Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/3AF0BBBC404A11EE8F988C3B4AD9E6FC.roa
File: 3AF0BBBC404A11EE8F988C3B4AD9E6FC.roa (raw, json)
Hash identifier: HSaGlxWInYZulBjBtaEBor5YxxcqJz7nGewzElqXulw=
Subject key identifier: 11:BC:43:5B:9F:FD:8D:24:92:C4:1E:11:AE:5C:7B:66:8A:E1:A8:2A
Certificate issuer: /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial: 0BB3
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access: rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/3AF0BBBC404A11EE8F988C3B4AD9E6FC.roa
Signing time: Mon 21 Aug 2023 17:43:26 +0000
ROA not before: Mon 21 Aug 2023 17:43:21 +0000
ROA not after: Wed 21 Aug 2024 17:43:21 +0000
asID: 207990
IP address blocks: 161.123.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.mft
rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 May 2024 00:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2995 (0xbb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Validity
Not Before: Aug 21 17:43:21 2023 GMT
Not After : Aug 21 17:43:21 2024 GMT
Subject: CN=64e3a23d-ca03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:46:34:a6:7d:31:2d:06:04:46:15:0d:76:36:
bb:8c:7f:f0:1c:be:6d:9f:1d:da:91:92:b2:31:8b:
e8:d4:7d:ec:0d:52:c5:26:a2:54:de:1b:46:6a:71:
a1:4e:84:16:70:e0:19:dd:34:eb:82:ba:8a:99:09:
ed:96:be:f7:78:96:2e:c7:b6:db:f7:00:c1:2f:30:
d6:16:81:e9:b9:9a:95:bb:2d:55:68:b5:45:d1:bf:
41:c4:6d:c2:57:21:0b:45:a3:06:1f:db:33:6e:82:
3c:8a:38:51:fb:91:00:4e:2f:0d:3b:04:f6:61:aa:
85:2a:65:b5:74:06:4a:cd:66:34:13:c3:cc:00:ad:
82:93:f3:f0:27:3b:68:b5:ac:97:8c:98:48:66:87:
a9:28:5f:1b:d7:27:44:6d:1d:b3:c7:0a:88:f7:76:
35:c4:5e:22:49:a8:5e:84:b2:07:12:18:cb:c7:17:
66:85:af:b9:d1:95:bc:4d:1d:7c:47:6b:58:19:4e:
be:53:cf:e8:00:a7:6c:b8:66:59:3b:e5:48:e7:f8:
8a:46:23:03:46:f2:07:d5:60:34:29:3e:69:68:be:
48:fb:47:e8:e9:11:58:58:cd:45:f6:dc:e5:75:7b:
1c:5a:86:96:a2:4b:4b:60:9c:ec:b3:e4:c0:e6:01:
8e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:BC:43:5B:9F:FD:8D:24:92:C4:1E:11:AE:5C:7B:66:8A:E1:A8:2A
X509v3 Authority Key Identifier:
keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/3AF0BBBC404A11EE8F988C3B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.123.120.0/21
Signature Algorithm: sha256WithRSAEncryption
0d:49:97:0f:4d:e0:c3:a8:e6:42:a4:fd:ee:6a:ed:1f:6a:d0:
68:45:5c:2b:db:02:83:97:49:19:a6:2c:32:b1:f3:cb:73:41:
21:86:32:f3:4f:89:da:07:28:49:8d:66:0c:b0:3c:4c:fd:05:
d9:15:b6:f5:3b:87:d3:d6:a2:4a:d7:23:e6:be:d8:97:cf:5c:
0d:52:6a:fc:24:9a:9d:6c:01:3f:41:01:35:7e:62:fe:d7:7d:
3a:84:b9:fb:eb:1e:34:f0:e5:d8:2e:cd:f5:0b:ec:e8:07:67:
c9:e5:de:14:de:76:d3:62:c9:d9:0d:88:03:71:34:a0:32:f0:
7f:2a:99:41:c1:69:9a:12:2c:22:a3:5b:9e:e8:c8:62:e9:df:
3d:75:50:3e:71:73:bd:9f:d8:21:92:3c:bf:39:bf:67:de:a2:
4a:77:1c:96:78:9c:df:31:80:d6:42:0a:66:02:ac:9f:e5:68:
28:17:f4:d1:3d:55:37:71:ab:e8:86:bc:8e:05:fa:75:50:12:
03:87:cc:f4:0a:3f:dd:17:20:4a:ba:2e:db:3c:b1:1e:2f:3b:
33:98:33:fd:e3:30:46:b2:25:b1:5c:dc:7b:bc:c8:96:ef:7d:
43:56:ae:b2:a5:69:df:4c:27:5a:d3:da:53:28:29:7c:da:61:
38:2e:c8:2f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC7MwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yMzA4MjExNzQzMjFaFw0yNDA4MjExNzQzMjFaMBgxFjAU
BgNVBAMTDTY0ZTNhMjNkLWNhMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8RjSmfTEtBgRGFQ12NruMf/Acvm2fHdqRkrIxi+jUfewNUsUmolTeG0Zq
caFOhBZw4BndNOuCuoqZCe2Wvvd4li7Httv3AMEvMNYWgem5mpW7LVVotUXRv0HE
bcJXIQtFowYf2zNugjyKOFH7kQBOLw07BPZhqoUqZbV0BkrNZjQTw8wArYKT8/An
O2i1rJeMmEhmh6koXxvXJ0RtHbPHCoj3djXEXiJJqF6EsgcSGMvHF2aFr7nRlbxN
HXxHa1gZTr5Tz+gAp2y4Zlk75Ujn+IpGIwNG8gfVYDQpPmlovkj7R+jpEVhYzUX2
3OV1exxahpaiS0tgnOyz5MDmAY6PAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUEbxD
W5/9jSSSxB4Rrlx7ZorhqCowHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4LzNBRjBCQkJDNDA0QTExRUU4Rjk4OEMzQjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOhe3gwDQYJKoZIhvcNAQELBQAD
ggEBAA1Jlw9N4MOo5kKk/e5q7R9q0GhFXCvbAoOXSRmmLDKx88tzQSGGMvNPidoH
KEmNZgywPEz9BdkVtvU7h9PWokrXI+a+2JfPXA1Savwkmp1sAT9BATV+Yv7XfTqE
ufvrHjTw5dguzfUL7OgHZ8nl3hTedtNiydkNiANxNKAy8H8qmUHBaZoSLCKjW57o
yGLp3z11UD5xc72f2CGSPL85v2feokp3HJZ4nN8xgNZCCmYCrJ/laCgX9NE9VTdx
q+iGvI4F+nVQEgOHzPQKP90XIEq6Lts8sR4vOzOYM/3jMEayJbFc3Hu8yJbvfUNW
rrKlad9MJ1rT2lMoKXzaYTguyC8=
-----END CERTIFICATE-----
Generated at Sat May 18 03:49:28 2024 by rpki-client on console-fra.rpki-client.org