Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/CFC3E5123D7711F0AC09C683DAE4EC9C.roa
File: CFC3E5123D7711F0AC09C683DAE4EC9C.roa (raw, json)
Hash identifier: i4pmZ7w2bgHVVBLdmhv1zZpK4ukIBNfUzkKZ+ZsnCu4=
Subject key identifier: 4B:3C:76:2A:7D:37:2A:07:BD:F8:54:64:58:D9:63:A0:31:34:E3:6D
Certificate issuer: /CN=F36C29E6AR/serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Certificate serial: 02
Authority key identifier: 26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
Authority info access: rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/CFC3E5123D7711F0AC09C683DAE4EC9C.roa
Signing time: Fri 30 May 2025 17:02:05 +0000
ROA not before: Fri 30 May 2025 17:02:00 +0000
ROA not after: Fri 29 May 2026 17:02:00 +0000
asID: 327947
IP address blocks: 129.122.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.mft
rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C29E6AR, serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Validity
Not Before: May 30 17:02:00 2025 GMT
Not After : May 29 17:02:00 2026 GMT
Subject: CN=6839e48d-ea3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:95:04:b7:32:9b:0f:4f:16:5a:f1:c2:2a:6b:
8b:05:09:d0:cd:f1:aa:22:46:27:af:81:e0:60:71:
cd:3f:c4:33:d5:c7:3f:68:33:c2:3b:d2:61:ed:94:
94:e0:6b:c5:29:81:a7:84:bc:22:4c:4a:a8:aa:fe:
cd:67:87:8b:72:6e:02:50:e9:53:b9:17:e4:98:aa:
61:ec:58:c9:80:62:b1:1a:4b:0d:f8:e2:94:ad:0f:
f3:70:a1:30:37:55:57:e2:e0:29:d8:43:2e:e5:fa:
01:d0:9b:27:3e:b5:9d:73:88:b7:62:ee:1b:4d:4b:
ae:a5:03:13:1f:8d:18:dc:dd:64:a9:9e:8d:c8:7b:
49:d0:d0:2d:ad:23:1b:58:a2:0e:7c:fa:40:a0:ec:
e0:86:8d:9a:9a:05:fb:a9:3c:5f:c4:9c:00:60:33:
ef:e3:08:5a:7c:86:7c:10:91:da:9a:e3:20:53:fc:
55:69:09:d9:4d:da:68:49:e8:0b:83:f2:f2:29:39:
02:a6:dd:af:0f:31:fc:83:a6:7b:00:b9:95:ff:dc:
01:08:4d:bb:b0:63:b2:a1:52:49:e6:46:a8:39:e8:
c6:d8:15:16:7b:d5:0c:30:c4:da:f3:96:5f:ed:a5:
af:90:cc:0a:9e:e7:78:ef:c7:ca:7b:48:a5:fa:89:
de:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:3C:76:2A:7D:37:2A:07:BD:F8:54:64:58:D9:63:A0:31:34:E3:6D
X509v3 Authority Key Identifier:
keyid:26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/CFC3E5123D7711F0AC09C683DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.122.0.0/18
Signature Algorithm: sha256WithRSAEncryption
d5:42:3f:86:b8:79:46:83:7b:93:a8:1d:75:46:7a:fd:55:96:
10:9c:db:47:89:5b:8d:f8:4f:51:f8:34:70:90:c4:6d:31:00:
13:ab:3b:06:62:54:1b:6e:4e:6d:7b:57:23:dc:83:1a:7d:2a:
30:0e:33:d8:b2:b7:af:d9:99:f0:0d:53:72:09:b3:63:f0:3e:
8b:a2:f2:da:ca:c6:80:28:f1:13:03:dd:23:81:1c:94:ba:e6:
62:b2:b8:2a:2e:33:0b:99:19:53:75:3d:57:ca:8c:4d:45:43:
8d:f4:8d:96:93:16:76:9b:0f:3c:e0:5d:24:50:7c:43:ba:47:
a4:3d:7c:7a:f6:1c:1c:53:03:cd:5a:47:2b:69:96:30:fd:4f:
fe:9f:3a:e6:30:ee:fa:46:43:c0:49:e7:89:c6:c3:6f:f8:39:
29:77:0b:d9:8b:98:51:2f:04:11:58:90:a3:a8:1f:20:c6:f6:
1d:d6:41:f9:d5:f2:1a:2a:ed:b9:2c:7d:12:15:5f:6c:e7:d9:
6c:c9:af:bc:c2:0a:50:18:e1:c9:9a:76:ae:a9:a9:d9:49:e4:
4b:dc:0f:9a:00:0d:cc:6d:79:2f:a1:95:90:89:ea:ce:9b:fd:
9c:f9:8a:78:b7:b0:9f:fc:d1:ac:1a:ae:3a:fc:63:19:98:ac:
96:67:6e:f3
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MjlFNkFSMTEwLwYDVQQFEygyNjI3NzE4OThEQjQ4RDY4RDU0MzBGQzBFMzkxMUVD
OTAzNjVCQkY1MB4XDTI1MDUzMDE3MDIwMFoXDTI2MDUyOTE3MDIwMFowGDEWMBQG
A1UEAxMNNjgzOWU0OGQtZWEzYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKVBLcymw9PFlrxwipriwUJ0M3xqiJGJ6+B4GBxzT/EM9XHP2gzwjvSYe2U
lOBrxSmBp4S8IkxKqKr+zWeHi3JuAlDpU7kX5JiqYexYyYBisRpLDfjilK0P83Ch
MDdVV+LgKdhDLuX6AdCbJz61nXOIt2LuG01LrqUDEx+NGNzdZKmejch7SdDQLa0j
G1iiDnz6QKDs4IaNmpoF+6k8X8ScAGAz7+MIWnyGfBCR2prjIFP8VWkJ2U3aaEno
C4Py8ik5Aqbdrw8x/IOmewC5lf/cAQhNu7BjsqFSSeZGqDnoxtgVFnvVDDDE2vOW
X+2lr5DMCp7neO/HyntIpfqJ3o8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRLPHYq
fTcqB734VGRY2WOgMTTjbTAfBgNVHSMEGDAWgBQmJ3GJjbSNaNVDD8DjkR7JA2W7
9TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVDOUMvSmlkeGlZ
MjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SmlkeGlZMjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVD
OUMvQ0ZDM0U1MTIzRDc3MTFGMEFDMDlDNjgzREFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBoF6ADANBgkqhkiG9w0BAQsFAAOC
AQEA1UI/hrh5RoN7k6gddUZ6/VWWEJzbR4lbjfhPUfg0cJDEbTEAE6s7BmJUG25O
bXtXI9yDGn0qMA4z2LK3r9mZ8A1TcgmzY/A+i6Ly2srGgCjxEwPdI4EclLrmYrK4
Ki4zC5kZU3U9V8qMTUVDjfSNlpMWdpsPPOBdJFB8Q7pHpD18evYcHFMDzVpHK2mW
MP1P/p865jDu+kZDwEnnicbDb/g5KXcL2YuYUS8EEViQo6gfIMb2HdZB+dXyGirt
uSx9EhVfbOfZbMmvvMIKUBjhyZp2rqmp2UnkS9wPmgANzG15L6GVkInqzpv9nPmK
eLewn/zRrBquOvxjGZislmdu8w==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:24:07 2025 by rpki-client