Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/3B9D9E50E6CA11EEBC48C86B775412E6.roa
File: 3B9D9E50E6CA11EEBC48C86B775412E6.roa (raw, json)
Hash identifier: Ultalc+IDJVS6axkzl0OVkPmUvJxwRM5q+FJ+Msrkmo=
Subject key identifier: 0A:8E:B0:E5:2A:5A:DC:42:30:F5:15:76:EA:90:2F:DA:27:FC:09:45
Certificate issuer: /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial: 0D66
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access: rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/3B9D9E50E6CA11EEBC48C86B775412E6.roa
Signing time: Wed 20 Mar 2024 14:57:55 +0000
ROA not before: Wed 20 Mar 2024 14:57:52 +0000
ROA not after: Sun 21 Apr 2024 14:57:52 +0000
asID: 197962
IP address blocks: 161.123.0.0/16 maxlen: 20
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.mft
rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 21 Apr 2024 14:57:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3430 (0xd66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Validity
Not Before: Mar 20 14:57:52 2024 GMT
Not After : Apr 21 14:57:52 2024 GMT
Subject: CN=65faf973-37fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:94:2e:fb:52:f5:f9:45:42:a7:1a:d5:91:37:
42:b9:ff:1a:14:da:6d:75:26:d8:37:07:1f:3d:79:
b2:e2:8b:69:d7:1f:e5:da:f1:09:52:3f:38:9c:7a:
3d:75:42:0d:51:c8:30:f0:dc:f4:83:a9:29:94:50:
f3:86:f1:b1:d9:11:40:cf:cb:e5:26:df:9b:4c:63:
6f:61:53:16:91:31:0f:e5:68:52:fd:9c:e9:8a:7e:
03:4a:68:2f:14:2e:d1:ba:0d:83:bd:9d:97:06:fd:
77:ac:5d:27:cd:4e:54:70:9e:88:f2:d9:9e:f2:8c:
c2:a8:8a:00:9c:56:fe:8c:9a:91:a3:68:2c:80:c5:
85:3f:df:9a:65:60:6e:42:33:69:63:95:f2:84:5c:
17:7c:2b:9a:c4:76:d6:fa:30:03:fa:de:c3:97:5d:
36:a2:4c:7c:2a:d3:d3:de:e3:c6:f6:1c:8b:54:3d:
73:b6:86:df:8b:99:87:77:5c:3b:29:ba:bb:85:4d:
c3:8b:a8:68:df:a2:22:ff:e6:a3:56:75:5d:53:a7:
31:c0:4d:b6:5b:92:84:f5:fa:95:3f:22:95:1c:65:
c1:f8:70:6c:c1:fa:9a:1c:51:9f:08:9a:01:3f:0f:
81:7c:ec:1a:d6:c5:e9:69:6e:f2:79:cc:5a:38:9a:
f1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:8E:B0:E5:2A:5A:DC:42:30:F5:15:76:EA:90:2F:DA:27:FC:09:45
X509v3 Authority Key Identifier:
keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/3B9D9E50E6CA11EEBC48C86B775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.123.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:2f:85:7c:ec:c1:0d:6c:6e:eb:ff:52:a8:27:01:c4:3b:f3:
57:10:f6:7a:8b:20:b7:46:e4:73:5d:64:b9:7d:ef:71:1d:14:
73:0a:3b:2e:86:d1:bb:ea:9d:d2:60:78:ed:1f:cb:e6:a5:23:
43:70:85:4a:17:c5:16:ff:d2:f6:da:6c:db:4b:a1:e0:b8:e7:
44:61:b4:ae:4f:e0:11:0e:75:f3:d7:ce:ce:54:46:a7:84:5e:
a4:6f:87:92:35:b9:4a:7f:2e:18:7f:dd:ad:b2:4c:23:d1:21:
c5:81:7e:12:5b:a8:0b:33:1a:ae:ed:6f:d0:da:ed:61:38:ff:
e4:73:84:41:40:a4:60:07:df:6c:c6:11:58:cb:e6:8b:43:df:
e5:ae:ea:c3:c1:4a:e1:f9:58:81:df:de:81:29:03:f9:68:a6:
7d:d9:b4:b2:c6:cd:cb:9f:d9:85:dd:c3:ef:ba:3e:23:6e:bb:
3b:0e:1a:b3:bb:eb:dd:d6:40:17:97:74:83:d9:a3:08:5f:f2:
51:5a:7e:54:fb:ff:63:f1:59:4a:92:4d:0b:03:db:44:25:47:
4a:a5:49:b4:41:73:d1:c5:cc:72:72:c2:fe:7d:44:b8:cd:2e:
ae:ec:0f:58:7a:66:04:9a:83:fa:49:53:14:e4:9c:59:6c:f5:
6c:3b:55:24
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICDWYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yNDAzMjAxNDU3NTJaFw0yNDA0MjExNDU3NTJaMBgxFjAU
BgNVBAMTDTY1ZmFmOTczLTM3ZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6lC77UvX5RUKnGtWRN0K5/xoU2m11Jtg3Bx89ebLii2nXH+Xa8QlSPzic
ej11Qg1RyDDw3PSDqSmUUPOG8bHZEUDPy+Um35tMY29hUxaRMQ/laFL9nOmKfgNK
aC8ULtG6DYO9nZcG/XesXSfNTlRwnojy2Z7yjMKoigCcVv6MmpGjaCyAxYU/35pl
YG5CM2ljlfKEXBd8K5rEdtb6MAP63sOXXTaiTHwq09Pe48b2HItUPXO2ht+LmYd3
XDspuruFTcOLqGjfoiL/5qNWdV1TpzHATbZbkoT1+pU/IpUcZcH4cGzB+pocUZ8I
mgE/D4F87BrWxelpbvJ5zFo4mvFdAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUCo6w
5Spa3EIw9RV26pAv2if8CUUwHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4LzNCOUQ5RTUwRTZDQTExRUVCQzQ4Qzg2Qjc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwChezANBgkqhkiG9w0BAQsFAAOC
AQEATC+FfOzBDWxu6/9SqCcBxDvzVxD2eosgt0bkc11kuX3vcR0Ucwo7LobRu+qd
0mB47R/L5qUjQ3CFShfFFv/S9tps20uh4LjnRGG0rk/gEQ5189fOzlRGp4RepG+H
kjW5Sn8uGH/drbJMI9EhxYF+EluoCzMaru1v0NrtYTj/5HOEQUCkYAffbMYRWMvm
i0Pf5a7qw8FK4flYgd/egSkD+Wimfdm0ssbNy5/Zhd3D77o+I267Ow4as7vr3dZA
F5d0g9mjCF/yUVp+VPv/Y/FZSpJNCwPbRCVHSqVJtEFz0cXMcnLC/n1EuM0uruwP
WHpmBJqD+klTFOScWWz1bDtVJA==
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:30:41 2024 by rpki-client on console-fra.rpki-client.org