Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CC2188AA329211F09F673ACADAE4EC9C.roa
File: CC2188AA329211F09F673ACADAE4EC9C.roa (raw, json)
Hash identifier: Aa6x42XO0XBYsGYye4hI6NB6eTUtH05TaqKNeubIZwQ=
Subject key identifier: FF:FC:F6:D5:67:51:BE:F4:38:24:CC:BA:BD:3B:11:CC:1F:92:2E:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015530
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CC2188AA329211F09F673ACADAE4EC9C.roa
Signing time: Fri 16 May 2025 20:17:32 +0000
ROA not before: Fri 16 May 2025 20:17:28 +0000
ROA not after: Sat 05 Jul 2025 20:17:28 +0000
asID: 398993
IP address blocks: 156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87344 (0x15530)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 16 20:17:28 2025 GMT
Not After : Jul 5 20:17:28 2025 GMT
Subject: CN=68279d5c-cc40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:16:87:ba:2f:a6:a7:d5:89:21:96:fc:c7:01:
69:d8:c5:6b:62:6f:37:a6:90:15:08:bb:06:70:c5:
e9:28:59:ae:62:9f:92:1e:ea:13:65:65:f6:2f:e7:
3a:a4:96:79:f9:30:b7:99:b3:67:72:f6:42:8d:42:
50:e3:46:81:80:bc:84:70:a3:fc:b9:ad:4c:a1:85:
e4:08:fc:0f:dd:14:1c:7d:46:33:f4:fc:ce:f1:a5:
74:f7:a0:01:49:eb:b0:5c:3e:b9:f3:31:5b:6d:f1:
0d:0b:75:e4:25:54:de:92:91:5e:e8:10:d1:b0:f2:
8f:0c:65:9e:4d:78:7d:c0:aa:eb:72:79:56:92:3b:
e0:ef:92:fc:7e:38:43:ba:1e:c2:ef:ea:f0:fb:a9:
a6:59:d0:c3:54:6f:0f:ac:2d:d6:52:13:49:8c:88:
dc:6e:96:5a:1e:15:13:ea:de:4d:bc:3d:95:a8:cf:
68:41:6d:28:4c:06:af:80:ce:07:43:6b:4f:8f:51:
10:ba:ac:de:66:85:7b:8a:29:e4:a7:cb:0b:d6:ca:
5f:4b:6c:84:0d:1e:7a:a9:69:6c:e4:1e:1e:08:a6:
a6:c6:9b:43:14:80:09:7a:45:80:95:70:e3:63:c5:
a5:23:99:35:9e:0f:18:ac:b6:68:64:ae:56:18:f7:
d9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:FC:F6:D5:67:51:BE:F4:38:24:CC:BA:BD:3B:11:CC:1F:92:2E:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CC2188AA329211F09F673ACADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0-156.229.223.255
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
20:e7:f4:53:7c:a1:58:68:db:65:e5:ac:d6:8b:46:71:96:42:
8b:f3:79:8c:e9:53:5a:ca:f1:de:9e:9e:77:13:84:f2:e8:52:
0b:f5:43:bc:8a:63:da:b9:16:06:51:b4:19:ed:f8:12:5c:8c:
29:68:9d:e0:08:72:f1:46:0e:77:bb:2e:af:3e:ba:07:bb:39:
63:9f:79:24:dd:f4:0e:26:d4:9c:38:e6:b4:4e:4f:1c:1c:fa:
de:42:fc:eb:ec:88:d1:cd:29:ad:f2:7e:03:47:fb:75:32:bf:
ed:04:ff:df:ad:41:b2:ea:a4:db:1e:fe:ec:05:e2:38:ca:52:
70:3c:1f:c0:57:c8:71:b1:65:81:3b:1b:a5:fa:9a:ee:b9:11:
65:cb:d1:98:e1:8e:3c:83:cc:c0:c7:95:60:b8:f4:63:c6:fd:
4e:ef:4b:f1:2f:5a:f7:97:74:3b:da:04:18:42:d5:81:2d:0e:
f5:91:77:e3:8a:ae:4c:71:d9:c0:42:cb:c7:b6:4a:41:24:3f:
b9:89:7c:bf:69:c7:a6:f9:cf:d4:9a:93:1e:07:11:d9:fe:cf:
c5:2a:7f:82:05:6d:0e:d2:2e:92:a7:c1:ea:c9:84:c7:c0:ac:
6b:2a:63:e1:5a:cf:0b:1c:37:f4:1a:47:79:d7:0c:f1:2c:58:
1d:ff:5f:48
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAVUwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE2MjAxNzI4WhcNMjUwNzA1MjAxNzI4WjAYMRYw
FAYDVQQDEw02ODI3OWQ1Yy1jYzQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+haHui+mp9WJIZb8xwFp2MVrYm83ppAVCLsGcMXpKFmuYp+SHuoTZWX2
L+c6pJZ5+TC3mbNncvZCjUJQ40aBgLyEcKP8ua1MoYXkCPwP3RQcfUYz9PzO8aV0
96ABSeuwXD658zFbbfENC3XkJVTekpFe6BDRsPKPDGWeTXh9wKrrcnlWkjvg75L8
fjhDuh7C7+rw+6mmWdDDVG8PrC3WUhNJjIjcbpZaHhUT6t5NvD2VqM9oQW0oTAav
gM4HQ2tPj1EQuqzeZoV7iinkp8sL1spfS2yEDR56qWls5B4eCKamxptDFIAJekWA
lXDjY8WlI5k1ng8YrLZoZK5WGPfZywIDAQABo4ICuDCCArQwHQYDVR0OBBYEFP/8
9tVnUb70OCTMur07Ecwfki5KMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQzIxODhBQTMyOTIxMUYwOUY2NzNBQ0FEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBASc5bADBAWc5cAwDAMEBJz8
kAMEBJz8oDANBgkqhkiG9w0BAQsFAAOCAQEAIOf0U3yhWGjbZeWs1otGcZZCi/N5
jOlTWsrx3p6edxOE8uhSC/VDvIpj2rkWBlG0Ge34ElyMKWid4Ahy8UYOd7surz66
B7s5Y595JN30DibUnDjmtE5PHBz63kL86+yI0c0prfJ+A0f7dTK/7QT/361Bsuqk
2x7+7AXiOMpScDwfwFfIcbFlgTsbpfqa7rkRZcvRmOGOPIPMwMeVYLj0Y8b9Tu9L
8S9a95d0O9oEGELVgS0O9ZF344quTHHZwELLx7ZKQSQ/uYl8v2nHpvnP1JqTHgcR
2f7PxSp/ggVtDtIukqfB6smEx8Csaypj4VrPCxw39BpHedcM8SxYHf9fSA==
-----END CERTIFICATE-----
Generated at Thu Jun 5 01:54:27 2025 by rpki-client