:bf:08:da:a5:10:5c:3e:a0:55:bd:01:3c:39:ed:35:
c5:3d:cb:95:51:5b:9e:78:e7:2e:3b:ab:cf:15:56:34:51:31:
f9:cb:e5:e2:5d:62:f0:0c:7c:d0:6a:18:57:cb:4c:23:8f:f6:
ce:dc:4e:93:4b:58:a2:5b:95:4f:27:ee:b0:f9:e5:81:b8:89:
68:da:b1:f6:12:6b:d3:b5:f2:09:96:af:7c:2c:94:5e:9a:48:
65:2d:0e:cc:9c:ae:a9:12:eb:4b:64:12:ce:c5:a2:03:25:08:
c1:de:3d:30
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBNTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RENGMkFSMTEwLwYDVQQFEyhDNEJCQ0RFRjlEQzdFNjhGOTE4NEM4MEMwODcxOEMy
MDZFRERGNzBCMB4XDTI1MDIwOTE3NTQ0MVoXDTM1MTIzMTE3NTQ0MVowGDEWMBQG
A1UEAxMNNjdhOGViZTUtNzQ0YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxrupQL4tkRaBkFi162z3fkFAsTyVAhUx8cAron9U7+fcMB5gYr2stgqBBd
xD0VsFIbLackxxueC6r7UEv7Rf+BS268i3Gshx06vxng8L1ag5F+LEfVBQRCCQoH
VqYQV9OHEkFIbn/xb3apNY2KnoCesQCSUMTcbWcKawWOw9Q7gwqAfoTLGBhqnjqU
2cdWGnck+CGIqGLZx7GF75v3G3UsADI5ug10uLIukSLel4mN10fLsL6ZMLZRLPzu
0J897vM8rhRKu7Eg9ENZ8MasjvaRjZXy2xJTWlDRHPWMGu3A4n6iSmzPCwJR/NaQ
5hxf/YShAYWIYpdCOdothLPq1P0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTBXNf6
Rtm9bEXdLnV71cBuKvv8QjAfBgNVHSMEGDAWgBTEu83vncfmj5GEyAwIcYwgbt33
CzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1MUEveEx2Tjc1
M0g1by1SaE1nTUNIR01JRzdkOXdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eEx2Tjc1M0g1by1SaE1nTUNIR01JRzdkOXdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2M0RDRjIvQTE4NTMxQjZEQ0JFMTFFRkJFMkI1MEJCNzYyRTk1
MUEvRjI0RDM0QTRFNzBFMTFFRjkyRTREQjY1NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIEATjANBgkqhkiG9w0BAQsFAAOC
AQEAnytOnqbAsc8QOtN3hZdimG4u5+wUmuNZRfizpQ32yUCUIFsdhFOzbsxkZfxs
YHYenaKH4sg09PMKejsL8f+EOjGLZeMGF/+GuVbJSlgTyBLt5BBZa41u4qCju0c/
zLafxmBfuzMQxIJk+cSsmgSuDUfTbKyYbyVlNp6oBzHko+pprfO3vNnTlvzx93lY
rr66Csp9vwjapRBcPqBVvQE8Oe01xT3LlVFbnnjnLjurzxVWNFEx+cvl4l1i8Ax8
0GoYV8tMI4/2ztxOk0tYoluVTyfusPnlgbiJaNqx9hJr07XyCZavfCyUXppIZS0O
zJyuqRLrS2QSzsWiAyUIwd49MA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:39:59 2025 by rpki-client