Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCB37506D2EA11EFA342E1BC762E951A.roa
File: CCB37506D2EA11EFA342E1BC762E951A.roa (raw, json)
Hash identifier: dYOCWut6hXmO0iSEWN5PtHzKuYQ15VEEoSks8eAgvvw=
Subject key identifier: 45:57:26:65:F3:AC:4D:6F:A6:08:C1:DE:68:E7:98:4B:6E:83:8A:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010755
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCB37506D2EA11EFA342E1BC762E951A.roa
Signing time: Wed 15 Jan 2025 02:45:37 +0000
ROA not before: Wed 15 Jan 2025 02:45:33 +0000
ROA not after: Mon 03 Jan 2028 02:45:33 +0000
asID: 17561
IP address blocks: 156.232.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67413 (0x10755)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 02:45:33 2025 GMT
Not After : Jan 3 02:45:33 2028 GMT
Subject: CN=67872151-0564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:03:10:a4:31:20:10:b8:95:9f:2f:8b:88:82:
a5:51:b9:9d:8e:a4:61:dc:fb:f5:05:e4:31:54:80:
a7:d3:75:b5:e3:7c:b1:d8:64:9b:74:83:47:e4:c6:
83:2a:cb:87:7e:e0:cf:ee:19:cd:03:fc:8d:69:9a:
9e:31:a2:5a:34:c1:e7:a8:2e:f1:3d:aa:12:dd:10:
7a:78:c8:5e:dc:d3:75:4c:6d:7a:4a:75:61:be:31:
57:54:00:bb:ac:1a:c5:4e:bb:b0:58:44:4b:9b:f2:
a5:bf:0e:fe:4f:86:a3:ec:a8:b8:de:aa:c4:48:98:
02:5a:01:f5:d8:a9:bf:62:5f:a4:7d:ff:89:ba:22:
7e:dd:3d:de:c4:8a:42:24:8c:db:5a:ef:29:5a:28:
c3:5e:31:05:d5:1b:fd:e3:71:4e:ca:e1:a7:ac:2f:
b0:8c:1f:40:0a:8f:d7:fe:3a:d5:62:16:a0:3e:5e:
b4:d6:32:9d:61:97:cc:5f:b0:79:a8:7f:46:dd:ae:
92:5a:46:b4:3c:58:71:8a:89:10:9f:d8:07:20:1c:
32:aa:b3:b4:e4:f3:99:c3:f8:eb:64:1b:08:e7:fb:
a6:7d:6b:8c:3d:d3:30:5f:b4:aa:c8:6b:4b:aa:b9:
70:62:dd:7f:ce:da:9c:80:65:ff:fb:7a:a6:c2:6b:
b5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:57:26:65:F3:AC:4D:6F:A6:08:C1:DE:68:E7:98:4B:6E:83:8A:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCB37506D2EA11EFA342E1BC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.2.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:61:b2:14:12:65:99:5f:a0:bd:cf:95:be:99:31:c2:b5:d6:
98:c3:1a:d0:75:a9:a9:5e:e9:cd:4b:b0:d0:06:3e:90:58:b4:
7d:82:7d:75:94:82:f2:a1:7b:1f:ca:9f:c5:f2:04:00:12:65:
8b:63:fc:56:32:f0:c7:4e:df:09:fe:0e:58:58:10:b6:8b:2d:
57:16:ab:9c:1f:6b:da:f1:b6:08:90:cc:d5:a8:fc:e8:a3:b3:
56:6d:dc:d6:63:ac:c8:ba:2c:be:48:09:5d:ed:18:b2:f8:fa:
03:bc:5e:2d:a2:19:d2:ae:62:0c:6f:9a:2f:e2:10:6a:76:c2:
4c:4d:5d:c9:b1:db:a0:59:53:ac:64:15:03:62:61:86:b6:c5:
e5:1e:09:b4:d7:91:6e:a7:e6:34:d4:0d:2f:ee:18:b4:73:18:
f2:43:26:0e:09:8a:78:e6:fc:d2:76:61:8e:ef:74:8c:be:2f:
7d:9a:e9:65:63:ac:cf:5b:57:b5:e4:c2:12:98:ac:a4:9e:8f:
48:84:b5:aa:d4:9d:48:90:6e:0e:00:15:6a:8c:9b:05:3c:64:
3e:fa:e0:c9:eb:df:6a:35:e5:ed:4c:30:24:45:a8:25:d8:1b:
4c:00:17:c1:d1:3e:42:95:a1:7a:d0:39:fe:5e:37:82:09:2d:
7d:91:f2:aa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQdVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDI0NTMzWhcNMjgwMTAzMDI0NTMzWjAYMRYw
FAYDVQQDEw02Nzg3MjE1MS0wNTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwgMQpDEgELiVny+LiIKlUbmdjqRh3Pv1BeQxVICn03W143yx2GSbdINH
5MaDKsuHfuDP7hnNA/yNaZqeMaJaNMHnqC7xPaoS3RB6eMhe3NN1TG16SnVhvjFX
VAC7rBrFTruwWERLm/Klvw7+T4aj7Ki43qrESJgCWgH12Km/Yl+kff+JuiJ+3T3e
xIpCJIzbWu8pWijDXjEF1Rv943FOyuGnrC+wjB9ACo/X/jrVYhagPl601jKdYZfM
X7B5qH9G3a6SWka0PFhxiokQn9gHIBwyqrO05POZw/jrZBsI5/umfWuMPdMwX7Sq
yGtLqrlwYt1/ztqcgGX/+3qmwmu13wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEVX
JmXzrE1vpgjB3mjnmEtug4qnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQ0IzNzUwNkQyRUExMUVGQTM0MkUxQkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOgCMA0GCSqGSIb3DQEBCwUA
A4IBAQC3YbIUEmWZX6C9z5W+mTHCtdaYwxrQdampXunNS7DQBj6QWLR9gn11lILy
oXsfyp/F8gQAEmWLY/xWMvDHTt8J/g5YWBC2iy1XFqucH2va8bYIkMzVqPzoo7NW
bdzWY6zIuiy+SAld7Riy+PoDvF4tohnSrmIMb5ov4hBqdsJMTV3JsdugWVOsZBUD
YmGGtsXlHgm015Fup+Y01A0v7hi0cxjyQyYOCYp45vzSdmGO73SMvi99mullY6zP
W1e15MISmKykno9IhLWq1J1IkG4OABVqjJsFPGQ++uDJ699qNeXtTDAkRagl2BtM
ABfB0T5ClaF60Dn+XjeCCS19kfKq
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:36 2025 by rpki-client