Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C539810F48211EF990A7794762E951A.roa
File: 3C539810F48211EF990A7794762E951A.roa (raw, json)
Hash identifier: FIdwM72xYp5HEOe/JZ6vCEUPBmovkE18oKYRSOiapXk=
Subject key identifier: 40:43:68:F1:A3:16:1D:B1:FB:DB:66:59:62:3F:49:3A:BB:A9:28:E4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013798
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C539810F48211EF990A7794762E951A.roa
Signing time: Wed 26 Feb 2025 20:42:47 +0000
ROA not before: Wed 26 Feb 2025 20:42:43 +0000
ROA not after: Sat 19 Feb 2028 20:42:43 +0000
asID: 17561
IP address blocks: 45.200.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79768 (0x13798)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 20:42:43 2025 GMT
Not After : Feb 19 20:42:43 2028 GMT
Subject: CN=67bf7cc7-e9ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:5f:47:15:f6:b2:f0:12:37:7f:1b:53:4c:
5b:a0:46:9f:29:82:c2:a9:2d:df:1a:ab:71:b4:8b:
c1:6e:03:9f:c3:b3:c9:cb:aa:b3:d9:28:7c:7e:7d:
d4:61:f4:ba:86:21:1e:5b:cb:52:1f:fa:44:2b:63:
36:9e:ef:11:d7:55:43:41:2a:30:71:98:1b:4f:e8:
2c:85:86:1b:5e:d4:f3:89:91:19:3b:8c:47:1d:4f:
84:2f:c0:d9:1c:5b:5f:e9:9f:c1:4e:13:ae:01:c7:
c6:4b:8c:9f:fa:d7:ea:05:6b:e2:ac:5f:a1:55:c7:
b5:b4:c4:21:40:69:04:d7:11:63:a2:e3:1a:e2:9e:
f2:63:b6:de:cb:0d:93:50:9d:8e:e1:6f:f9:4a:e7:
d3:4e:38:a4:24:40:91:86:bb:21:f7:df:03:b2:d3:
42:d9:37:4f:58:95:4f:68:7a:aa:3c:92:ac:24:6d:
78:c7:55:65:b6:b5:d3:9f:ab:65:f7:12:77:c5:19:
5c:3f:5d:2a:63:57:3e:ba:2b:6c:9a:fa:73:aa:57:
aa:5d:5e:25:ab:e6:63:ce:01:80:00:29:46:ca:4d:
fa:28:6c:82:d4:4e:db:21:9d:b7:cc:7d:9d:95:b3:
98:11:58:10:7f:49:c1:69:1f:3e:51:14:86:dc:56:
d0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:43:68:F1:A3:16:1D:B1:FB:DB:66:59:62:3F:49:3A:BB:A9:28:E4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C539810F48211EF990A7794762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.129.0/24
Signature Algorithm: sha256WithRSAEncryption
01:6d:11:92:30:70:66:97:d3:e3:ca:8d:e6:51:29:0a:1d:41:
e0:b1:c5:4e:a9:e3:b5:e6:a5:8b:d6:24:4a:11:bd:3c:07:a6:
6b:5a:78:54:70:be:63:95:e5:df:eb:bd:04:39:76:98:d9:45:
4f:26:78:4f:84:15:a1:64:d3:f7:85:0c:2b:9a:5e:b1:8c:97:
a9:2b:89:cb:56:dd:df:d5:16:51:a4:23:b3:5b:95:f7:c0:e4:
41:65:59:a3:d1:6f:56:a2:17:ac:f1:22:ac:3b:ad:f5:2b:d2:
e2:c3:b6:ac:fb:3e:ec:5c:08:11:d4:59:e1:ae:40:9d:8b:8f:
d4:3f:c1:a0:e8:9a:ce:30:25:ac:cb:16:d4:d6:83:c2:c6:12:
e4:6e:22:49:93:9d:f9:06:60:5c:db:9d:4f:8b:24:ec:56:cc:
47:4e:e6:2f:44:a4:ed:1b:17:26:91:3a:51:4c:9a:33:7a:86:
74:85:d3:ce:84:f3:0a:79:be:26:76:73:52:65:1f:37:66:f2:
48:ae:a1:1a:d0:32:be:62:bf:1f:0f:67:29:74:e9:23:6e:db:
ed:42:74:10:9a:70:a1:4c:30:69:95:86:75:af:31:f2:38:ac:
78:86:04:2d:ad:88:ad:47:60:4b:1e:b7:7e:30:44:5b:fe:fc:
44:2e:d2:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATeYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MjA0MjQzWhcNMjgwMjE5MjA0MjQzWjAYMRYw
FAYDVQQDEw02N2JmN2NjNy1lOWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnIBfRxX2svASN38bU0xboEafKYLCqS3fGqtxtIvBbgOfw7PJy6qz2Sh8
fn3UYfS6hiEeW8tSH/pEK2M2nu8R11VDQSowcZgbT+gshYYbXtTziZEZO4xHHU+E
L8DZHFtf6Z/BThOuAcfGS4yf+tfqBWvirF+hVce1tMQhQGkE1xFjouMa4p7yY7be
yw2TUJ2O4W/5SufTTjikJECRhrsh998DstNC2TdPWJVPaHqqPJKsJG14x1VltrXT
n6tl9xJ3xRlcP10qY1c+uitsmvpzqleqXV4lq+ZjzgGAAClGyk36KGyC1E7bIZ23
zH2dlbOYEVgQf0nBaR8+URSG3FbQtwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEBD
aPGjFh2x+9tmWWI/STq7qSjkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzUzOTgxMEY0ODIxMUVGOTkwQTc3OTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALciBMA0GCSqGSIb3DQEBCwUA
A4IBAQABbRGSMHBml9Pjyo3mUSkKHUHgscVOqeO15qWL1iRKEb08B6ZrWnhUcL5j
leXf670EOXaY2UVPJnhPhBWhZNP3hQwrml6xjJepK4nLVt3f1RZRpCOzW5X3wORB
ZVmj0W9Wohes8SKsO631K9Liw7as+z7sXAgR1FnhrkCdi4/UP8Gg6JrOMCWsyxbU
1oPCxhLkbiJJk535BmBc251PiyTsVsxHTuYvRKTtGxcmkTpRTJozeoZ0hdPOhPMK
eb4mdnNSZR83ZvJIrqEa0DK+Yr8fD2cpdOkjbtvtQnQQmnChTDBplYZ1rzHyOKx4
hgQtrYitR2BLHrd+MERb/vxELtI+
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:24:58 2025 by rpki-client