Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/71D56CA23D7A11F090DF6693DAE4EC9C.roa
File: 71D56CA23D7A11F090DF6693DAE4EC9C.roa (raw, json)
Hash identifier: TqAp4N7eCM8CZtq9GhXy2djmJuBonRYsJfyU3+FRs/w=
Subject key identifier: 96:BB:F3:7A:D8:3C:C2:BB:9F:62:D8:2A:72:4C:7D:15:3D:0D:B4:A1
Certificate issuer: /CN=F36C29E6AR/serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Certificate serial: 10
Authority key identifier: 26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
Authority info access: rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/71D56CA23D7A11F090DF6693DAE4EC9C.roa
Signing time: Fri 30 May 2025 17:20:56 +0000
ROA not before: Fri 30 May 2025 17:20:51 +0000
ROA not after: Fri 29 May 2026 17:20:51 +0000
asID: 327947
IP address blocks: 129.122.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.mft
rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 05:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C29E6AR, serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Validity
Not Before: May 30 17:20:51 2025 GMT
Not After : May 29 17:20:51 2026 GMT
Subject: CN=6839e8f8-fd1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:82:1b:6f:f8:fe:3f:1a:0c:ec:b1:3b:df:47:
75:7f:40:e1:30:01:70:02:6b:38:d0:ba:96:58:33:
c1:93:04:09:ac:bf:77:24:b9:77:83:eb:5a:ad:73:
15:a1:44:ca:79:bd:0b:45:b4:96:06:1f:90:5c:32:
90:6e:06:a3:a0:6c:5c:a1:3b:11:69:e8:f4:3b:71:
ee:d5:1b:d1:0b:0b:f1:8c:91:f9:69:39:02:e7:e1:
b9:fd:bc:0b:81:d2:fc:9f:39:6e:5c:fb:93:eb:7c:
11:fe:8c:bf:29:ce:89:62:88:53:4e:0f:9e:5c:dd:
1c:3e:dd:28:e7:21:aa:a2:4a:e3:d4:6a:14:ee:34:
ea:ea:ee:b8:27:ff:e1:1c:ee:09:2c:0e:04:95:66:
df:49:2b:1f:f5:6a:1a:5d:bc:a6:fd:d6:22:24:65:
30:d1:b8:8b:b4:cf:1c:62:78:8a:0a:e7:c8:6b:89:
5f:a8:66:55:65:60:c3:37:7f:45:aa:bf:32:9c:28:
87:d3:7a:d3:2c:57:21:bd:28:9d:5d:f4:5e:1f:3a:
e3:b7:30:1d:40:d4:ea:eb:e0:cc:d7:d7:66:14:86:
5b:37:8f:dc:3c:9a:8e:9f:21:42:61:a2:1d:4a:cb:
0b:43:4e:44:5c:2a:69:0a:2a:36:86:62:16:c7:5e:
c0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BB:F3:7A:D8:3C:C2:BB:9F:62:D8:2A:72:4C:7D:15:3D:0D:B4:A1
X509v3 Authority Key Identifier:
keyid:26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/71D56CA23D7A11F090DF6693DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.122.60.0/22
Signature Algorithm: sha256WithRSAEncryption
71:26:43:22:06:8e:f5:d4:85:6f:1e:cf:c7:f5:c4:b7:42:c8:
83:ae:b3:c9:64:ae:db:3f:1a:2e:60:d1:39:77:f4:b3:67:5a:
92:31:dd:7a:4e:aa:b8:cd:b5:56:11:e8:ff:5e:66:77:58:f0:
08:29:f6:bc:96:fa:b4:c9:3b:40:16:70:9b:22:74:8c:f3:c0:
d4:38:1b:66:88:de:a4:f4:84:ab:d1:ef:f8:c9:33:93:7d:a1:
2a:b6:95:df:60:f2:db:a3:bc:54:3f:18:e3:57:15:ec:55:6d:
f2:51:a2:dc:5c:cf:51:96:86:12:70:fa:6d:4f:b1:c2:74:70:
13:55:29:46:fa:b8:45:8a:0d:52:5a:97:e6:d0:c5:0a:7d:c0:
9d:02:3e:5f:d3:2f:f0:6b:c9:94:57:b0:c7:79:e7:e6:c1:b1:
6e:e6:0b:43:23:8d:2d:99:fe:d9:0e:23:c1:ab:fe:93:b7:04:
44:a5:a4:27:8c:12:e1:85:e8:c2:76:bb:78:4c:6b:00:9c:0e:
82:33:a9:ab:b6:a5:85:d1:e0:12:e6:ff:31:20:bf:d6:f9:0c:
63:13:39:80:ce:d3:fa:5a:ec:c3:72:93:c9:2f:4f:7c:dc:d7:
ce:a2:92:8d:3b:49:d8:31:9a:c4:75:3d:84:cd:99:f9:bf:72:
08:e8:38:aa
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MjlFNkFSMTEwLwYDVQQFEygyNjI3NzE4OThEQjQ4RDY4RDU0MzBGQzBFMzkxMUVD
OTAzNjVCQkY1MB4XDTI1MDUzMDE3MjA1MVoXDTI2MDUyOTE3MjA1MVowGDEWMBQG
A1UEAxMNNjgzOWU4ZjgtZmQxYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMeCG2/4/j8aDOyxO99HdX9A4TABcAJrONC6llgzwZMECay/dyS5d4PrWq1z
FaFEynm9C0W0lgYfkFwykG4Go6BsXKE7EWno9Dtx7tUb0QsL8YyR+Wk5Aufhuf28
C4HS/J85blz7k+t8Ef6MvynOiWKIU04PnlzdHD7dKOchqqJK49RqFO406uruuCf/
4RzuCSwOBJVm30krH/VqGl28pv3WIiRlMNG4i7TPHGJ4igrnyGuJX6hmVWVgwzd/
Raq/Mpwoh9N60yxXIb0onV30Xh8647cwHUDU6uvgzNfXZhSGWzeP3Dyajp8hQmGi
HUrLC0NORFwqaQoqNoZiFsdewOECAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSWu/N6
2DzCu59i2CpyTH0VPQ20oTAfBgNVHSMEGDAWgBQmJ3GJjbSNaNVDD8DjkR7JA2W7
9TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVDOUMvSmlkeGlZ
MjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SmlkeGlZMjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVD
OUMvNzFENTZDQTIzRDdBMTFGMDkwREY2NjkzREFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoF6PDANBgkqhkiG9w0BAQsFAAOC
AQEAcSZDIgaO9dSFbx7Px/XEt0LIg66zyWSu2z8aLmDROXf0s2dakjHdek6quM21
VhHo/15md1jwCCn2vJb6tMk7QBZwmyJ0jPPA1DgbZojepPSEq9Hv+Mkzk32hKraV
32Dy26O8VD8Y41cV7FVt8lGi3FzPUZaGEnD6bU+xwnRwE1UpRvq4RYoNUlqX5tDF
Cn3AnQI+X9Mv8GvJlFewx3nn5sGxbuYLQyONLZn+2Q4jwav+k7cERKWkJ4wS4YXo
wna7eExrAJwOgjOpq7alhdHgEub/MSC/1vkMYxM5gM7T+lrsw3KTyS9PfNzXzqKS
jTtJ2DGaxHU9hM2Z+b9yCOg4qg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:12:59 2025 by rpki-client