Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17C82600CD1311EF8128C8A0762E951A.roa
File: 17C82600CD1311EF8128C8A0762E951A.roa (raw, json)
Hash identifier: NzIdmhPzV0qkL7akqxUMoS09OhvMWi7UxMdaLQ/BHsU=
Subject key identifier: 10:69:25:B5:C0:17:77:F3:83:6A:CF:DA:EB:74:7C:11:D0:98:24:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD03
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17C82600CD1311EF8128C8A0762E951A.roa
Signing time: Tue 07 Jan 2025 16:18:56 +0000
ROA not before: Tue 07 Jan 2025 16:18:52 +0000
ROA not after: Mon 13 Dec 2027 16:18:52 +0000
asID: 17561
IP address blocks: 156.240.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64771 (0xfd03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:18:52 2025 GMT
Not After : Dec 13 16:18:52 2027 GMT
Subject: CN=677d53f0-88b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:62:19:c4:3e:04:f7:21:0c:c8:5c:5e:1b:70:
aa:1f:b7:74:4b:22:c9:1b:a8:42:c9:d6:d1:ba:0a:
77:23:50:57:a6:ef:03:0b:f0:d0:a3:01:b0:1b:5e:
d3:e2:17:37:f6:15:48:f3:31:37:61:ca:11:69:f5:
ab:62:b0:58:c1:e0:66:6f:3d:74:df:14:4d:ed:3f:
ed:a9:fb:c7:b2:a7:9d:2a:da:b4:06:d4:8c:82:f7:
36:4d:37:06:bb:4e:bd:51:d3:27:7d:a5:34:43:83:
78:c4:ea:40:c9:fa:43:75:1f:e8:eb:5a:dd:17:7b:
8c:b7:b5:7a:06:03:a7:1c:17:4c:c4:4a:cd:aa:80:
50:c1:10:4e:4c:11:d5:32:7a:02:c0:e5:37:fa:10:
16:11:2b:38:50:e0:ff:34:98:23:2f:69:b1:52:73:
8a:91:0f:64:25:14:a5:f8:26:90:7d:4f:44:b4:4d:
b4:2f:4e:86:35:6c:4d:4e:4d:94:d3:87:d0:f9:c3:
85:d3:36:b5:81:af:8f:74:44:25:c3:9d:d9:3a:37:
5b:a7:ee:1d:90:b9:5f:4f:89:8f:25:11:7a:f3:97:
c2:6e:d0:4e:33:d8:7c:d0:57:83:78:cb:da:34:73:
8e:c3:8c:d8:40:d1:74:54:53:97:95:95:9d:6c:99:
e9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:69:25:B5:C0:17:77:F3:83:6A:CF:DA:EB:74:7C:11:D0:98:24:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17C82600CD1311EF8128C8A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.102.0/24
Signature Algorithm: sha256WithRSAEncryption
19:7a:b6:81:d4:3e:2d:ab:39:22:89:2b:3d:9b:71:b3:fb:45:
0f:4c:70:b4:2f:f6:6e:76:d1:39:03:c1:02:3a:e9:f1:b4:8d:
50:76:58:b6:1b:2a:fc:58:8d:c3:00:0a:4c:cc:9a:96:0b:74:
ea:98:e4:db:19:08:ef:85:3f:67:b6:32:51:bc:1c:1c:b5:08:
aa:12:ef:fa:f4:64:9c:12:00:b3:81:ad:85:7e:4f:29:1e:69:
89:4a:8b:96:bd:bc:c5:f6:5e:62:7d:2c:95:f3:7d:86:82:22:
d9:4c:81:59:87:44:4c:60:57:fb:31:51:b8:63:ec:70:a1:d2:
5e:3c:bf:fe:52:e8:46:89:32:fb:de:41:05:d6:8b:c8:65:81:
19:f3:98:f3:53:72:c9:00:35:d6:d4:90:d6:b0:8d:0e:d3:f5:
65:cd:0c:7a:99:53:fc:56:5e:8e:a1:2b:91:52:83:65:ea:ef:
71:43:31:29:2b:c4:3f:14:35:c3:61:af:2c:42:cf:c5:2b:ea:
60:7e:27:e9:e3:72:ce:8a:1b:2b:dc:b2:84:ae:ea:43:3a:4f:
a2:dc:e8:c1:b2:49:27:3c:39:45:71:28:cf:05:25:c6:1c:e9:
fc:18:78:39:c8:67:34:70:8c:f4:c0:81:1b:ab:13:2d:de:5c:
5f:b8:58:0c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYxODUyWhcNMjcxMjEzMTYxODUyWjAYMRYw
FAYDVQQDEw02NzdkNTNmMC04OGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnmIZxD4E9yEMyFxeG3CqH7d0SyLJG6hCydbRugp3I1BXpu8DC/DQowGw
G17T4hc39hVI8zE3YcoRafWrYrBYweBmbz103xRN7T/tqfvHsqedKtq0BtSMgvc2
TTcGu069UdMnfaU0Q4N4xOpAyfpDdR/o61rdF3uMt7V6BgOnHBdMxErNqoBQwRBO
TBHVMnoCwOU3+hAWESs4UOD/NJgjL2mxUnOKkQ9kJRSl+CaQfU9EtE20L06GNWxN
Tk2U04fQ+cOF0za1ga+PdEQlw53ZOjdbp+4dkLlfT4mPJRF685fCbtBOM9h80FeD
eMvaNHOOw4zYQNF0VFOXlZWdbJnp7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBBp
JbXAF3fzg2rP2ut0fBHQmCSnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xN0M4MjYwMENEMTMxMUVGODEyOEM4QTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPBmMA0GCSqGSIb3DQEBCwUA
A4IBAQAZeraB1D4tqzkiiSs9m3Gz+0UPTHC0L/ZudtE5A8ECOunxtI1Qdli2Gyr8
WI3DAApMzJqWC3TqmOTbGQjvhT9ntjJRvBwctQiqEu/69GScEgCzga2Ffk8pHmmJ
SouWvbzF9l5ifSyV832GgiLZTIFZh0RMYFf7MVG4Y+xwodJePL/+UuhGiTL73kEF
1ovIZYEZ85jzU3LJADXW1JDWsI0O0/VlzQx6mVP8Vl6OoSuRUoNl6u9xQzEpK8Q/
FDXDYa8sQs/FK+pgfifp43LOihsr3LKErupDOk+i3OjBskknPDlFcSjPBSXGHOn8
GHg5yGc0cIz0wIEbqxMt3lxfuFgM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:31 2025 by rpki-client