Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F17D3244CCAC11EFB802C89E762E951A.roa
File: F17D3244CCAC11EFB802C89E762E951A.roa (raw, json)
Hash identifier: elsXVMSJqKZvsO818uqmaZNt/RIDlHCmYvwXQWeLGPk=
Subject key identifier: 17:E9:E1:BF:79:98:EC:51:6B:04:03:7C:99:DB:16:EB:4E:BF:90:8A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9D6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F17D3244CCAC11EFB802C89E762E951A.roa
Signing time: Tue 07 Jan 2025 04:07:43 +0000
ROA not before: Tue 07 Jan 2025 04:07:39 +0000
ROA not after: Sat 13 Dec 2025 04:07:39 +0000
asID: 984
IP address blocks: 156.230.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63958 (0xf9d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:07:39 2025 GMT
Not After : Dec 13 04:07:39 2025 GMT
Subject: CN=677ca88f-3c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:08:57:2c:ab:2c:41:63:c0:8b:0d:fc:5c:a6:
ef:8a:25:47:1f:c4:37:ad:ea:ed:de:2d:b9:61:bb:
12:4e:0f:84:97:5b:ec:8f:3d:50:f7:11:99:0f:11:
65:0f:a5:2b:49:fc:0a:59:0d:0b:83:80:e7:7e:42:
ee:56:c9:35:7b:fb:2a:58:ab:be:a2:e8:c1:c4:f7:
25:84:75:79:12:2f:97:9b:7f:56:cc:ba:9b:9c:9a:
27:d7:6b:1e:dc:05:bd:4a:a0:34:80:9b:13:73:e6:
25:5a:16:9f:77:cf:df:d3:05:2a:0b:01:21:54:8a:
e9:5a:f6:23:7d:46:b5:cf:6a:c6:a2:75:a1:76:05:
69:55:9a:69:e8:6f:50:b4:7e:62:05:8a:b9:46:4b:
ed:26:35:60:b6:29:9b:bd:fd:df:60:46:a3:67:2e:
70:02:f7:b5:9d:fc:0c:68:9d:3f:70:74:28:af:3d:
de:cc:bd:c8:71:b1:43:1d:3b:57:78:26:a5:b3:14:
93:40:53:52:e9:6b:e2:24:66:5b:e1:55:cb:59:3e:
98:f8:6c:4c:b5:68:24:dd:28:41:14:58:2c:f1:d4:
76:9f:54:a0:d5:08:41:3e:49:b6:cf:a7:f3:3c:c0:
ac:ed:d7:b0:99:fa:8b:29:9b:2e:67:b7:4a:10:81:
aa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E9:E1:BF:79:98:EC:51:6B:04:03:7C:99:DB:16:EB:4E:BF:90:8A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F17D3244CCAC11EFB802C89E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.21.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:65:18:08:33:a2:e9:0d:fc:71:ad:a2:2e:e6:7f:21:42:4e:
45:75:89:bd:de:77:74:c4:1c:69:8e:8b:78:47:39:6e:80:94:
bb:e4:bb:0d:47:95:06:5a:e3:13:2f:64:87:23:6f:09:46:d8:
50:18:35:fa:1a:7a:eb:a0:ff:7a:ea:f1:3f:0d:33:44:4f:0f:
6d:30:c0:83:e8:ac:4b:f0:fb:9c:0e:d6:ef:aa:49:3d:66:71:
0e:8a:d5:22:0e:7f:73:8b:11:a5:8d:7d:c1:79:76:b0:47:d9:
58:75:c0:95:ae:ea:06:95:9e:3d:4b:e6:53:03:45:da:00:90:
4e:e7:f1:cd:dc:a4:27:fb:5a:db:d6:de:0f:2c:e0:ef:7b:36:
f9:60:63:23:aa:3c:4b:db:cc:38:14:b2:a6:a4:83:89:e7:02:
e4:91:3a:a2:21:fc:38:b0:a1:d7:9e:78:aa:0f:86:bc:ed:d4:
45:60:8c:37:f4:0f:af:65:fb:d0:e0:b7:46:ff:55:8c:5f:78:
97:18:9b:a2:8e:91:80:9b:fe:79:d4:93:8f:d4:01:cf:fa:84:
35:fc:c2:bb:3d:e2:d9:de:5a:b9:ad:9e:3f:67:80:19:24:bd:
09:45:0f:29:45:64:23:69:2c:e0:01:a0:52:45:68:59:eb:ed:
0a:b7:d1:6a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPnWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQwNzM5WhcNMjUxMjEzMDQwNzM5WjAYMRYw
FAYDVQQDEw02NzdjYTg4Zi0zYzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1whXLKssQWPAiw38XKbviiVHH8Q3rert3i25YbsSTg+El1vsjz1Q9xGZ
DxFlD6UrSfwKWQ0Lg4DnfkLuVsk1e/sqWKu+oujBxPclhHV5Ei+Xm39WzLqbnJon
12se3AW9SqA0gJsTc+YlWhafd8/f0wUqCwEhVIrpWvYjfUa1z2rGonWhdgVpVZpp
6G9QtH5iBYq5RkvtJjVgtimbvf3fYEajZy5wAve1nfwMaJ0/cHQorz3ezL3IcbFD
HTtXeCalsxSTQFNS6WviJGZb4VXLWT6Y+GxMtWgk3ShBFFgs8dR2n1Sg1QhBPkm2
z6fzPMCs7dewmfqLKZsuZ7dKEIGqiQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBfp
4b95mOxRawQDfJnbFutOv5CKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMTdEMzI0NENDQUMxMUVGQjgwMkM4OUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOYVMA0GCSqGSIb3DQEBCwUA
A4IBAQCdZRgIM6LpDfxxraIu5n8hQk5FdYm93nd0xBxpjot4RzlugJS75LsNR5UG
WuMTL2SHI28JRthQGDX6GnrroP966vE/DTNETw9tMMCD6KxL8PucDtbvqkk9ZnEO
itUiDn9zixGljX3BeXawR9lYdcCVruoGlZ49S+ZTA0XaAJBO5/HN3KQn+1rb1t4P
LODvezb5YGMjqjxL28w4FLKmpIOJ5wLkkTqiIfw4sKHXnniqD4a87dRFYIw39A+v
ZfvQ4LdG/1WMX3iXGJuijpGAm/551JOP1AHP+oQ1/MK7PeLZ3lq5rZ4/Z4AZJL0J
RQ8pRWQjaSzgAaBSRWhZ6+0Kt9Fq
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:39 2025 by rpki-client