Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35B97A66F8F011EFBACB8655762E951A.roa
File: 35B97A66F8F011EFBACB8655762E951A.roa (raw, json)
Hash identifier: ThR8151t3FYZ6e2z+txZEQ9ErnlKCzrJEH0F/mi8dSs=
Subject key identifier: DF:2F:76:4E:CE:1E:C0:CB:9D:E1:77:2A:18:9A:6D:03:8C:AF:EB:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014308
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35B97A66F8F011EFBACB8655762E951A.roa
Signing time: Tue 04 Mar 2025 12:00:05 +0000
ROA not before: Tue 04 Mar 2025 12:00:00 +0000
ROA not after: Sun 06 Apr 2025 12:00:00 +0000
asID: 62816
IP address blocks: 45.205.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82696 (0x14308)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 4 12:00:00 2025 GMT
Not After : Apr 6 12:00:00 2025 GMT
Subject: CN=67c6eb45-0137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9f:bb:a1:4d:30:de:79:65:59:6d:df:be:2e:
ed:e6:6e:dd:36:bb:41:92:71:b8:f6:d7:7b:bd:50:
c5:3b:dd:32:17:f6:c1:0e:5f:9e:c4:62:c0:6f:21:
e2:a1:75:e3:c9:ad:4d:7f:f4:65:f3:4a:1d:cd:ae:
9f:24:5d:84:af:db:fa:5a:69:79:3d:91:ce:0f:5c:
a4:af:1f:68:0c:24:5f:0d:a9:23:b8:e2:ff:be:2c:
75:3d:5e:a7:63:8b:60:59:65:41:7b:b0:c0:97:c6:
e6:3b:cd:56:1f:0b:d5:31:ad:32:5d:4a:e4:f1:71:
c5:d4:34:96:96:70:8b:2b:8e:c1:64:1b:50:63:36:
f1:1b:d8:30:04:f7:d9:cf:14:64:1b:8f:50:d6:05:
d4:54:da:a9:73:2e:b7:2f:10:19:05:1b:b6:e8:b6:
75:26:6a:72:95:7c:9a:16:e6:74:8b:0f:68:e0:91:
a8:0a:47:cc:33:2b:93:4f:0a:c6:5a:b6:d6:c5:c4:
14:89:31:ea:91:1e:7e:07:cf:80:60:9f:b0:e7:35:
89:7b:c6:2d:52:75:e0:dc:a4:23:97:11:67:d8:59:
76:a9:a5:1b:96:59:5b:f4:70:a0:5c:86:a4:00:23:
ac:7c:0b:05:54:c3:ba:14:1c:7d:33:20:0a:a1:1a:
82:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2F:76:4E:CE:1E:C0:CB:9D:E1:77:2A:18:9A:6D:03:8C:AF:EB:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35B97A66F8F011EFBACB8655762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.205.174.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:8d:65:91:75:18:58:81:72:f5:45:6e:b1:29:b2:2e:47:08:
0e:63:11:bf:86:20:8c:18:bf:78:eb:7c:1e:8d:c0:16:d1:5f:
4d:cd:30:eb:be:09:2e:46:10:a8:a7:f6:7b:54:40:b0:7e:81:
fd:23:0c:4e:41:cb:2d:84:b2:02:2e:da:ee:0d:64:ab:3f:fc:
25:65:bb:ee:46:d5:2c:9d:4a:c8:f1:3b:da:73:1e:67:39:e6:
6a:3e:76:14:34:55:fe:e0:06:41:c5:95:3b:88:90:32:41:21:
ba:eb:ac:a9:98:f9:32:0a:57:fa:50:59:9b:2e:22:3c:26:35:
38:9e:16:48:23:15:57:1b:63:11:f8:12:b0:62:41:7e:86:8b:
c2:00:54:68:bd:9a:4f:84:94:cd:12:85:d2:d6:5c:c0:1d:44:
36:91:08:87:14:0c:0f:59:c4:fc:04:f3:9b:fc:14:2a:5a:d3:
bf:6c:d6:64:0c:36:58:01:28:60:66:ec:30:db:80:60:ae:74:
87:71:e2:47:a5:6b:47:6b:0f:22:c4:7d:2e:71:57:f4:4f:33:
22:08:0d:2b:ab:89:d0:0d:f9:79:d5:12:5c:f6:3f:8d:3a:b9:
84:c1:b7:ea:02:52:6f:e0:31:d7:8e:3b:d6:24:8e:9c:af:10:
f4:3b:c5:87
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUMIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA0MTIwMDAwWhcNMjUwNDA2MTIwMDAwWjAYMRYw
FAYDVQQDEw02N2M2ZWI0NS0wMTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxp+7oU0w3nllWW3fvi7t5m7dNrtBknG49td7vVDFO90yF/bBDl+exGLA
byHioXXjya1Nf/Rl80odza6fJF2Er9v6Wml5PZHOD1ykrx9oDCRfDakjuOL/vix1
PV6nY4tgWWVBe7DAl8bmO81WHwvVMa0yXUrk8XHF1DSWlnCLK47BZBtQYzbxG9gw
BPfZzxRkG49Q1gXUVNqpcy63LxAZBRu26LZ1JmpylXyaFuZ0iw9o4JGoCkfMMyuT
TwrGWrbWxcQUiTHqkR5+B8+AYJ+w5zWJe8YtUnXg3KQjlxFn2Fl2qaUblllb9HCg
XIakACOsfAsFVMO6FBx9MyAKoRqCoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN8v
dk7OHsDLneF3KhiabQOMr+u8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNUI5N0E2NkY4RjAxMUVGQkFDQjg2NTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc2uMA0GCSqGSIb3DQEBCwUA
A4IBAQA8jWWRdRhYgXL1RW6xKbIuRwgOYxG/hiCMGL9463wejcAW0V9NzTDrvgku
RhCop/Z7VECwfoH9IwxOQcsthLICLtruDWSrP/wlZbvuRtUsnUrI8Tvacx5nOeZq
PnYUNFX+4AZBxZU7iJAyQSG666ypmPkyClf6UFmbLiI8JjU4nhZIIxVXG2MR+BKw
YkF+hovCAFRovZpPhJTNEoXS1lzAHUQ2kQiHFAwPWcT8BPOb/BQqWtO/bNZkDDZY
AShgZuww24BgrnSHceJHpWtHaw8ixH0ucVf0TzMiCA0rq4nQDfl51RJc9j+NOrmE
wbfqAlJv4DHXjjvWJI6crxD0O8WH
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:16:59 2025 by rpki-client