Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17D4FE56E9B611EF8E2A99AD762E951A.roa
File: 17D4FE56E9B611EF8E2A99AD762E951A.roa (raw, json)
Hash identifier: b9H5aPcHJBgxVRqWY9jtUI0O0jqhFNNxs+5wAFwqfsU=
Subject key identifier: E8:2A:86:7C:8D:93:79:36:A8:C9:B6:FF:80:61:48:60:6D:51:9F:55
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0121B4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17D4FE56E9B611EF8E2A99AD762E951A.roa
Signing time: Thu 13 Feb 2025 02:56:16 +0000
ROA not before: Thu 13 Feb 2025 02:56:12 +0000
ROA not after: Wed 31 Dec 2025 02:56:12 +0000
asID: 17561
IP address blocks: 156.236.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74164 (0x121b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 13 02:56:12 2025 GMT
Not After : Dec 31 02:56:12 2025 GMT
Subject: CN=67ad5f50-472d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6f:98:83:0e:2e:dc:b4:c2:0a:25:00:b3:04:
98:40:db:8f:b0:0d:91:7e:3a:03:98:1a:57:87:e0:
27:6c:13:e6:4b:3d:46:ff:9c:b6:0a:b1:f9:f7:b3:
7a:03:d4:40:0e:ea:a6:19:28:b5:7e:7c:c0:d4:48:
b7:4a:5e:fc:82:6b:c5:28:78:af:c1:b4:ff:0b:88:
2a:42:42:d5:e0:bb:91:41:d5:66:ee:02:50:ab:84:
d1:a5:c6:7c:c4:15:12:be:48:55:41:08:e3:a7:9d:
03:62:ed:cf:57:ff:0c:b7:9b:61:f0:d5:1c:bd:b7:
1d:c1:df:d1:b6:67:33:e5:c3:ee:20:39:e9:78:92:
d0:d1:04:3a:58:bd:ca:93:db:3e:b1:b9:e2:fb:fe:
81:a0:c1:03:d2:df:9f:de:dd:48:84:82:de:9c:b4:
ff:50:4e:11:78:2b:2d:d7:2b:60:c7:6a:f5:d5:80:
9e:83:65:52:48:86:af:8a:ac:eb:70:fc:68:76:55:
a9:c3:a4:8a:24:cf:06:43:32:97:1c:74:bc:e4:3e:
22:04:3d:74:2e:75:9e:18:c4:e6:1f:92:ec:c4:2c:
e1:bc:31:0b:9a:f4:11:ca:82:ea:f5:05:0e:ca:fc:
31:43:94:b5:c9:03:15:58:13:5e:ff:22:c6:58:28:
5b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2A:86:7C:8D:93:79:36:A8:C9:B6:FF:80:61:48:60:6D:51:9F:55
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17D4FE56E9B611EF8E2A99AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.45.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:71:30:a9:cb:a9:68:dd:24:45:77:9b:43:d4:a0:d2:f3:dd:
ec:bc:c1:98:01:fe:30:b0:e2:77:ae:e7:2e:1c:62:fa:bf:d2:
b0:a1:2d:04:05:c4:11:f2:6b:71:7f:44:88:36:44:3e:2d:39:
b5:59:77:79:15:3b:9e:04:e9:51:5b:bf:a4:5f:5a:c2:fb:2a:
fc:bb:d0:3f:a9:ee:13:33:c9:ac:c0:57:52:f6:0f:8c:88:de:
bb:0b:98:ee:de:bf:42:a9:c5:eb:2a:35:3f:8a:81:89:5d:0b:
af:7e:4c:74:0f:4e:2c:41:8b:52:9d:28:a9:13:21:a0:48:d7:
be:93:b4:ee:98:dc:6d:24:ff:32:cd:cb:59:2b:5f:f8:31:51:
2f:4a:60:0c:00:6e:f2:3f:27:bf:94:3d:c6:6c:d1:82:ee:c2:
e5:72:5b:3b:53:71:31:09:50:ee:7a:24:40:8f:30:48:5d:40:
2a:f0:fe:6a:7c:d7:c7:5d:94:fb:51:ec:97:7d:49:d5:87:b7:
2d:d9:f0:84:db:f1:50:8a:bc:b1:b7:a4:a2:80:bf:88:0b:e9:
ad:92:29:7f:92:61:87:62:3e:98:03:7c:c2:49:5c:7a:19:c2:
90:63:b4:46:34:a4:a4:89:cf:af:40:bd:dc:3e:ab:58:17:16:
59:71:0e:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASG0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjEzMDI1NjEyWhcNMjUxMjMxMDI1NjEyWjAYMRYw
FAYDVQQDEw02N2FkNWY1MC00NzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt2+Ygw4u3LTCCiUAswSYQNuPsA2RfjoDmBpXh+AnbBPmSz1G/5y2CrH5
97N6A9RADuqmGSi1fnzA1Ei3Sl78gmvFKHivwbT/C4gqQkLV4LuRQdVm7gJQq4TR
pcZ8xBUSvkhVQQjjp50DYu3PV/8Mt5th8NUcvbcdwd/Rtmcz5cPuIDnpeJLQ0QQ6
WL3Kk9s+sbni+/6BoMED0t+f3t1IhILenLT/UE4ReCst1ytgx2r11YCeg2VSSIav
iqzrcPxodlWpw6SKJM8GQzKXHHS85D4iBD10LnWeGMTmH5LsxCzhvDELmvQRyoLq
9QUOyvwxQ5S1yQMVWBNe/yLGWChblwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOgq
hnyNk3k2qMm2/4BhSGBtUZ9VMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xN0Q0RkU1NkU5QjYxMUVGOEUyQTk5QUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwtMA0GCSqGSIb3DQEBCwUA
A4IBAQAbcTCpy6lo3SRFd5tD1KDS893svMGYAf4wsOJ3rucuHGL6v9KwoS0EBcQR
8mtxf0SINkQ+LTm1WXd5FTueBOlRW7+kX1rC+yr8u9A/qe4TM8mswFdS9g+MiN67
C5ju3r9CqcXrKjU/ioGJXQuvfkx0D04sQYtSnSipEyGgSNe+k7TumNxtJP8yzctZ
K1/4MVEvSmAMAG7yPye/lD3GbNGC7sLlcls7U3ExCVDueiRAjzBIXUAq8P5qfNfH
XZT7UeyXfUnVh7ct2fCE2/FQiryxt6SigL+IC+mtkil/kmGHYj6YA3zCSVx6GcKQ
Y7RGNKSkic+vQL3cPqtYFxZZcQ4G
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:37 2025 by rpki-client