Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/D088E0D6421F11F0BAFB75C7DAE4EC9C.roa
File: D088E0D6421F11F0BAFB75C7DAE4EC9C.roa (raw, json)
Hash identifier: 3V0+prpfM2LpTmVflo92Zgz5ez+saoeOQGN1sj3m6Rw=
Subject key identifier: 0E:A2:AE:AC:87:CC:CD:89:54:4D:A0:57:B4:90:0E:0E:C3:1F:CD:67
Certificate issuer: /CN=F36C29E6AR/serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Certificate serial: 1A
Authority key identifier: 26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
Authority info access: rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/D088E0D6421F11F0BAFB75C7DAE4EC9C.roa
Signing time: Thu 05 Jun 2025 15:14:46 +0000
ROA not before: Thu 05 Jun 2025 15:14:41 +0000
ROA not after: Fri 29 May 2026 15:14:41 +0000
asID: 327947
IP address blocks: 129.122.0.0/18 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.mft
rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C29E6AR, serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Validity
Not Before: Jun 5 15:14:41 2025 GMT
Not After : May 29 15:14:41 2026 GMT
Subject: CN=6841b466-1d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5e:f8:40:50:44:2b:cc:a0:3b:f4:08:5e:ec:
e0:ac:3e:e3:ec:64:0a:30:01:76:a1:5b:fa:17:4f:
6f:b0:37:8c:2e:3b:07:73:70:ce:2a:a3:a0:28:67:
63:da:68:43:df:75:a7:fd:f5:81:7b:c6:bf:87:de:
19:2e:ac:4e:e9:68:d6:29:83:1b:97:27:7d:f8:d7:
ce:6a:97:26:93:2f:d9:00:90:24:49:a0:8f:52:85:
51:bc:be:85:df:76:2a:1b:c5:fd:d3:db:22:d0:aa:
d9:b9:69:ba:3b:53:81:97:bb:20:1d:9d:09:80:5a:
a4:17:61:93:28:6d:c4:62:45:92:4e:90:c2:db:6e:
94:6d:da:aa:00:6c:33:cb:6a:d2:44:04:65:9b:12:
af:19:dc:49:56:8a:d3:66:cd:5e:ce:4a:d7:0c:37:
f1:38:e9:25:68:be:74:81:65:81:3c:b3:63:9b:d9:
2e:61:b6:60:54:c2:43:b0:cc:0c:be:55:2a:d5:b1:
34:09:37:69:48:aa:c9:ba:5e:28:73:55:5e:d2:86:
99:6b:ec:54:39:d5:47:7a:09:1a:f1:0a:18:9c:7a:
74:35:26:c1:89:e9:bc:56:5e:cc:b4:80:7b:48:27:
76:bc:a4:08:eb:b8:dd:c9:dd:bd:fe:b3:fb:e0:f2:
53:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A2:AE:AC:87:CC:CD:89:54:4D:A0:57:B4:90:0E:0E:C3:1F:CD:67
X509v3 Authority Key Identifier:
keyid:26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/D088E0D6421F11F0BAFB75C7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.122.0.0/18
Signature Algorithm: sha256WithRSAEncryption
93:66:b7:6b:09:96:5c:a6:1e:ec:c7:9e:b8:19:05:0d:12:ac:
89:42:34:28:9f:0b:ee:9a:02:f5:4d:27:43:cd:aa:31:30:fb:
fc:34:15:f9:d2:b2:17:b8:8f:79:9a:d6:53:28:83:3b:32:01:
f1:0e:00:a6:05:5b:ba:ae:fb:52:a7:37:91:0c:67:22:cd:ae:
6e:f5:a4:36:28:96:3a:87:17:61:76:96:c9:d7:f8:85:33:ba:
ea:ec:4d:ba:e5:d6:f6:c9:28:fa:f3:6b:db:a2:ff:3e:a7:d6:
f1:cd:67:4d:6b:96:b5:13:c1:53:8a:5a:29:b2:3b:76:89:40:
ea:d8:5b:08:dd:33:30:ff:ca:77:46:2a:ee:db:f7:30:a0:ad:
17:8e:0d:aa:2b:90:87:ce:17:2c:73:75:16:f0:a0:df:45:a1:
e6:38:bb:29:97:13:28:8e:96:44:5a:ba:bf:c4:dd:ba:59:d4:
6c:bb:f8:a1:e9:ec:ea:52:ea:e5:da:66:97:86:8b:6a:48:3b:
26:e3:d4:7f:4e:49:3b:9e:a1:8a:f4:e1:a3:83:69:5c:94:5a:
50:c7:94:39:5d:fd:1b:74:a3:5a:0d:92:82:5c:4f:15:62:ce:
f8:e9:66:f2:b2:f9:f2:4b:00:b0:88:8d:81:42:bc:bb:9d:9b:
f5:b3:73:2f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MjlFNkFSMTEwLwYDVQQFEygyNjI3NzE4OThEQjQ4RDY4RDU0MzBGQzBFMzkxMUVD
OTAzNjVCQkY1MB4XDTI1MDYwNTE1MTQ0MVoXDTI2MDUyOTE1MTQ0MVowGDEWMBQG
A1UEAxMNNjg0MWI0NjYtMWQwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9e+EBQRCvMoDv0CF7s4Kw+4+xkCjABdqFb+hdPb7A3jC47B3NwziqjoChn
Y9poQ991p/31gXvGv4feGS6sTulo1imDG5cnffjXzmqXJpMv2QCQJEmgj1KFUby+
hd92KhvF/dPbItCq2blpujtTgZe7IB2dCYBapBdhkyhtxGJFkk6QwttulG3aqgBs
M8tq0kQEZZsSrxncSVaK02bNXs5K1ww38TjpJWi+dIFlgTyzY5vZLmG2YFTCQ7DM
DL5VKtWxNAk3aUiqybpeKHNVXtKGmWvsVDnVR3oJGvEKGJx6dDUmwYnpvFZezLSA
e0gndrykCOu43cndvf6z++DyU5UCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQOoq6s
h8zNiVRNoFe0kA4Owx/NZzAfBgNVHSMEGDAWgBQmJ3GJjbSNaNVDD8DjkR7JA2W7
9TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVDOUMvSmlkeGlZ
MjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SmlkeGlZMjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVD
OUMvRDA4OEUwRDY0MjFGMTFGMEJBRkI3NUM3REFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBoF6ADANBgkqhkiG9w0BAQsFAAOC
AQEAk2a3awmWXKYe7MeeuBkFDRKsiUI0KJ8L7poC9U0nQ82qMTD7/DQV+dKyF7iP
eZrWUyiDOzIB8Q4ApgVbuq77Uqc3kQxnIs2ubvWkNiiWOocXYXaWydf4hTO66uxN
uuXW9sko+vNr26L/PqfW8c1nTWuWtRPBU4paKbI7dolA6thbCN0zMP/Kd0Yq7tv3
MKCtF44NqiuQh84XLHN1FvCg30Wh5ji7KZcTKI6WRFq6v8TdulnUbLv4oens6lLq
5dpml4aLakg7JuPUf05JO56hivTho4NpXJRaUMeUOV39G3SjWg2SglxPFWLO+Olm
8rL58ksAsIiNgUK8u52b9bNzLw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:54:59 2025 by rpki-client