Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B17B2FD4C94B11EF9BE4AB97762E951A.roa
File: B17B2FD4C94B11EF9BE4AB97762E951A.roa (raw, json)
Hash identifier: j4ZZqeuBAAQ8+54FMRpOx5lSBHihL9wNuqWdDyEzYs4=
Subject key identifier: 55:03:E1:03:08:A8:1F:98:C2:63:CF:87:CB:42:38:C4:05:0B:CD:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F394
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B17B2FD4C94B11EF9BE4AB97762E951A.roa
Signing time: Thu 02 Jan 2025 20:54:01 +0000
ROA not before: Thu 02 Jan 2025 20:53:57 +0000
ROA not after: Mon 13 Dec 2027 20:53:57 +0000
asID: 17561
IP address blocks: 156.225.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62356 (0xf394)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:53:57 2025 GMT
Not After : Dec 13 20:53:57 2027 GMT
Subject: CN=6776fce9-fe90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a5:61:bf:d7:bc:04:2b:c6:c0:5b:cc:80:82:
b2:39:78:99:a2:0c:84:d8:e2:84:9c:b1:0e:90:21:
1a:35:03:92:4c:48:50:25:fc:77:aa:fb:31:13:72:
f3:0f:f5:8c:2c:e0:b9:56:83:ad:7b:77:c5:5d:7a:
ea:79:3b:c4:49:f3:25:49:87:f0:72:0e:70:89:ea:
4a:d3:4f:ca:9a:c3:7a:e1:ec:0e:23:4b:61:bf:22:
e7:86:fe:6f:71:56:4e:35:86:c2:ae:f7:96:12:c3:
ff:f5:50:4f:b5:fc:9c:e0:9e:2d:f3:a5:e3:00:75:
cb:f3:69:fc:ba:2c:0c:cf:2b:c5:c7:0a:cc:f7:ed:
f4:d3:3d:f8:cf:d8:0e:f5:c1:19:cc:d6:39:8f:42:
d0:71:b2:9a:66:00:56:da:db:1d:12:8a:26:70:9b:
b3:0d:bb:5e:39:3a:f4:f6:8d:18:32:43:84:87:7e:
02:26:b2:ed:a0:63:21:07:59:ef:2f:70:7a:c2:bb:
2e:55:3d:58:5f:b3:3e:c2:69:a8:6f:02:ab:fb:9b:
66:3e:ca:40:b1:fc:a9:d2:da:ee:4d:55:27:7a:0c:
5d:92:54:36:d2:e2:90:f4:dd:17:f1:ae:fc:b0:25:
b0:ac:a2:5f:9a:02:3e:c3:96:3a:c0:30:5c:85:b0:
73:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:03:E1:03:08:A8:1F:98:C2:63:CF:87:CB:42:38:C4:05:0B:CD:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B17B2FD4C94B11EF9BE4AB97762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.161.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:fa:46:0c:7d:47:be:9c:65:cd:a5:52:67:7b:cf:e8:35:00:
ac:80:28:e0:47:9d:12:ee:82:e8:4c:f2:c1:f6:a1:46:3d:78:
f1:52:3d:06:50:da:16:8d:b0:8b:6d:f3:46:86:21:4a:18:e2:
c1:89:2e:74:69:b9:bc:7c:00:0a:ab:09:f6:d8:5e:25:b2:1e:
53:91:b1:17:43:d6:2c:76:e7:d3:bf:04:51:fa:f7:12:b1:7e:
0d:04:41:04:a1:a0:6e:35:7f:9a:64:50:89:7b:1a:bb:7c:d1:
8a:00:b6:2a:b3:1d:53:94:8b:b7:92:32:40:9a:43:1e:1b:bf:
ff:23:11:87:5e:1c:b3:b6:bf:8d:47:e2:72:7b:c5:78:09:d9:
6d:15:6a:a6:93:ae:46:ff:4d:d7:02:9d:fd:35:e0:7a:d5:af:
26:06:79:02:47:6b:71:19:cb:7e:92:49:b3:32:bb:2f:a2:0b:
13:70:3b:27:75:0b:49:ee:fb:de:7a:93:c8:00:1b:04:dd:3f:
90:fa:67:d7:ab:d6:1a:36:00:c7:52:3a:71:c8:8e:f0:ca:88:
4f:9f:cd:8a:46:09:39:66:6f:ca:2f:fc:e6:8b:44:f6:5c:9f:
f1:c4:5e:a0:e1:12:5f:8e:d7:88:3a:6b:9b:6d:ad:30:56:b4:
cb:59:2c:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPOUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjA1MzU3WhcNMjcxMjEzMjA1MzU3WjAYMRYw
FAYDVQQDEw02Nzc2ZmNlOS1mZTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxqVhv9e8BCvGwFvMgIKyOXiZogyE2OKEnLEOkCEaNQOSTEhQJfx3qvsx
E3LzD/WMLOC5VoOte3fFXXrqeTvESfMlSYfwcg5wiepK00/KmsN64ewOI0thvyLn
hv5vcVZONYbCrveWEsP/9VBPtfyc4J4t86XjAHXL82n8uiwMzyvFxwrM9+300z34
z9gO9cEZzNY5j0LQcbKaZgBW2tsdEoomcJuzDbteOTr09o0YMkOEh34CJrLtoGMh
B1nvL3B6wrsuVT1YX7M+wmmobwKr+5tmPspAsfyp0truTVUnegxdklQ20uKQ9N0X
8a78sCWwrKJfmgI+w5Y6wDBchbBzxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFUD
4QMIqB+YwmPPh8tCOMQFC82hMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMTdCMkZENEM5NEIxMUVGOUJFNEFCOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOGhMA0GCSqGSIb3DQEBCwUA
A4IBAQA/+kYMfUe+nGXNpVJne8/oNQCsgCjgR50S7oLoTPLB9qFGPXjxUj0GUNoW
jbCLbfNGhiFKGOLBiS50abm8fAAKqwn22F4lsh5TkbEXQ9YsdufTvwRR+vcSsX4N
BEEEoaBuNX+aZFCJexq7fNGKALYqsx1TlIu3kjJAmkMeG7//IxGHXhyztr+NR+Jy
e8V4CdltFWqmk65G/03XAp39NeB61a8mBnkCR2txGct+kkmzMrsvogsTcDsndQtJ
7vveepPIABsE3T+Q+mfXq9YaNgDHUjpxyI7wyohPn82KRgk5Zm/KL/zmi0T2XJ/x
xF6g4RJfjteIOmubba0wVrTLWSza
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:19 2025 by rpki-client