Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/0D23231C5DE811EE82DAE2344AD9E6FC.roa
File: 0D23231C5DE811EE82DAE2344AD9E6FC.roa (raw, json)
Hash identifier: zJ3tchKMFTgctg2VaiiLRlAXwgmse6m7fI7SeVD5lxI=
Subject key identifier: 70:6A:12:81:48:DD:97:EF:E6:6D:10:2B:CA:B2:20:77:7A:B3:3D:FD
Certificate issuer: /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial: 0C35
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access: rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/0D23231C5DE811EE82DAE2344AD9E6FC.roa
Signing time: Thu 28 Sep 2023 10:16:13 +0000
ROA not before: Thu 28 Sep 2023 10:16:10 +0000
ROA not after: Fri 28 Sep 2029 10:16:10 +0000
asID: 207990
IP address blocks: 161.123.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.mft
rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 26 May 2024 00:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3125 (0xc35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Validity
Not Before: Sep 28 10:16:10 2023 GMT
Not After : Sep 28 10:16:10 2029 GMT
Subject: CN=6515526d-399b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2e:85:70:55:4c:46:e1:4e:33:84:6e:31:14:
05:a8:dc:ee:44:76:49:0f:be:64:db:61:83:6f:64:
7f:b8:0f:61:fb:f7:eb:20:db:e9:77:f8:76:78:cc:
24:a6:33:c7:bc:be:db:91:92:0e:13:15:4b:f7:fa:
7d:b7:b2:a0:c8:7c:8f:64:cc:e2:24:98:12:2c:df:
15:0c:9b:46:80:2d:78:7f:60:f9:53:6b:c5:3f:fd:
45:08:d6:e3:37:1e:6e:d6:44:ec:fc:a4:d6:c9:a3:
6f:18:b0:9c:5e:10:60:14:b1:0f:87:d7:aa:1f:ea:
e0:6a:55:db:39:80:b2:b5:f4:71:2b:d1:4b:80:7e:
e2:6c:0f:40:c3:b0:a1:ef:8f:72:d8:eb:9a:dd:55:
8a:a7:d9:1e:73:a8:d6:0e:a8:1a:cc:50:de:c8:32:
1a:56:37:67:d6:6a:6e:ad:93:b9:39:2a:30:1a:ee:
73:5e:05:41:a9:9c:3e:ef:84:81:19:91:83:99:0c:
75:76:66:88:2b:e6:f8:48:b1:b8:c6:6d:26:57:f3:
09:f4:6b:a2:46:32:80:d7:3c:d8:26:90:04:16:69:
be:c7:18:01:27:f6:f7:83:99:c5:87:72:36:a1:39:
f7:9c:66:85:21:9b:c2:a3:0d:ac:a4:d1:0a:a1:32:
8f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6A:12:81:48:DD:97:EF:E6:6D:10:2B:CA:B2:20:77:7A:B3:3D:FD
X509v3 Authority Key Identifier:
keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/0D23231C5DE811EE82DAE2344AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.123.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:81:a6:dc:46:c1:ed:03:19:47:e2:a9:12:f0:fd:a4:c8:8c:
78:18:23:c9:01:04:a8:53:87:8e:e3:bb:12:48:b9:31:d1:55:
d0:8e:97:c8:dd:81:62:8b:34:42:3c:51:6e:68:cd:81:a8:31:
34:5e:39:34:0b:7e:2a:ae:33:d9:21:8d:b1:10:a7:33:89:06:
a0:c4:5b:b8:de:23:b8:71:ac:19:9f:45:c5:64:9e:cf:72:0a:
ba:8b:1b:9d:17:bc:98:66:ae:fd:13:aa:3e:0e:08:d6:3f:9f:
7a:18:64:90:91:74:85:70:07:18:10:db:3a:06:11:38:8a:c5:
e8:64:57:da:ff:d9:bb:10:f3:2f:49:19:17:45:2e:81:28:e3:
ce:21:28:74:38:55:14:58:6b:f0:d4:77:67:62:f4:e4:5d:0b:
d8:c8:6c:af:22:4f:29:05:f6:e5:44:d0:73:8e:cd:d2:95:90:
f3:09:33:24:ea:4c:80:ee:77:26:4e:66:6e:26:39:57:98:51:
af:6c:3b:1e:94:7c:a0:c8:0c:d2:05:ca:4a:12:c4:12:b3:a4:
f8:8f:c8:6e:a3:b4:7e:66:da:62:fb:85:cb:ca:59:86:d2:66:
80:6f:b1:d9:61:a5:81:f0:38:f0:3b:47:f4:ce:75:4e:5c:b3:
b9:a0:ac:01
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICDDUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yMzA5MjgxMDE2MTBaFw0yOTA5MjgxMDE2MTBaMBgxFjAU
BgNVBAMTDTY1MTU1MjZkLTM5OWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLLoVwVUxG4U4zhG4xFAWo3O5EdkkPvmTbYYNvZH+4D2H79+sg2+l3+HZ4
zCSmM8e8vtuRkg4TFUv3+n23sqDIfI9kzOIkmBIs3xUMm0aALXh/YPlTa8U//UUI
1uM3Hm7WROz8pNbJo28YsJxeEGAUsQ+H16of6uBqVds5gLK19HEr0UuAfuJsD0DD
sKHvj3LY65rdVYqn2R5zqNYOqBrMUN7IMhpWN2fWam6tk7k5KjAa7nNeBUGpnD7v
hIEZkYOZDHV2Zogr5vhIsbjGbSZX8wn0a6JGMoDXPNgmkAQWab7HGAEn9veDmcWH
cjahOfecZoUhm8KjDayk0QqhMo9VAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUcGoS
gUjdl+/mbRAryrIgd3qzPf0wHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4LzBEMjMyMzFDNURFODExRUU4MkRBRTIzNDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwChezANBgkqhkiG9w0BAQsFAAOC
AQEAR4Gm3EbB7QMZR+KpEvD9pMiMeBgjyQEEqFOHjuO7Eki5MdFV0I6XyN2BYos0
QjxRbmjNgagxNF45NAt+Kq4z2SGNsRCnM4kGoMRbuN4juHGsGZ9FxWSez3IKuosb
nRe8mGau/ROqPg4I1j+fehhkkJF0hXAHGBDbOgYROIrF6GRX2v/ZuxDzL0kZF0Uu
gSjjziEodDhVFFhr8NR3Z2L05F0L2MhsryJPKQX25UTQc47N0pWQ8wkzJOpMgO53
Jk5mbiY5V5hRr2w7HpR8oMgM0gXKShLEErOk+I/IbqO0fmbaYvuFy8pZhtJmgG+x
2WGlgfA48DtH9M51TlyzuaCsAQ==
-----END CERTIFICATE-----
Generated at Fri May 24 02:53:22 2024 by rpki-client on console-fra.rpki-client.org