Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/475A38C23D7A11F0A6BCD092DAE4EC9C.roa
File: 475A38C23D7A11F0A6BCD092DAE4EC9C.roa (raw, json)
Hash identifier: 66bd058wOeZXoFRyWnbd7249xOrIlsSA9MeAtmD9IYU=
Subject key identifier: 97:84:1E:22:00:FB:D6:BA:66:F3:28:38:2A:39:75:22:EB:8B:2E:A2
Certificate issuer: /CN=F36C29E6AR/serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Certificate serial: 0E
Authority key identifier: 26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
Authority info access: rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/475A38C23D7A11F0A6BCD092DAE4EC9C.roa
Signing time: Fri 30 May 2025 17:19:45 +0000
ROA not before: Fri 30 May 2025 17:19:40 +0000
ROA not after: Fri 29 May 2026 17:19:40 +0000
asID: 327947
IP address blocks: 129.122.56.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.mft
rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 05:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C29E6AR, serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Validity
Not Before: May 30 17:19:40 2025 GMT
Not After : May 29 17:19:40 2026 GMT
Subject: CN=6839e8b0-eb1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:db:e1:6a:a8:e2:81:13:95:c8:99:60:67:7f:
f2:67:3d:8e:da:8d:ca:3c:1a:e2:22:18:dc:85:08:
0a:ae:3a:ba:2f:df:9b:5d:d7:48:df:5f:a0:0d:cb:
ef:3b:e1:4a:12:c1:80:94:ee:fb:80:b3:b3:ba:64:
75:74:b0:61:23:b9:34:66:ad:a8:a9:65:0b:0e:d4:
13:a4:05:a9:e5:8e:b3:88:ae:97:ef:dd:a8:47:f5:
93:f2:81:ba:f2:5c:08:8f:c1:3b:c0:13:82:ed:41:
e2:00:5c:e5:2f:fb:47:99:ad:9c:54:00:a9:93:f8:
fd:04:f0:e4:85:02:86:24:a5:f9:f6:12:f4:12:55:
04:81:61:1f:f7:41:fb:01:05:66:f1:5a:40:2b:2f:
a5:b5:dc:d4:3d:b7:6a:99:60:56:a6:9b:c0:de:7d:
ca:c5:86:4a:0a:c9:3c:ea:94:89:86:94:6b:92:39:
98:2f:a9:1c:10:51:74:73:86:64:15:73:7a:b6:14:
78:2f:1f:4a:5d:df:68:b6:f7:6f:94:95:8f:60:10:
73:f1:57:a8:4a:3d:32:f3:d1:b1:79:58:ff:83:b4:
29:be:38:65:c6:30:19:00:1e:f7:e7:f8:29:f3:ba:
0e:57:a7:ce:3b:bc:a0:d3:b0:ff:30:1d:e8:91:1a:
c8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:84:1E:22:00:FB:D6:BA:66:F3:28:38:2A:39:75:22:EB:8B:2E:A2
X509v3 Authority Key Identifier:
keyid:26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/475A38C23D7A11F0A6BCD092DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.122.56.0/22
Signature Algorithm: sha256WithRSAEncryption
33:ed:b7:a8:de:30:2a:b9:40:5f:08:9d:c3:78:f1:07:12:08:
f2:be:04:39:5e:89:f9:c8:f3:0c:45:cc:04:88:fe:90:f4:63:
44:e0:28:93:75:15:2d:ca:bd:0d:8f:e7:2c:d2:5e:b0:6a:f9:
a7:2a:e4:c0:0d:55:27:69:36:2b:1d:3c:2b:7d:fc:d2:2b:43:
61:f3:0e:c4:70:79:e5:85:19:26:89:9e:39:76:13:7a:f2:b7:
9d:80:07:54:a7:44:f9:09:5f:e1:71:96:5f:2c:65:97:91:47:
9e:52:39:8b:c2:58:99:9b:c8:90:90:c3:20:07:63:ba:a3:55:
df:48:a4:e3:b4:0c:1e:7a:79:0d:f8:b5:c5:5a:13:41:d8:23:
17:3d:0e:5f:b6:4f:3b:96:76:15:5c:c1:f4:ff:db:9f:af:3c:
01:cb:6a:a5:b8:07:84:43:2e:ac:c2:d1:8f:95:a1:68:dd:4a:
69:af:85:5c:3f:2e:df:cf:dc:36:3d:a0:75:f1:c5:0c:2a:d7:
af:9a:f0:12:60:78:ce:94:46:29:05:ba:7b:bf:d3:26:a1:6a:
94:0d:c3:87:ea:8e:db:6c:d5:ff:c0:17:b7:fe:2f:fd:49:66:
f1:da:c5:c5:70:fa:c1:c9:eb:77:c6:23:c4:0e:11:ae:52:61:
1a:80:e9:b7
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MjlFNkFSMTEwLwYDVQQFEygyNjI3NzE4OThEQjQ4RDY4RDU0MzBGQzBFMzkxMUVD
OTAzNjVCQkY1MB4XDTI1MDUzMDE3MTk0MFoXDTI2MDUyOTE3MTk0MFowGDEWMBQG
A1UEAxMNNjgzOWU4YjAtZWIxYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfb4Wqo4oETlciZYGd/8mc9jtqNyjwa4iIY3IUICq46ui/fm13XSN9foA3L
7zvhShLBgJTu+4Czs7pkdXSwYSO5NGatqKllCw7UE6QFqeWOs4iul+/dqEf1k/KB
uvJcCI/BO8ATgu1B4gBc5S/7R5mtnFQAqZP4/QTw5IUChiSl+fYS9BJVBIFhH/dB
+wEFZvFaQCsvpbXc1D23aplgVqabwN59ysWGSgrJPOqUiYaUa5I5mC+pHBBRdHOG
ZBVzerYUeC8fSl3faLb3b5SVj2AQc/FXqEo9MvPRsXlY/4O0Kb44ZcYwGQAe9+f4
KfO6Dlenzju8oNOw/zAd6JEayMcCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSXhB4i
APvWumbzKDgqOXUi64suojAfBgNVHSMEGDAWgBQmJ3GJjbSNaNVDD8DjkR7JA2W7
9TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVDOUMvSmlkeGlZ
MjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SmlkeGlZMjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVD
OUMvNDc1QTM4QzIzRDdBMTFGMEE2QkNEMDkyREFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoF6ODANBgkqhkiG9w0BAQsFAAOC
AQEAM+23qN4wKrlAXwidw3jxBxII8r4EOV6J+cjzDEXMBIj+kPRjROAok3UVLcq9
DY/nLNJesGr5pyrkwA1VJ2k2Kx08K3380itDYfMOxHB55YUZJomeOXYTevK3nYAH
VKdE+Qlf4XGWXyxll5FHnlI5i8JYmZvIkJDDIAdjuqNV30ik47QMHnp5Dfi1xVoT
QdgjFz0OX7ZPO5Z2FVzB9P/bn688ActqpbgHhEMurMLRj5WhaN1Kaa+FXD8u38/c
Nj2gdfHFDCrXr5rwEmB4zpRGKQW6e7/TJqFqlA3Dh+qO22zV/8AXt/4v/Ulm8drF
xXD6wcnrd8YjxA4RrlJhGoDptw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:03:37 2025 by rpki-client