Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E1120B0F41D11EF94418151762E951A.roa
File: 3E1120B0F41D11EF94418151762E951A.roa (raw, json)
Hash identifier: 2LVJ4GuTbkx99EFxP2XvTsrnX3qWgNlhXjKjTW+6TEE=
Subject key identifier: 31:EF:F6:07:65:A7:58:E2:2A:0B:52:92:18:E7:F9:F9:60:A7:8F:05
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013008
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E1120B0F41D11EF94418151762E951A.roa
Signing time: Wed 26 Feb 2025 08:39:50 +0000
ROA not before: Wed 26 Feb 2025 08:39:47 +0000
ROA not after: Sat 19 Feb 2028 08:39:47 +0000
asID: 17561
IP address blocks: 45.197.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77832 (0x13008)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 08:39:47 2025 GMT
Not After : Feb 19 08:39:47 2028 GMT
Subject: CN=67bed356-075d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:72:a7:29:c3:03:f8:5f:9c:47:3f:77:18:1c:
ba:b0:90:be:2f:14:51:27:42:72:f8:55:b5:5f:08:
8e:42:d4:0c:40:9b:66:6f:90:91:cb:3f:39:cf:9e:
db:ca:71:b9:fc:d9:0d:f1:ea:b3:e7:e4:20:65:ea:
47:45:55:e3:2b:9c:14:ea:b7:d1:3a:1b:8d:b6:ac:
6f:ee:eb:67:8a:92:fe:79:58:8f:c7:c9:f3:86:b6:
80:1c:9f:80:e2:97:d3:f3:93:1f:ab:09:93:1f:fe:
93:6b:bb:71:af:28:27:d9:da:92:26:78:f7:84:04:
a2:0c:55:98:93:c7:70:8f:2d:b4:10:f9:75:1d:b1:
aa:10:ce:2d:0c:26:ac:f0:63:3c:6f:c6:ad:64:7f:
ef:07:8c:3b:7e:67:01:25:24:ad:40:a8:b7:92:09:
0a:9b:bb:ff:e7:a3:62:db:95:11:80:b7:ab:3b:46:
c0:5b:31:ad:db:52:37:ca:ca:0d:e7:a1:98:29:93:
10:bc:c2:e8:91:fa:98:17:08:81:09:22:52:6d:31:
69:9a:62:b5:75:06:ec:3e:81:69:92:8e:71:37:f0:
75:45:ad:f7:9d:d6:1c:0b:a8:91:26:cc:f2:13:60:
23:52:d0:8c:ec:06:a6:ff:39:16:4a:ad:e7:e2:42:
38:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:EF:F6:07:65:A7:58:E2:2A:0B:52:92:18:E7:F9:F9:60:A7:8F:05
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E1120B0F41D11EF94418151762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.58.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:10:3f:ad:f4:8c:8e:5f:fe:65:bd:13:84:f8:d9:b6:90:0a:
c9:51:0b:09:8b:84:d3:65:e9:82:0d:cf:35:8b:4a:73:57:62:
f1:38:f0:02:4f:3d:f2:1d:1e:00:f0:be:5a:32:64:7e:64:84:
b0:df:ac:78:09:3b:59:68:28:7c:ee:8a:cc:81:c3:68:07:3e:
51:12:7a:e2:b3:4d:e2:f1:9d:cc:a6:28:d1:f6:f0:da:47:16:
a9:39:ea:6a:98:50:b8:29:82:6d:be:2a:2e:46:c7:1a:4c:2d:
6c:5b:22:b5:02:37:2c:97:43:b2:1f:8f:87:46:74:40:55:49:
0d:7b:52:e8:42:e4:ad:76:78:b9:8e:67:23:42:2a:8a:0d:db:
a8:97:ba:35:45:49:d8:48:77:a9:9c:8f:4c:91:f8:c9:1b:17:
8d:39:33:d8:7e:70:11:45:2f:b6:f7:28:61:86:bc:e3:0c:9c:
a3:34:e5:ad:a9:49:d8:f1:aa:fe:04:e6:cb:46:ae:0d:7a:15:
40:eb:86:d5:94:e0:79:12:5c:bb:2b:66:f3:21:ca:ca:41:5d:
f6:9c:e0:4c:0a:bc:ce:bc:4b:4e:84:c4:b7:3f:9d:4f:aa:3e:
7f:6c:1a:57:81:2d:e1:af:22:1c:3b:6c:e6:3e:01:fa:d0:48:
99:4c:94:26
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATAIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDgzOTQ3WhcNMjgwMjE5MDgzOTQ3WjAYMRYw
FAYDVQQDEw02N2JlZDM1Ni0wNzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAunKnKcMD+F+cRz93GBy6sJC+LxRRJ0Jy+FW1XwiOQtQMQJtmb5CRyz85
z57bynG5/NkN8eqz5+QgZepHRVXjK5wU6rfROhuNtqxv7utnipL+eViPx8nzhraA
HJ+A4pfT85MfqwmTH/6Ta7txrygn2dqSJnj3hASiDFWYk8dwjy20EPl1HbGqEM4t
DCas8GM8b8atZH/vB4w7fmcBJSStQKi3kgkKm7v/56Ni25URgLerO0bAWzGt21I3
ysoN56GYKZMQvMLokfqYFwiBCSJSbTFpmmK1dQbsPoFpko5xN/B1Ra33ndYcC6iR
JszyE2AjUtCM7Aam/zkWSq3n4kI4XwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDHv
9gdlp1jiKgtSkhjn+flgp48FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRTExMjBCMEY0MUQxMUVGOTQ0MTgxNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcU6MA0GCSqGSIb3DQEBCwUA
A4IBAQBeED+t9IyOX/5lvROE+Nm2kArJUQsJi4TTZemCDc81i0pzV2LxOPACTz3y
HR4A8L5aMmR+ZISw36x4CTtZaCh87orMgcNoBz5REnris03i8Z3MpijR9vDaRxap
OepqmFC4KYJtviouRscaTC1sWyK1Ajcsl0OyH4+HRnRAVUkNe1LoQuStdni5jmcj
QiqKDduol7o1RUnYSHepnI9MkfjJGxeNOTPYfnARRS+29yhhhrzjDJyjNOWtqUnY
8ar+BObLRq4NehVA64bVlOB5Ely7K2bzIcrKQV32nOBMCrzOvEtOhMS3P51Pqj5/
bBpXgS3hryIcO2zmPgH60EiZTJQm
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:54 2025 by rpki-client