Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81B3EE2EF43B11EF935A22A5762E951A.roa
File: 81B3EE2EF43B11EF935A22A5762E951A.roa (raw, json)
Hash identifier: CeGYvXOkFv7l2kKeDl2rZQP0UVye/zc6aTjpYnf9WWU=
Subject key identifier: D9:84:6F:75:9E:17:07:10:C0:D5:40:40:E2:97:5A:49:C6:BE:77:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01324B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81B3EE2EF43B11EF935A22A5762E951A.roa
Signing time: Wed 26 Feb 2025 12:16:29 +0000
ROA not before: Wed 26 Feb 2025 12:16:25 +0000
ROA not after: Sat 19 Feb 2028 12:16:25 +0000
asID: 17561
IP address blocks: 45.199.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78411 (0x1324b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 12:16:25 2025 GMT
Not After : Feb 19 12:16:25 2028 GMT
Subject: CN=67bf061d-2dee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:43:7a:4f:58:06:3a:e0:4c:0d:2f:91:29:59:
6f:1c:4d:93:68:65:db:93:3c:8f:87:ee:3b:06:53:
b8:af:c7:56:bc:f1:59:0f:6d:88:c8:45:c3:07:e9:
1d:c4:70:fc:2f:2f:5e:25:a2:88:9e:a1:43:65:7c:
45:1f:b3:d5:ff:39:e9:02:f2:c1:94:30:b8:05:50:
af:3c:ba:4a:02:ce:b6:e5:e3:d8:e1:43:9b:0f:37:
58:32:81:bc:dc:ac:83:fe:57:69:07:cd:ab:ea:64:
14:18:bf:aa:0b:f4:09:7e:32:b8:be:af:48:73:3e:
86:30:5d:0b:09:07:9f:d5:14:40:42:be:fc:f9:95:
53:a8:0e:c5:f2:ef:38:e4:81:40:24:fe:0b:8f:86:
05:db:e8:2b:89:7f:bc:d9:7b:a8:1c:cd:69:15:5a:
dd:bd:13:60:5d:9e:b1:0f:a3:62:ba:c6:65:08:a6:
85:c9:52:22:14:0b:e7:92:d1:45:ad:f1:de:f2:42:
1a:26:6f:3e:a3:ad:96:a0:8c:fe:f5:6c:a6:69:96:
e5:1c:55:b8:99:f4:d7:18:23:a0:fa:92:7d:33:da:
60:ef:14:25:c3:45:f1:29:13:8a:ae:a8:67:7d:74:
c7:c1:88:a3:25:69:b2:68:20:95:70:5b:66:e5:a5:
b9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:84:6F:75:9E:17:07:10:C0:D5:40:40:E2:97:5A:49:C6:BE:77:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81B3EE2EF43B11EF935A22A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.155.0/24
Signature Algorithm: sha256WithRSAEncryption
49:a5:ec:d9:81:16:2b:27:b7:dc:e0:7a:26:b7:d9:c8:24:f2:
9f:44:11:76:ad:9d:2d:f4:69:03:d4:ba:26:2b:56:fc:dd:5c:
5d:f1:8a:e0:86:6b:19:04:67:34:39:6c:48:65:4b:26:b0:5f:
2e:29:9d:13:87:73:86:1e:a1:25:66:33:42:b9:fb:03:3a:46:
cc:98:1d:e0:64:f2:3c:f3:04:ab:39:59:7c:85:4d:86:09:ac:
a9:15:34:83:bc:b7:4e:ef:93:19:5c:92:b3:1b:0b:a3:5e:c7:
92:53:b2:1d:c0:7d:44:76:2d:3a:3c:b5:75:d3:25:79:38:0c:
47:5e:ed:3f:fc:19:28:b7:38:38:17:76:e9:93:77:de:9c:c0:
30:59:34:f2:47:c7:92:b4:dd:0a:98:a0:15:e5:9b:de:c8:67:
d8:6d:69:04:41:77:90:37:f0:11:8c:31:79:df:c7:0f:da:2e:
0a:28:d4:1d:cf:2f:c7:9b:56:0f:81:b7:b2:0f:f0:10:9c:64:
26:47:08:2b:0e:3d:e4:81:f4:c7:fb:17:e0:2a:c3:20:53:d1:
d6:0a:1e:74:b6:28:ef:95:ba:00:5d:bb:90:fb:01:d8:65:43:
22:4f:06:95:47:1c:32:9b:2b:a1:29:66:5a:43:e8:f5:76:52:
8f:a4:c1:76
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATJLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTIxNjI1WhcNMjgwMjE5MTIxNjI1WjAYMRYw
FAYDVQQDEw02N2JmMDYxZC0yZGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3EN6T1gGOuBMDS+RKVlvHE2TaGXbkzyPh+47BlO4r8dWvPFZD22IyEXD
B+kdxHD8Ly9eJaKInqFDZXxFH7PV/znpAvLBlDC4BVCvPLpKAs625ePY4UObDzdY
MoG83KyD/ldpB82r6mQUGL+qC/QJfjK4vq9Icz6GMF0LCQef1RRAQr78+ZVTqA7F
8u845IFAJP4Lj4YF2+griX+82XuoHM1pFVrdvRNgXZ6xD6NiusZlCKaFyVIiFAvn
ktFFrfHe8kIaJm8+o62WoIz+9WymaZblHFW4mfTXGCOg+pJ9M9pg7xQlw0XxKROK
rqhnfXTHwYijJWmyaCCVcFtm5aW5pwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNmE
b3WeFwcQwNVAQOKXWknGvne1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MUIzRUUyRUY0M0IxMUVGOTM1QTIyQTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcebMA0GCSqGSIb3DQEBCwUA
A4IBAQBJpezZgRYrJ7fc4Homt9nIJPKfRBF2rZ0t9GkD1LomK1b83Vxd8YrghmsZ
BGc0OWxIZUsmsF8uKZ0Th3OGHqElZjNCufsDOkbMmB3gZPI88wSrOVl8hU2GCayp
FTSDvLdO75MZXJKzGwujXseSU7IdwH1Edi06PLV10yV5OAxHXu0//Bkotzg4F3bp
k3fenMAwWTTyR8eStN0KmKAV5ZveyGfYbWkEQXeQN/ARjDF538cP2i4KKNQdzy/H
m1YPgbeyD/AQnGQmRwgrDj3kgfTH+xfgKsMgU9HWCh50tijvlboAXbuQ+wHYZUMi
TwaVRxwymyuhKWZaQ+j1dlKPpMF2
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:31 2025 by rpki-client