Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/065CCC7C0F8A11F0A408D6A6762E951A.roa
File: 065CCC7C0F8A11F0A408D6A6762E951A.roa (raw, json)
Hash identifier: PZmDo7V9Bybr6dy8AgIVHjnvkBZf/rS3vwH3H8Jo8ag=
Subject key identifier: 59:17:F4:C7:30:B5:D8:75:0F:F6:E5:CB:CA:36:A6:A7:DC:F2:9C:C6
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0C7C
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/065CCC7C0F8A11F0A408D6A6762E951A.roa
Signing time: Wed 02 Apr 2025 06:16:34 +0000
ROA not before: Wed 02 Apr 2025 06:16:28 +0000
ROA not after: Thu 12 Apr 2035 06:16:28 +0000
asID: 36916
IP address blocks: 192.142.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 02 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3196 (0xc7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR, serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Validity
Not Before: Apr 2 06:16:28 2025 GMT
Not After : Apr 12 06:16:28 2035 GMT
Subject: CN=67ecd641-d782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b1:e6:00:b0:92:f0:55:a0:dc:e8:eb:cf:c4:
98:46:e3:09:4a:b1:b2:a1:3d:b0:3c:74:3a:2c:e8:
bd:ca:5e:b2:91:e7:3e:92:b1:93:67:1f:f9:28:ad:
cd:44:f7:e5:49:7f:c7:21:12:54:63:f4:7b:ee:db:
2f:ed:de:30:09:a9:6e:c3:e0:69:ca:d4:4b:4e:10:
ce:6a:38:4d:40:f7:8f:c4:e6:46:76:c2:b6:9e:62:
cc:81:05:41:9b:5b:86:26:9b:bc:1f:e9:c1:c7:46:
db:96:d2:19:22:ef:a6:e9:24:bf:57:a2:9b:b9:11:
da:0e:e2:96:5a:58:b8:6c:8a:d4:65:48:60:20:00:
08:91:c4:71:28:aa:3a:d8:67:e2:98:51:ad:d9:70:
82:1a:b6:4d:3e:77:92:24:1d:96:37:de:ad:28:6b:
70:f0:a1:af:56:0f:a9:77:5d:85:e9:ab:54:fe:9d:
67:6d:2d:ae:93:9d:c0:a8:3e:50:8c:2b:e1:7c:cc:
63:8f:39:92:bc:cf:c2:f4:b1:4c:a0:4c:26:ef:5c:
aa:5e:e6:90:cc:e6:da:dd:18:91:67:fc:82:9b:f5:
8c:d1:df:cd:56:ec:bf:f0:1c:62:b3:e6:fd:b7:37:
0a:e0:44:e8:53:c0:54:a4:c1:18:44:2c:6c:ff:f9:
c6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:17:F4:C7:30:B5:D8:75:0F:F6:E5:CB:CA:36:A6:A7:DC:F2:9C:C6
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/065CCC7C0F8A11F0A408D6A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.64.0/19
Signature Algorithm: sha256WithRSAEncryption
69:d1:25:f9:02:04:9d:fa:fb:c5:1f:79:4a:c0:5b:50:51:03:
59:68:23:ca:e6:79:75:60:5d:9e:3d:5f:f7:54:04:2d:7c:5c:
a0:60:45:4b:7e:7e:bb:38:5e:3a:d5:42:a3:a5:dd:25:17:38:
6e:04:8a:db:e7:f9:03:6a:8b:ad:ab:14:37:5e:d9:e1:b1:ef:
22:67:22:f4:ef:cc:95:66:31:4e:78:6b:5a:07:b6:b9:96:15:
30:ae:18:10:c8:0e:c4:16:56:e8:16:8c:01:45:13:ee:66:20:
8d:d2:68:00:19:f1:a4:21:97:45:ae:bc:5f:b9:0b:0c:db:8e:
cd:f4:be:64:98:89:01:fe:f9:ca:ac:b0:29:2d:85:1a:b9:59:
4e:dd:5e:a7:cf:75:c7:d1:78:56:f9:73:d9:3e:03:5a:9a:7d:
48:d9:8d:42:be:f8:57:57:74:a1:bb:38:bd:43:67:a1:0b:f4:
b7:38:85:c2:5c:06:8c:b9:9f:3b:80:7f:67:b8:59:7f:2c:56:
c0:23:62:54:d5:6d:a6:2a:1c:30:02:3c:aa:9e:fd:9a:57:90:
8f:2a:d5:5c:7f:3d:aa:93:1f:79:ad:8f:63:cc:5e:97:c7:4e:
05:db:48:3d:9d:78:c6:55:91:84:2e:e6:3a:df:29:f8:78:a0:
c6:96:ba:d4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDHwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNTA0MDIwNjE2MjhaFw0zNTA0MTIwNjE2MjhaMBgxFjAU
BgNVBAMTDTY3ZWNkNjQxLWQ3ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDtseYAsJLwVaDc6OvPxJhG4wlKsbKhPbA8dDos6L3KXrKR5z6SsZNnH/ko
rc1E9+VJf8chElRj9Hvu2y/t3jAJqW7D4GnK1EtOEM5qOE1A94/E5kZ2wraeYsyB
BUGbW4Ymm7wf6cHHRtuW0hki76bpJL9Xopu5EdoO4pZaWLhsitRlSGAgAAiRxHEo
qjrYZ+KYUa3ZcIIatk0+d5IkHZY33q0oa3Dwoa9WD6l3XYXpq1T+nWdtLa6TncCo
PlCMK+F8zGOPOZK8z8L0sUygTCbvXKpe5pDM5trdGJFn/IKb9YzR381W7L/wHGKz
5v23NwrgROhTwFSkwRhELGz/+cZZAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUWRf0
xzC12HUP9uXLyjamp9zynMYwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzA2NUNDQzdDMEY4QTExRjBBNDA4RDZBNjc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXAjkAwDQYJKoZIhvcNAQELBQAD
ggEBAGnRJfkCBJ36+8UfeUrAW1BRA1loI8rmeXVgXZ49X/dUBC18XKBgRUt+frs4
XjrVQqOl3SUXOG4Eitvn+QNqi62rFDde2eGx7yJnIvTvzJVmMU54a1oHtrmWFTCu
GBDIDsQWVugWjAFFE+5mII3SaAAZ8aQhl0WuvF+5Cwzbjs30vmSYiQH++cqssCkt
hRq5WU7dXqfPdcfReFb5c9k+A1qafUjZjUK++FdXdKG7OL1DZ6EL9Lc4hcJcBoy5
nzuAf2e4WX8sVsAjYlTVbaYqHDACPKqe/ZpXkI8q1Vx/PaqTH3mtj2PMXpfHTgXb
SD2deMZVkYQu5jrfKfh4oMaWutQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:18:48 2025 by rpki-client