Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3EDA2FC8CAD811EFBF883B73762E951A.roa
File: 3EDA2FC8CAD811EFBF883B73762E951A.roa (raw, json)
Hash identifier: TDX8cUebJKwbtsG/jN3L2kD/aGat4JYp0C+fSWBp7VA=
Subject key identifier: 85:9E:C3:7C:73:F6:8E:7B:D1:E6:D7:FF:80:92:BF:6C:CE:A5:03:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F796
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3EDA2FC8CAD811EFBF883B73762E951A.roa
Signing time: Sat 04 Jan 2025 20:12:39 +0000
ROA not before: Sun 05 Jan 2025 20:12:35 +0000
ROA not after: Sat 08 Feb 2025 20:12:35 +0000
asID: 20473
IP address blocks: 45.196.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63382 (0xf796)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:12:35 2025 GMT
Not After : Feb 8 20:12:35 2025 GMT
Subject: CN=67799637-d33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:36:3e:7b:08:5b:bf:48:f9:f5:91:08:e4:
6c:90:83:c3:d5:6e:b8:95:50:d5:08:f4:40:3a:1c:
b6:df:c8:47:33:71:3d:6c:b2:7c:98:52:b4:0f:ff:
93:27:82:83:5d:ec:a2:bc:3b:35:6a:b2:d4:fc:40:
d4:98:54:5c:c7:16:ae:a2:b8:35:31:14:f4:4c:b9:
42:ca:27:35:89:ab:9b:00:79:43:8c:ff:fa:6a:84:
cf:ec:58:5c:77:06:d0:d8:b9:cc:5c:c7:6d:86:f8:
af:b9:f0:82:f1:a7:a3:bd:c1:c1:86:16:19:74:93:
bf:dd:e2:34:7f:45:a0:0c:fb:ba:b4:45:97:a1:33:
52:5b:71:8f:18:89:31:bb:f5:5c:a1:75:ce:2f:bf:
72:a1:bc:f5:d1:97:1e:52:d3:38:e4:5a:fb:3e:01:
7f:29:20:ca:80:11:3f:c5:47:4d:24:52:89:42:a8:
8a:31:43:8c:e9:c9:8e:a3:77:f0:56:93:7d:23:29:
97:14:60:9d:4c:71:df:7a:c0:d3:59:11:8c:66:24:
8c:d9:0e:22:62:ae:33:7b:75:49:a3:cb:73:b8:9b:
a2:b7:14:1d:29:ed:15:86:d4:e4:a7:0f:20:60:61:
7d:c5:41:1a:63:9c:d2:91:ef:a7:fc:dd:2d:e1:85:
dc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9E:C3:7C:73:F6:8E:7B:D1:E6:D7:FF:80:92:BF:6C:CE:A5:03:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3EDA2FC8CAD811EFBF883B73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.200.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:b3:6d:d3:4e:f1:6c:0e:d4:30:ce:ed:63:fd:d0:56:80:75:
01:ff:e7:b1:76:11:59:cf:55:53:41:a6:f9:77:a9:b2:6e:36:
d7:30:83:57:30:47:5c:a4:d7:8f:d9:c2:50:e1:12:59:7d:dd:
df:02:df:3e:d1:5e:d5:7c:41:d3:16:f3:18:60:77:ed:0d:61:
ee:16:37:2a:10:76:38:c7:da:d6:43:87:bd:c3:9e:4d:c3:e2:
5c:e5:0c:3d:74:dd:f9:41:53:25:ec:c6:26:96:3c:cb:5e:4a:
f0:42:2a:8e:55:e3:6f:29:ac:28:60:42:52:c0:48:1c:34:62:
15:37:8b:e7:88:69:57:9f:4d:fd:17:3e:18:14:8d:64:e5:a6:
a3:e2:35:eb:58:00:4d:b8:3b:1c:57:9c:ab:60:c8:c2:ec:9e:
66:a7:e9:93:61:0a:19:b0:eb:27:65:c8:29:e3:45:80:4e:99:
52:06:5b:47:dc:68:7f:6f:23:16:60:54:f4:41:b4:8d:91:f8:
f0:21:8b:31:69:42:66:9a:d7:53:89:82:ce:3a:9b:c5:49:12:
d9:7d:1e:de:ca:9f:34:a8:c2:b6:0a:6c:82:6a:30:f2:2a:eb:
0b:12:36:a5:50:70:e9:94:d8:b4:76:ce:8e:13:4f:30:b2:d1:
2d:05:e9:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjAxMjM1WhcNMjUwMjA4MjAxMjM1WjAYMRYw
FAYDVQQDEw02Nzc5OTYzNy1kMzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxss2PnsIW79I+fWRCORskIPD1W64lVDVCPRAOhy238hHM3E9bLJ8mFK0
D/+TJ4KDXeyivDs1arLU/EDUmFRcxxauorg1MRT0TLlCyic1iaubAHlDjP/6aoTP
7FhcdwbQ2LnMXMdthvivufCC8aejvcHBhhYZdJO/3eI0f0WgDPu6tEWXoTNSW3GP
GIkxu/VcoXXOL79yobz10ZceUtM45Fr7PgF/KSDKgBE/xUdNJFKJQqiKMUOM6cmO
o3fwVpN9IymXFGCdTHHfesDTWRGMZiSM2Q4iYq4ze3VJo8tzuJuitxQdKe0VhtTk
pw8gYGF9xUEaY5zSke+n/N0t4YXcyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIWe
w3xz9o570ebX/4CSv2zOpQOhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRURBMkZDOENBRDgxMUVGQkY4ODNCNzM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcTIMA0GCSqGSIb3DQEBCwUA
A4IBAQCms23TTvFsDtQwzu1j/dBWgHUB/+exdhFZz1VTQab5d6mybjbXMINXMEdc
pNeP2cJQ4RJZfd3fAt8+0V7VfEHTFvMYYHftDWHuFjcqEHY4x9rWQ4e9w55Nw+Jc
5Qw9dN35QVMl7MYmljzLXkrwQiqOVeNvKawoYEJSwEgcNGIVN4vniGlXn039Fz4Y
FI1k5aaj4jXrWABNuDscV5yrYMjC7J5mp+mTYQoZsOsnZcgp40WATplSBltH3Gh/
byMWYFT0QbSNkfjwIYsxaUJmmtdTiYLOOpvFSRLZfR7eyp80qMK2CmyCajDyKusL
EjalUHDplNi0ds6OE08wstEtBemL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:00 2025 by rpki-client