Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CC090902CD9C11EF890D9399762E951A.roa
File: CC090902CD9C11EF890D9399762E951A.roa (raw, json)
Hash identifier: C4balI9enWonYtTPxtmo48eVgCvxj4/uXcOf0OaPEu8=
Subject key identifier: B8:DE:83:3B:19:D9:F0:47:FC:83:6F:41:05:8E:DB:C4:99:A8:51:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010093
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CC090902CD9C11EF890D9399762E951A.roa
Signing time: Wed 08 Jan 2025 08:44:39 +0000
ROA not before: Wed 08 Jan 2025 08:44:36 +0000
ROA not after: Mon 13 Dec 2027 08:44:36 +0000
asID: 17561
IP address blocks: 156.252.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65683 (0x10093)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:44:36 2025 GMT
Not After : Dec 13 08:44:36 2027 GMT
Subject: CN=677e3af7-d8be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f6:53:8c:c4:3e:bd:9a:40:18:95:fc:4f:71:
b1:0d:f4:a8:75:0e:2c:b8:61:90:da:78:77:61:30:
9b:ce:0e:13:bc:2d:22:9f:3d:02:fe:11:30:fe:75:
c0:15:34:47:45:dd:d6:81:08:42:db:b7:87:f1:70:
cf:7b:65:de:05:86:60:3f:54:7f:8a:a7:80:84:16:
c2:74:38:37:44:4c:66:4b:b5:20:4f:31:96:61:6f:
8e:47:94:c5:03:9f:d1:6b:14:37:fc:e6:82:b1:43:
ad:05:28:37:1e:51:fc:38:64:70:7e:a8:89:db:71:
b6:92:47:7c:f7:06:11:08:ef:25:06:f7:39:11:3e:
59:09:bb:80:d2:cc:6d:6d:8c:00:61:eb:21:71:be:
69:fb:92:45:d5:04:be:82:79:f2:64:d0:f0:76:3d:
e3:e8:29:e0:6d:fc:7c:3a:f9:db:1a:56:11:bf:94:
a0:8a:95:95:bc:55:20:4b:61:60:e6:16:89:8b:55:
3c:05:12:1c:b4:17:4c:b2:f0:3b:5b:a4:d8:a7:35:
e8:c2:56:16:65:1d:65:ae:c2:88:06:44:ac:50:4a:
e0:d5:aa:45:4b:85:0f:2b:de:e9:b4:f8:e0:f6:1c:
0d:3a:2c:8b:ce:f1:8d:39:74:09:f1:b7:f7:4c:90:
57:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DE:83:3B:19:D9:F0:47:FC:83:6F:41:05:8E:DB:C4:99:A8:51:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CC090902CD9C11EF890D9399762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.52.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:e1:8c:b5:90:29:7c:88:e2:ba:5e:a1:8f:47:52:66:70:6d:
8a:1c:00:d6:d6:e0:c3:30:40:bf:d0:8a:f5:e3:e6:a2:8c:91:
fd:5a:d0:dd:de:43:42:1d:ff:5c:44:67:ab:d4:63:e8:11:9b:
5a:ce:ab:c9:1e:0c:8b:de:19:79:49:bb:f2:1d:4b:76:bb:fe:
19:a6:7e:ff:77:65:36:a0:a3:fc:11:39:a6:d9:72:ad:05:68:
ce:f3:ac:8b:e2:6b:f8:79:f0:d9:85:61:75:f2:f4:33:15:df:
44:d2:c5:8a:c0:0d:00:9c:5d:da:3c:33:21:2e:50:47:63:64:
88:22:2e:12:26:43:9d:ba:04:de:69:66:59:e8:bb:a7:77:ab:
47:1c:6d:5a:a7:1f:18:f7:bb:74:99:6c:4c:28:0c:a8:73:f1:
8f:d1:ff:ab:0e:e3:72:b7:2d:68:ba:7e:69:21:cb:74:26:c2:
95:1d:5b:d7:67:bc:16:87:65:dc:f2:d6:ad:c4:63:91:8e:8f:
9a:be:4d:87:94:3a:47:f8:b7:9f:cf:a6:05:c4:cf:a6:0a:fa:
19:b3:0c:2d:99:4b:b1:42:d9:ae:61:91:59:20:8f:fb:3a:44:
ba:d0:d7:e7:b5:36:98:99:e4:25:39:6d:05:00:3d:f5:c0:be:
4a:cd:91:c5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQCTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDg0NDM2WhcNMjcxMjEzMDg0NDM2WjAYMRYw
FAYDVQQDEw02NzdlM2FmNy1kOGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1vZTjMQ+vZpAGJX8T3GxDfSodQ4suGGQ2nh3YTCbzg4TvC0inz0C/hEw
/nXAFTRHRd3WgQhC27eH8XDPe2XeBYZgP1R/iqeAhBbCdDg3RExmS7UgTzGWYW+O
R5TFA5/RaxQ3/OaCsUOtBSg3HlH8OGRwfqiJ23G2kkd89wYRCO8lBvc5ET5ZCbuA
0sxtbYwAYeshcb5p+5JF1QS+gnnyZNDwdj3j6Cngbfx8OvnbGlYRv5SgipWVvFUg
S2Fg5haJi1U8BRIctBdMsvA7W6TYpzXowlYWZR1lrsKIBkSsUErg1apFS4UPK97p
tPjg9hwNOiyLzvGNOXQJ8bf3TJBXjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLje
gzsZ2fBH/INvQQWO28SZqFEMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQzA5MDkwMkNEOUMxMUVGODkwRDkzOTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPw0MA0GCSqGSIb3DQEBCwUA
A4IBAQAt4Yy1kCl8iOK6XqGPR1JmcG2KHADW1uDDMEC/0Ir14+aijJH9WtDd3kNC
Hf9cRGer1GPoEZtazqvJHgyL3hl5SbvyHUt2u/4Zpn7/d2U2oKP8ETmm2XKtBWjO
86yL4mv4efDZhWF18vQzFd9E0sWKwA0AnF3aPDMhLlBHY2SIIi4SJkOdugTeaWZZ
6Lund6tHHG1apx8Y97t0mWxMKAyoc/GP0f+rDuNyty1oun5pIct0JsKVHVvXZ7wW
h2Xc8tatxGORjo+avk2HlDpH+Lefz6YFxM+mCvoZswwtmUuxQtmuYZFZII/7OkS6
0NfntTaYmeQlOW0FAD31wL5KzZHF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:03 2025 by rpki-client