Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620ACF/08A5FF82C21611EB8AA9356EF8AEA228/459695BAD4DF11EB8D761947F8AEA228.roa
File: 459695BAD4DF11EB8D761947F8AEA228.roa (raw, json)
Hash identifier: V+fApY3tgq+qpHqlmWamZgFjrncOkO2wIFJyIOrmaiA=
Subject key identifier: F2:1E:54:2D:28:B7:C6:65:60:E7:B9:86:20:9D:8C:4A:CA:03:EC:4C
Certificate issuer: /CN=F3620ACFAR/serialNumber=5887700C5F2490F5584382F9E7E7526AD65548B3
Certificate serial: 1E
Authority key identifier: 58:87:70:0C:5F:24:90:F5:58:43:82:F9:E7:E7:52:6A:D6:55:48:B3
Authority info access: rsync://rpki.afrinic.net/repository/arin/WIdwDF8kkPVYQ4L55-dSatZVSLM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/08A5FF82C21611EB8AA9356EF8AEA228/459695BAD4DF11EB8D761947F8AEA228.roa
Signing time: Thu 24 Jun 2021 11:28:18 +0000
ROA not before: Thu 24 Jun 2021 11:28:13 +0000
ROA not after: Wed 30 Apr 2031 11:28:13 +0000
asID: 327750
IP address blocks: 164.160.176.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/08A5FF82C21611EB8AA9356EF8AEA228/WIdwDF8kkPVYQ4L55-dSatZVSLM.crl
rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/08A5FF82C21611EB8AA9356EF8AEA228/WIdwDF8kkPVYQ4L55-dSatZVSLM.mft
rsync://rpki.afrinic.net/repository/arin/WIdwDF8kkPVYQ4L55-dSatZVSLM.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 10 May 2024 00:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3620ACFAR/serialNumber=5887700C5F2490F5584382F9E7E7526AD65548B3
Validity
Not Before: Jun 24 11:28:13 2021 GMT
Not After : Apr 30 11:28:13 2031 GMT
Subject: CN=60d46c51-67ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d6:53:74:34:a2:de:c8:4c:bf:ce:88:a9:91:
e7:a8:34:1a:34:f5:76:5c:a0:c2:f3:88:61:2c:7a:
bb:68:92:9c:ec:a2:c6:6c:9c:75:82:6b:21:e1:73:
3a:d7:7f:e9:40:1b:72:76:2b:2a:a6:f5:4f:84:4c:
3e:85:6d:74:b3:b6:9f:68:72:55:1a:9d:b3:58:c6:
93:06:62:25:d7:03:7a:8a:22:b3:02:c2:c9:7b:ba:
d6:cb:09:b2:6b:fa:f1:12:43:7a:d0:5f:37:80:b2:
0a:7c:dd:6f:e2:19:c7:86:70:13:c7:ed:27:46:64:
88:59:4e:6b:b7:69:b6:a3:59:6f:c8:77:1a:df:d8:
fa:16:0b:fe:bf:af:cb:64:e9:0c:b7:88:00:e4:03:
f1:e5:1f:b3:1e:2c:d6:fb:7d:b6:ec:1a:bf:03:90:
26:6e:d1:cd:24:23:ce:3f:a2:76:1c:3b:6f:ea:c3:
7a:cb:34:24:db:91:97:b1:29:66:e5:a5:cb:f4:fc:
e9:b5:34:48:a0:d4:04:cb:40:a4:75:3d:2c:cd:6e:
2d:3f:8a:83:bc:5f:6d:24:39:6a:99:dc:96:2a:03:
c8:ee:11:24:26:c2:33:44:d5:9d:cc:8b:ac:c0:0e:
f9:ba:09:23:6c:43:97:c5:9b:e5:3c:f0:e3:46:c2:
1b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1E:54:2D:28:B7:C6:65:60:E7:B9:86:20:9D:8C:4A:CA:03:EC:4C
X509v3 Authority Key Identifier:
keyid:58:87:70:0C:5F:24:90:F5:58:43:82:F9:E7:E7:52:6A:D6:55:48:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/08A5FF82C21611EB8AA9356EF8AEA228/WIdwDF8kkPVYQ4L55-dSatZVSLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/WIdwDF8kkPVYQ4L55-dSatZVSLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620ACF/08A5FF82C21611EB8AA9356EF8AEA228/459695BAD4DF11EB8D761947F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
164.160.176.0/21
Signature Algorithm: sha256WithRSAEncryption
42:b1:15:60:90:1c:3c:3b:12:40:73:ad:84:3a:88:bb:8a:6f:
37:62:f7:0a:74:60:17:75:df:ec:d1:d2:34:1a:15:cb:77:5f:
b7:c4:67:b1:28:ab:9d:33:e0:fb:6e:13:63:30:87:bc:aa:ed:
93:31:3b:73:86:1b:ac:ab:4d:a0:2d:99:9c:8f:6a:1f:9b:8a:
46:f6:dc:2d:94:a4:e4:76:1d:4f:46:43:7e:19:08:7a:a1:fd:
f6:0e:ec:cf:d2:65:14:63:07:ea:90:67:03:ed:c6:51:14:6e:
7d:7f:38:fd:2d:21:3a:55:ad:42:54:0b:87:d9:02:69:6e:c4:
c8:a2:79:40:18:02:08:7d:5b:58:2d:27:ef:0d:4a:85:a0:e8:
38:04:f3:3f:fb:73:6f:cd:63:d3:06:d8:ad:88:ec:68:2e:a8:
c2:9f:c7:57:bf:61:c2:98:5c:99:31:a9:3f:aa:1c:2d:70:ab:
e2:20:f8:bf:df:e6:cb:dd:20:19:95:a0:44:3a:cb:27:08:59:
7d:c8:35:a7:11:56:10:06:ce:f8:ec:f9:9e:cd:2b:ba:00:8e:
94:d6:62:3f:a0:d6:b0:69:aa:74:6e:c2:4c:65:c0:53:c3:bd:
92:60:af:f5:1f:d7:b3:a6:ea:48:07:78:a9:53:ef:0f:c2:e4:
17:de:a1:bb
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEFDRkFSMTEwLwYDVQQFEyg1ODg3NzAwQzVGMjQ5MEY1NTg0MzgyRjlFN0U3NTI2
QUQ2NTU0OEIzMB4XDTIxMDYyNDExMjgxM1oXDTMxMDQzMDExMjgxM1owGDEWMBQG
A1UEAxMNNjBkNDZjNTEtNjdlYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOvWU3Q0ot7ITL/OiKmR56g0GjT1dlygwvOIYSx6u2iSnOyixmycdYJrIeFz
Otd/6UAbcnYrKqb1T4RMPoVtdLO2n2hyVRqds1jGkwZiJdcDeooiswLCyXu61ssJ
smv68RJDetBfN4CyCnzdb+IZx4ZwE8ftJ0ZkiFlOa7dptqNZb8h3Gt/Y+hYL/r+v
y2TpDLeIAOQD8eUfsx4s1vt9tuwavwOQJm7RzSQjzj+idhw7b+rDess0JNuRl7Ep
ZuWly/T86bU0SKDUBMtApHU9LM1uLT+Kg7xfbSQ5apnclioDyO4RJCbCM0TVncyL
rMAO+boJI2xDl8Wb5Tzw40bCG3cCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTyHlQt
KLfGZWDnuYYgnYxKygPsTDAfBgNVHSMEGDAWgBRYh3AMXySQ9VhDgvnn51Jq1lVI
szAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBBQ0YvMDhBNUZGODJDMjE2MTFFQjhBQTkzNTZFRjhBRUEyMjgvV0lkd0RG
OGtrUFZZUTRMNTUtZFNhdFpWU0xNLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
V0lkd0RGOGtrUFZZUTRMNTUtZFNhdFpWU0xNLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBBQ0YvMDhBNUZGODJDMjE2MTFFQjhBQTkzNTZFRjhBRUEy
MjgvNDU5Njk1QkFENERGMTFFQjhENzYxOTQ3RjhBRUEyMjgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA6SgsDANBgkqhkiG9w0BAQsFAAOC
AQEAQrEVYJAcPDsSQHOthDqIu4pvN2L3CnRgF3Xf7NHSNBoVy3dft8RnsSirnTPg
+24TYzCHvKrtkzE7c4YbrKtNoC2ZnI9qH5uKRvbcLZSk5HYdT0ZDfhkIeqH99g7s
z9JlFGMH6pBnA+3GURRufX84/S0hOlWtQlQLh9kCaW7EyKJ5QBgCCH1bWC0n7w1K
haDoOATzP/tzb81j0wbYrYjsaC6owp/HV79hwphcmTGpP6ocLXCr4iD4v9/my90g
GZWgRDrLJwhZfcg1pxFWEAbO+Oz5ns0rugCOlNZiP6DWsGmqdG7CTGXAU8O9kmCv
9R/Xs6bqSAd4qVPvD8LkF96huw==
-----END CERTIFICATE-----
Generated at Wed May 8 04:39:24 2024 by rpki-client on console-fra.rpki-client.org