Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/D99DB5103D7A11F0803A4C95DAE4EC9C.roa
File: D99DB5103D7A11F0803A4C95DAE4EC9C.roa (raw, json)
Hash identifier: hUxUNwId1KlsuyIltkZPKZlYFBtqpeaxRQ3WqkFFY6Q=
Subject key identifier: 4B:14:B2:E6:CB:4E:15:24:72:2D:3F:DC:8D:6E:74:FD:36:1C:81:0E
Certificate issuer: /CN=F36C29E6AR/serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Certificate serial: 12
Authority key identifier: 26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
Authority info access: rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/D99DB5103D7A11F0803A4C95DAE4EC9C.roa
Signing time: Fri 30 May 2025 17:23:50 +0000
ROA not before: Fri 30 May 2025 17:23:45 +0000
ROA not after: Fri 29 May 2026 17:23:45 +0000
asID: 327947
IP address blocks: 129.122.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.mft
rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C29E6AR, serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Validity
Not Before: May 30 17:23:45 2025 GMT
Not After : May 29 17:23:45 2026 GMT
Subject: CN=6839e9a6-0f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:24:84:37:96:93:22:a0:48:b9:fe:5b:6d:89:
aa:10:4c:cb:00:c1:1f:dc:00:ae:fc:b9:2b:bb:42:
cc:af:bd:0d:24:74:14:b2:f0:2b:78:08:84:58:e9:
42:fb:a9:ce:fb:6a:91:70:5d:c5:3a:19:3c:26:0b:
61:42:a6:2c:8f:1d:c7:a0:e2:5c:a6:3a:d7:3a:fd:
23:cb:f3:c5:7d:2b:ee:df:03:d2:08:b4:77:1f:4e:
e5:c4:ac:38:f2:e4:38:a6:60:90:08:25:9b:79:0d:
1b:53:d8:c5:8e:ef:46:be:63:e0:6d:7d:e3:8c:1c:
ed:96:9d:e8:42:d2:a3:fa:92:cb:c9:66:63:79:72:
8e:0f:b8:22:63:a5:1b:e2:d7:ed:4e:54:78:d0:bc:
b3:87:72:1a:00:d3:bc:18:dc:c2:d2:92:5e:df:3c:
4b:60:84:dc:eb:bc:13:4f:8c:e4:83:b8:e9:31:3e:
c0:38:cd:a6:67:58:94:e4:5c:a8:25:f8:26:81:98:
9f:13:1d:33:5b:cb:c5:18:14:50:59:41:04:91:fc:
90:67:44:28:f0:87:27:ee:8e:41:9b:8e:a1:27:29:
7a:9f:a8:cc:13:7b:78:c7:98:f0:c1:b0:7d:7e:0e:
79:4a:24:57:fb:d4:b5:a1:c3:00:2a:ec:12:47:e2:
cd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:14:B2:E6:CB:4E:15:24:72:2D:3F:DC:8D:6E:74:FD:36:1C:81:0E
X509v3 Authority Key Identifier:
keyid:26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/D99DB5103D7A11F0803A4C95DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.122.2.0/24
Signature Algorithm: sha256WithRSAEncryption
62:00:13:ab:df:af:ae:d7:26:1a:37:30:90:fd:1d:fa:f4:3e:
22:52:52:fd:c8:92:d9:fe:7c:44:08:ef:e7:d2:88:e2:31:61:
e0:d4:27:ae:a2:b6:e8:ae:79:b7:aa:2f:fd:6e:66:af:14:19:
81:94:c9:6e:d6:53:90:f5:8a:aa:db:d5:23:c8:40:8f:37:97:
3d:cc:97:e9:8a:ff:64:b0:d5:a9:49:52:ac:35:2c:6a:8f:d7:
ef:6b:b6:a5:2a:50:db:41:c8:68:d3:c6:3b:9e:e8:c9:62:b5:
fe:0f:ee:67:2a:b9:93:cf:00:71:7c:bb:97:cd:20:4c:77:83:
d4:fb:89:77:9e:a6:03:b2:2e:9b:a1:d7:5a:9d:a0:7d:f6:6e:
c2:9d:ca:97:88:8d:55:e7:d7:7d:07:27:13:e1:91:80:b2:87:
10:3a:32:86:ca:6f:03:a2:cf:22:f2:75:c6:a2:15:22:70:5c:
c5:63:a0:e7:83:3a:00:05:1a:16:71:fa:96:85:1c:87:c0:96:
e5:ab:e6:ae:70:e7:f4:5b:28:7d:0e:b8:5b:3c:27:76:3d:d2:
a7:9f:8b:6b:24:c2:b7:e9:42:57:57:dc:9a:20:97:74:7f:79:
7b:7a:96:a8:33:2b:47:33:dd:b4:9c:d8:f8:d4:27:07:27:df:
2a:1d:22:29
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBEjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MjlFNkFSMTEwLwYDVQQFEygyNjI3NzE4OThEQjQ4RDY4RDU0MzBGQzBFMzkxMUVD
OTAzNjVCQkY1MB4XDTI1MDUzMDE3MjM0NVoXDTI2MDUyOTE3MjM0NVowGDEWMBQG
A1UEAxMNNjgzOWU5YTYtMGYwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEkhDeWkyKgSLn+W22JqhBMywDBH9wArvy5K7tCzK+9DSR0FLLwK3gIhFjp
QvupzvtqkXBdxToZPCYLYUKmLI8dx6DiXKY61zr9I8vzxX0r7t8D0gi0dx9O5cSs
OPLkOKZgkAglm3kNG1PYxY7vRr5j4G1944wc7Zad6ELSo/qSy8lmY3lyjg+4ImOl
G+LX7U5UeNC8s4dyGgDTvBjcwtKSXt88S2CE3Ou8E0+M5IO46TE+wDjNpmdYlORc
qCX4JoGYnxMdM1vLxRgUUFlBBJH8kGdEKPCHJ+6OQZuOoScpep+ozBN7eMeY8MGw
fX4OeUokV/vUtaHDACrsEkfizQsCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRLFLLm
y04VJHItP9yNbnT9NhyBDjAfBgNVHSMEGDAWgBQmJ3GJjbSNaNVDD8DjkR7JA2W7
9TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVDOUMvSmlkeGlZ
MjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SmlkeGlZMjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVD
OUMvRDk5REI1MTAzRDdBMTFGMDgwM0E0Qzk1REFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIF6AjANBgkqhkiG9w0BAQsFAAOC
AQEAYgATq9+vrtcmGjcwkP0d+vQ+IlJS/ciS2f58RAjv59KI4jFh4NQnrqK26K55
t6ov/W5mrxQZgZTJbtZTkPWKqtvVI8hAjzeXPcyX6Yr/ZLDVqUlSrDUsao/X72u2
pSpQ20HIaNPGO57oyWK1/g/uZyq5k88AcXy7l80gTHeD1PuJd56mA7Ium6HXWp2g
ffZuwp3Kl4iNVefXfQcnE+GRgLKHEDoyhspvA6LPIvJ1xqIVInBcxWOg54M6AAUa
FnH6loUch8CW5avmrnDn9FsofQ64Wzwndj3Sp5+LayTCt+lCV1fcmiCXdH95e3qW
qDMrRzPdtJzY+NQnByffKh0iKQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:29:53 2025 by rpki-client