Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ABD31BAC03F011F0B1534CB9762E951A.roa
File: ABD31BAC03F011F0B1534CB9762E951A.roa (raw, json)
Hash identifier: m5KyMfw4//9wGAUfXfxaJcbL2yAB+no1Bd9xBc/sXEY=
Subject key identifier: 61:35:CD:76:8D:62:44:90:E5:6F:0C:D3:E9:DE:0F:B1:28:2E:9B:61
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0146B3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ABD31BAC03F011F0B1534CB9762E951A.roa
Signing time: Tue 18 Mar 2025 12:01:06 +0000
ROA not before: Tue 18 Mar 2025 12:01:02 +0000
ROA not after: Sun 20 Apr 2025 12:01:02 +0000
asID: 174
IP address blocks: 45.195.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83635 (0x146b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 18 12:01:02 2025 GMT
Not After : Apr 20 12:01:02 2025 GMT
Subject: CN=67d96082-32c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e1:24:06:9e:97:a7:96:c0:cf:27:eb:40:d3:
2d:d1:58:96:85:01:17:6a:3e:dc:dd:6e:c8:c3:de:
d9:09:97:fa:ca:be:6b:51:90:68:10:63:42:8a:0a:
a9:ce:26:58:3c:b8:d9:85:42:5a:18:67:e1:b2:05:
bb:3d:1c:ac:c3:30:34:b7:59:a8:01:32:ad:b3:8a:
aa:92:bb:3e:e9:5a:3b:ee:f9:d9:f7:f8:45:95:69:
c8:66:12:c2:96:e0:d0:92:cd:61:c4:4a:83:40:5e:
54:ba:0f:68:2b:39:bd:49:9a:23:98:d3:ea:c9:78:
7e:b0:7f:63:08:18:d8:e1:1a:5c:a7:30:6e:89:7f:
33:c5:51:0b:1a:79:c9:d2:11:c3:c0:69:e2:3f:23:
de:66:e8:f3:87:d2:96:07:9a:63:92:de:69:7b:09:
25:04:8a:f0:b6:9a:37:0f:c9:10:d6:e6:3e:08:64:
a4:a4:24:23:70:f9:60:3d:b3:a3:67:59:6d:01:37:
53:93:ab:28:67:9b:e4:12:1a:5c:d0:1a:8a:a4:72:
32:22:d1:a4:70:3c:c4:45:7e:78:04:b7:c3:28:6d:
f6:62:93:03:85:4e:c3:b9:bc:fb:27:46:6e:c1:49:
52:00:23:40:32:80:08:95:73:be:4d:ad:77:53:17:
8c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:35:CD:76:8D:62:44:90:E5:6F:0C:D3:E9:DE:0F:B1:28:2E:9B:61
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ABD31BAC03F011F0B1534CB9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.195.244.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:7f:90:44:3e:5d:6a:9f:bf:e3:c4:28:e9:3b:af:be:c7:bc:
6e:5f:e8:ac:20:a4:14:d7:50:26:e7:91:0f:14:bb:99:c5:13:
46:37:39:dd:6e:6f:3d:64:41:9f:aa:64:a1:a5:a6:11:64:af:
7c:51:fe:b8:df:be:6b:9b:fe:48:a8:d8:7c:ab:54:cb:b7:cf:
b0:ef:4c:f1:39:54:d9:ba:05:7e:20:34:95:0e:32:cb:83:ba:
e3:5a:f7:83:7e:15:5b:80:b4:a9:17:97:81:88:3b:9f:80:46:
5d:a3:3c:d0:a7:b7:de:c7:a8:50:be:a5:09:ea:7a:58:8f:29:
98:f4:7a:8a:e6:d1:30:ba:b7:0d:2a:ce:7d:e6:44:65:32:82:
44:ad:7f:f1:57:21:d8:e3:bb:e9:27:69:85:5c:ec:f4:06:1e:
b7:d4:df:36:95:d5:38:2a:33:4f:b1:e3:39:5c:77:28:1f:98:
ba:dd:bb:b8:e8:02:78:f5:44:3e:77:03:08:97:bc:f6:ea:94:
72:3c:1b:77:07:3e:35:b4:52:b6:e5:c4:28:0e:ae:dd:ba:94:
6b:07:2a:4d:4d:5d:99:96:ff:f2:22:e4:c4:5b:ab:c9:64:ea:
6b:d9:92:7e:df:ca:28:a2:f6:20:84:67:c1:56:21:1a:e0:92:
30:bd:9a:6a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUazMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE4MTIwMTAyWhcNMjUwNDIwMTIwMTAyWjAYMRYw
FAYDVQQDEw02N2Q5NjA4Mi0zMmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnOEkBp6Xp5bAzyfrQNMt0ViWhQEXaj7c3W7Iw97ZCZf6yr5rUZBoEGNC
igqpziZYPLjZhUJaGGfhsgW7PRyswzA0t1moATKts4qqkrs+6Vo77vnZ9/hFlWnI
ZhLCluDQks1hxEqDQF5Uug9oKzm9SZojmNPqyXh+sH9jCBjY4RpcpzBuiX8zxVEL
GnnJ0hHDwGniPyPeZujzh9KWB5pjkt5pewklBIrwtpo3D8kQ1uY+CGSkpCQjcPlg
PbOjZ1ltATdTk6soZ5vkEhpc0BqKpHIyItGkcDzERX54BLfDKG32YpMDhU7Dubz7
J0ZuwUlSACNAMoAIlXO+Ta13UxeMIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGE1
zXaNYkSQ5W8M0+neD7EoLpthMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQkQzMUJBQzAzRjAxMUYwQjE1MzRDQjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcP0MA0GCSqGSIb3DQEBCwUA
A4IBAQA7f5BEPl1qn7/jxCjpO6++x7xuX+isIKQU11Am55EPFLuZxRNGNzndbm89
ZEGfqmShpaYRZK98Uf64375rm/5IqNh8q1TLt8+w70zxOVTZugV+IDSVDjLLg7rj
WveDfhVbgLSpF5eBiDufgEZdozzQp7fex6hQvqUJ6npYjymY9HqK5tEwurcNKs59
5kRlMoJErX/xVyHY47vpJ2mFXOz0Bh631N82ldU4KjNPseM5XHcoH5i63bu46AJ4
9UQ+dwMIl7z26pRyPBt3Bz41tFK25cQoDq7dupRrBypNTV2Zlv/yIuTEW6vJZOpr
2ZJ+38ooovYghGfBViEa4JIwvZpq
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:10 2025 by rpki-client