Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F41BF6D6F43711EFA848268B762E951A.roa
File: F41BF6D6F43711EFA848268B762E951A.roa (raw, json)
Hash identifier: Ks3rg9lN/UUdh7PxV8S5vLgV1MIZGqC33SyhkqSkWRQ=
Subject key identifier: D0:27:E4:66:64:6B:04:92:AB:0F:D1:92:DD:7A:4C:50:DF:DD:B1:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0131F9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F41BF6D6F43711EFA848268B762E951A.roa
Signing time: Wed 26 Feb 2025 11:51:03 +0000
ROA not before: Wed 26 Feb 2025 11:50:59 +0000
ROA not after: Sat 19 Feb 2028 11:50:59 +0000
asID: 17561
IP address blocks: 45.196.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78329 (0x131f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 11:50:59 2025 GMT
Not After : Feb 19 11:50:59 2028 GMT
Subject: CN=67bf0027-54ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e0:a6:c3:b8:3e:0a:10:fd:51:66:32:f6:4f:
27:3a:bd:62:6a:29:6d:4c:ff:c8:e2:94:5e:a7:77:
dc:c7:90:10:fe:24:c4:62:ca:33:b1:d8:c3:66:49:
3b:c4:a1:73:95:87:bd:11:ab:db:ce:4e:a6:7b:e1:
54:ea:f0:5a:f1:79:73:8c:96:d5:9b:c4:dd:b6:75:
eb:35:2c:00:2f:63:7a:cd:2e:0e:2e:47:ed:b3:d4:
28:d1:6e:84:c1:42:82:f5:8d:07:fe:ae:bd:b2:82:
07:6c:0d:6a:78:cc:be:32:9c:fb:9c:c9:80:75:91:
9e:7d:c7:1d:cb:9b:36:df:d8:4a:bc:37:4c:ca:4f:
ae:ea:7c:8b:a0:8f:60:94:6c:9f:68:03:bc:40:4e:
37:0c:45:9f:5d:44:8d:15:a5:a0:f3:22:93:a1:08:
ed:e6:04:5b:98:81:b1:bc:78:5d:0a:f4:a5:fc:31:
40:35:d7:57:91:a0:1f:37:2f:74:16:43:71:b0:15:
92:44:94:70:4c:68:bb:6f:b8:7d:e1:bc:17:89:36:
c3:ac:68:5c:5d:cf:99:21:09:ee:a1:af:08:00:64:
92:a8:57:8c:ce:ff:27:a7:3e:8e:c1:d6:19:a8:62:
55:c4:13:bb:70:01:ae:19:62:88:12:91:a3:27:64:
71:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:27:E4:66:64:6B:04:92:AB:0F:D1:92:DD:7A:4C:50:DF:DD:B1:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F41BF6D6F43711EFA848268B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.13.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:64:d9:45:6f:30:39:0e:74:87:68:2c:e0:99:e2:b5:30:96:
62:14:d1:ba:ed:78:30:13:a8:9b:f5:a0:bd:2c:db:4b:a7:98:
a7:9f:4d:f5:09:ba:9e:2b:70:ae:45:df:43:8c:8d:c3:ce:c1:
fb:bc:e2:47:76:18:87:1b:e3:46:a1:5e:5b:2f:da:0e:c6:5b:
18:56:c5:ef:c1:5f:6a:23:c8:4c:5a:f5:21:1e:9c:f3:92:ae:
8d:a0:61:10:a2:78:9f:23:e6:7c:8d:81:52:a4:49:ba:69:5b:
e3:03:5e:d3:4e:0d:fd:b3:4a:b8:46:de:ed:0d:89:68:14:5b:
c6:63:07:c4:ec:86:1c:29:ce:86:77:3b:c2:46:21:cd:f2:15:
6b:20:f7:bc:c9:e0:26:0d:8e:be:b3:73:29:09:b0:ad:cb:a7:
ff:ef:9a:57:ae:40:e6:90:2c:66:88:e8:04:c3:fe:c2:0c:7d:
24:22:3b:1a:90:18:63:52:9e:14:65:ba:2b:67:89:fb:fc:e6:
70:d8:96:89:57:5b:32:3e:72:97:2d:2f:75:33:9c:72:73:c4:
fe:54:e0:79:65:04:ed:7a:2b:88:ae:c3:30:b1:95:04:a5:ff:
e3:93:c6:d0:42:8d:66:84:44:b8:aa:8e:66:61:00:56:7b:e1:
e4:dd:a6:7c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATH5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTE1MDU5WhcNMjgwMjE5MTE1MDU5WjAYMRYw
FAYDVQQDEw02N2JmMDAyNy01NGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+Cmw7g+ChD9UWYy9k8nOr1iailtTP/I4pRep3fcx5AQ/iTEYsozsdjD
Zkk7xKFzlYe9Eavbzk6me+FU6vBa8XlzjJbVm8TdtnXrNSwAL2N6zS4OLkfts9Qo
0W6EwUKC9Y0H/q69soIHbA1qeMy+Mpz7nMmAdZGefccdy5s239hKvDdMyk+u6nyL
oI9glGyfaAO8QE43DEWfXUSNFaWg8yKToQjt5gRbmIGxvHhdCvSl/DFANddXkaAf
Ny90FkNxsBWSRJRwTGi7b7h94bwXiTbDrGhcXc+ZIQnuoa8IAGSSqFeMzv8npz6O
wdYZqGJVxBO7cAGuGWKIEpGjJ2RxUQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNAn
5GZkawSSqw/Rkt16TFDf3bFKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNDFCRjZENkY0MzcxMUVGQTg0ODI2OEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcQNMA0GCSqGSIb3DQEBCwUA
A4IBAQCLZNlFbzA5DnSHaCzgmeK1MJZiFNG67XgwE6ib9aC9LNtLp5inn031Cbqe
K3CuRd9DjI3DzsH7vOJHdhiHG+NGoV5bL9oOxlsYVsXvwV9qI8hMWvUhHpzzkq6N
oGEQonifI+Z8jYFSpEm6aVvjA17TTg39s0q4Rt7tDYloFFvGYwfE7IYcKc6GdzvC
RiHN8hVrIPe8yeAmDY6+s3MpCbCty6f/75pXrkDmkCxmiOgEw/7CDH0kIjsakBhj
Up4UZborZ4n7/OZw2JaJV1syPnKXLS91M5xyc8T+VOB5ZQTteiuIrsMwsZUEpf/j
k8bQQo1mhES4qo5mYQBWe+Hk3aZ8
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:56 2025 by rpki-client