Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A30D0B48F88A11EF9E11F697762E951A.roa
File: A30D0B48F88A11EF9E11F697762E951A.roa (raw, json)
Hash identifier: 6zBEhbnxwaHr/lGgCNfQa/ZIbMeBTN+OPSW9HSAMO3A=
Subject key identifier: 60:FD:21:6D:7D:EF:A7:E8:4D:09:C1:78:23:48:92:FD:F0:49:C8:8D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014287
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A30D0B48F88A11EF9E11F697762E951A.roa
Signing time: Mon 03 Mar 2025 23:53:00 +0000
ROA not before: Mon 03 Mar 2025 23:52:56 +0000
ROA not after: Sun 15 Mar 2026 23:52:56 +0000
asID: 60609
IP address blocks: 45.200.136.0/24 maxlen: 24
45.200.137.0/24 maxlen: 24
45.200.138.0/24 maxlen: 24
45.200.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:26:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82567 (0x14287)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 3 23:52:56 2025 GMT
Not After : Mar 15 23:52:56 2026 GMT
Subject: CN=67c640dc-1891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:03:09:26:70:c8:9f:cc:08:ae:ad:b2:a9:17:
17:e8:74:47:2b:2f:c3:99:be:22:dc:e3:f7:9c:8d:
eb:c2:e9:8e:ac:80:35:79:aa:65:a2:74:68:a8:14:
53:10:a8:7e:28:2e:d6:f2:4d:31:6f:9f:6f:b7:7d:
df:b9:7b:91:9c:3b:42:ec:25:84:c6:f3:d9:1d:d7:
c0:c1:94:51:a2:10:18:47:f6:4f:f7:d7:ef:b7:17:
18:1c:63:52:6e:81:f7:ca:30:87:7b:01:dd:c7:bf:
b4:66:b1:a3:90:cb:32:e5:d8:8f:13:b5:8f:89:e9:
d3:c0:d5:7a:87:d8:a3:42:f6:0a:bb:eb:41:bc:2e:
60:5d:c2:df:8b:df:42:04:31:20:cd:5d:4f:ae:a3:
be:87:53:72:b8:5e:8c:0a:a3:ae:fb:2d:c6:bc:39:
8c:67:c2:6f:94:29:ea:c1:99:a8:92:4e:33:47:c9:
a3:fc:3f:2c:a9:58:69:e0:74:66:e1:b3:3a:a2:00:
10:1f:84:2e:2d:34:10:02:25:c0:77:12:ee:ac:6c:
6d:8e:2c:75:65:62:bd:6e:c0:e0:b7:c4:22:49:04:
a9:9d:13:26:24:e0:97:13:14:40:9b:64:b8:82:98:
28:77:38:0a:37:8d:06:26:e7:4f:dc:76:48:f6:65:
a8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FD:21:6D:7D:EF:A7:E8:4D:09:C1:78:23:48:92:FD:F0:49:C8:8D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A30D0B48F88A11EF9E11F697762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.136.0/22
Signature Algorithm: sha256WithRSAEncryption
63:6a:07:0f:fa:94:57:60:20:9b:11:bf:e6:2c:0f:a5:af:7e:
85:39:94:43:c8:28:ce:97:bd:d0:07:64:e5:a3:8c:9a:a0:fa:
3c:4f:bf:36:d8:52:fc:db:51:ae:5c:ae:b5:26:af:84:18:70:
d3:2c:ec:34:48:4b:8a:8e:92:b4:aa:19:2c:40:30:d9:4b:14:
b7:7a:95:18:16:76:e3:d9:de:d0:d8:f6:27:19:16:7b:60:3c:
2e:d5:00:fd:80:2f:07:4c:fa:3f:7a:bb:c0:47:03:94:ce:f6:
34:a0:29:c4:06:b0:7f:87:85:10:41:8b:0f:80:49:a6:ca:50:
18:91:67:0a:55:cf:0a:aa:e4:4e:83:6d:08:2c:18:89:84:cd:
cf:a2:2d:ad:61:09:20:c6:7d:35:01:50:02:ff:50:a8:9c:03:
f7:0b:90:1f:32:a2:9e:3a:86:65:1a:80:b4:09:b7:65:35:03:
f4:c1:f2:c1:22:8d:96:3b:1d:74:81:d1:91:a5:50:ce:a7:a2:
c0:1c:42:b1:94:75:99:d3:1f:6d:03:d3:cf:eb:77:e4:b4:a5:
5a:6d:72:14:71:e0:e7:fb:49:9f:8b:6e:69:17:97:b0:a7:c6:
49:e6:9d:e0:1a:09:62:e2:09:fa:b7:53:2d:b4:3d:9c:61:83:
4e:7b:83:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUKHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAzMjM1MjU2WhcNMjYwMzE1MjM1MjU2WjAYMRYw
FAYDVQQDEw02N2M2NDBkYy0xODkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqwMJJnDIn8wIrq2yqRcX6HRHKy/Dmb4i3OP3nI3rwumOrIA1eaplonRo
qBRTEKh+KC7W8k0xb59vt33fuXuRnDtC7CWExvPZHdfAwZRRohAYR/ZP99fvtxcY
HGNSboH3yjCHewHdx7+0ZrGjkMsy5diPE7WPienTwNV6h9ijQvYKu+tBvC5gXcLf
i99CBDEgzV1PrqO+h1NyuF6MCqOu+y3GvDmMZ8JvlCnqwZmokk4zR8mj/D8sqVhp
4HRm4bM6ogAQH4QuLTQQAiXAdxLurGxtjix1ZWK9bsDgt8QiSQSpnRMmJOCXExRA
m2S4gpgodzgKN40GJudP3HZI9mWoIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGD9
IW1976foTQnBeCNIkv3wSciNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMzBEMEI0OEY4OEExMUVGOUUxMUY2OTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLciIMA0GCSqGSIb3DQEBCwUA
A4IBAQBjagcP+pRXYCCbEb/mLA+lr36FOZRDyCjOl73QB2Tlo4yaoPo8T7822FL8
21GuXK61Jq+EGHDTLOw0SEuKjpK0qhksQDDZSxS3epUYFnbj2d7Q2PYnGRZ7YDwu
1QD9gC8HTPo/ervARwOUzvY0oCnEBrB/h4UQQYsPgEmmylAYkWcKVc8KquROg20I
LBiJhM3Poi2tYQkgxn01AVAC/1ConAP3C5AfMqKeOoZlGoC0CbdlNQP0wfLBIo2W
Ox10gdGRpVDOp6LAHEKxlHWZ0x9tA9PP63fktKVabXIUceDn+0mfi25pF5ewp8ZJ
5p3gGgli4gn6t1MttD2cYYNOe4M+
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:45:25 2025 by rpki-client