Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/EAC8A8B43D7911F08445E390DAE4EC9C.roa
File: EAC8A8B43D7911F08445E390DAE4EC9C.roa (raw, json)
Hash identifier: eQaNVk7sRv4KJi7ymQ5gXcdzyPjDv1xkdyy56YdxEwc=
Subject key identifier: CC:9E:71:71:F8:A2:A1:3C:E7:2B:81:26:35:A8:1F:34:77:A1:18:B3
Certificate issuer: /CN=F36C29E6AR/serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Certificate serial: 0A
Authority key identifier: 26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
Authority info access: rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/EAC8A8B43D7911F08445E390DAE4EC9C.roa
Signing time: Fri 30 May 2025 17:17:09 +0000
ROA not before: Fri 30 May 2025 17:17:04 +0000
ROA not after: Fri 29 May 2026 17:17:04 +0000
asID: 327947
IP address blocks: 129.122.40.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.mft
rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 09 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C29E6AR, serialNumber=262771898DB48D68D5430FC0E3911EC90365BBF5
Validity
Not Before: May 30 17:17:04 2025 GMT
Not After : May 29 17:17:04 2026 GMT
Subject: CN=6839e815-fc9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fe:c8:82:d1:1e:71:a1:4a:f0:7a:ab:8f:0e:
ac:d0:df:ae:68:ea:23:77:eb:47:85:bd:9f:ec:99:
d4:6f:44:87:f6:33:c5:d9:e3:29:36:d9:f3:05:c7:
fc:e9:25:6c:9e:5a:ef:ba:56:a3:7b:f2:ff:ff:d4:
b9:26:80:38:e3:7c:e8:69:e2:54:33:4f:e6:6a:d0:
3a:92:32:c5:04:43:01:17:da:3c:2c:f0:3c:d0:fe:
20:f1:59:ed:d9:c4:28:7e:3d:5d:29:ec:2b:1c:a6:
b7:5f:50:99:8c:36:21:a1:f1:46:13:18:0c:f7:00:
45:49:1c:a2:a4:e8:19:a6:bb:c7:7a:ee:7c:1b:6a:
66:ea:0c:ea:33:72:f2:0f:54:55:4d:4a:32:6f:cd:
6d:90:b3:34:18:0b:81:6a:90:41:6c:54:72:bd:6d:
c7:1e:25:27:9a:77:d0:ed:13:5b:5a:a3:97:64:2d:
f9:7f:3f:c7:f9:c8:64:ee:5a:8f:40:7a:d4:6d:e1:
ba:8b:a8:8c:d6:ad:1a:9e:c5:fd:41:9e:8b:12:d8:
47:97:72:6e:e2:d6:10:66:bf:03:8b:1a:4e:ff:16:
d7:ba:a9:1b:69:70:6b:33:fd:5c:9f:6f:e7:15:7f:
3f:4c:3c:64:97:22:f8:f1:ba:78:20:cd:d0:21:fa:
9c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9E:71:71:F8:A2:A1:3C:E7:2B:81:26:35:A8:1F:34:77:A1:18:B3
X509v3 Authority Key Identifier:
keyid:26:27:71:89:8D:B4:8D:68:D5:43:0F:C0:E3:91:1E:C9:03:65:BB:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/JidxiY20jWjVQw_A45EeyQNlu_U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/JidxiY20jWjVQw_A45EeyQNlu_U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C29E6/A03CAAF63D7011F0B10B60D3DAE4EC9C/EAC8A8B43D7911F08445E390DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.122.40.0/21
Signature Algorithm: sha256WithRSAEncryption
86:d0:c1:b8:4b:9d:e5:9d:82:51:8b:d5:4c:db:71:8d:77:3d:
98:c5:58:d3:b1:68:8b:c9:6c:6f:37:b5:74:70:f3:aa:3e:60:
70:54:93:b0:13:03:d9:d0:81:18:20:03:76:b8:b9:97:d3:73:
99:b7:0a:2a:29:48:2d:8b:dc:2a:ea:f1:7f:6c:ff:cb:ca:10:
30:82:cf:58:6b:fd:b2:6d:61:34:0c:24:67:8a:61:2d:cd:48:
ad:b5:f0:08:8e:c7:77:6c:1e:22:5e:a6:93:c4:a5:dc:83:50:
14:76:56:ed:16:7c:fd:5d:af:73:d2:ba:cd:ab:d9:5a:7f:c0:
22:09:28:59:f6:68:37:ed:8e:90:fa:bf:e3:a2:7b:33:e4:ec:
4b:8f:f3:7a:c1:e3:d2:92:e1:e2:93:39:84:c4:e9:22:e0:d1:
a1:a4:b7:0f:16:2d:16:b5:4b:0d:81:0a:3b:13:d1:61:6a:3c:
36:4e:b0:ee:0b:83:43:69:fc:6d:d7:a6:7f:57:5a:5b:34:8d:
cc:98:81:1c:1e:42:a5:ae:e2:df:69:34:6c:53:df:2a:4a:36:
27:c0:e1:ae:9c:61:c5:8b:df:fa:09:bb:07:ed:4f:53:49:89:
2e:6f:ff:b8:0c:70:68:fe:22:7a:93:ff:a2:c4:da:09:87:d2:
fc:f1:82:ce
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MjlFNkFSMTEwLwYDVQQFEygyNjI3NzE4OThEQjQ4RDY4RDU0MzBGQzBFMzkxMUVD
OTAzNjVCQkY1MB4XDTI1MDUzMDE3MTcwNFoXDTI2MDUyOTE3MTcwNFowGDEWMBQG
A1UEAxMNNjgzOWU4MTUtZmM5YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMr+yILRHnGhSvB6q48OrNDfrmjqI3frR4W9n+yZ1G9Eh/YzxdnjKTbZ8wXH
/OklbJ5a77pWo3vy///UuSaAOON86GniVDNP5mrQOpIyxQRDARfaPCzwPND+IPFZ
7dnEKH49XSnsKxymt19QmYw2IaHxRhMYDPcARUkcoqToGaa7x3rufBtqZuoM6jNy
8g9UVU1KMm/NbZCzNBgLgWqQQWxUcr1txx4lJ5p30O0TW1qjl2Qt+X8/x/nIZO5a
j0B61G3huouojNatGp7F/UGeixLYR5dybuLWEGa/A4saTv8W17qpG2lwazP9XJ9v
5xV/P0w8ZJci+PG6eCDN0CH6nC8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTMnnFx
+KKhPOcrgSY1qB80d6EYszAfBgNVHSMEGDAWgBQmJ3GJjbSNaNVDD8DjkR7JA2W7
9TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVDOUMvSmlkeGlZ
MjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SmlkeGlZMjBqV2pWUXdfQTQ1RWV5UU5sdV9VLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QzI5RTYvQTAzQ0FBRjYzRDcwMTFGMEIxMEI2MEQzREFFNEVD
OUMvRUFDOEE4QjQzRDc5MTFGMDg0NDVFMzkwREFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA4F6KDANBgkqhkiG9w0BAQsFAAOC
AQEAhtDBuEud5Z2CUYvVTNtxjXc9mMVY07Foi8lsbze1dHDzqj5gcFSTsBMD2dCB
GCADdri5l9NzmbcKKilILYvcKurxf2z/y8oQMILPWGv9sm1hNAwkZ4phLc1IrbXw
CI7Hd2weIl6mk8Sl3INQFHZW7RZ8/V2vc9K6zavZWn/AIgkoWfZoN+2OkPq/46J7
M+TsS4/zesHj0pLh4pM5hMTpIuDRoaS3DxYtFrVLDYEKOxPRYWo8Nk6w7guDQ2n8
bdemf1daWzSNzJiBHB5Cpa7i32k0bFPfKko2J8DhrpxhxYvf+gm7B+1PU0mJLm//
uAxwaP4iepP/osTaCYfS/PGCzg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:19:27 2025 by rpki-client