Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/0DFD9136052911EEA012AC454AD9E6FC.roa
File: 0DFD9136052911EEA012AC454AD9E6FC.roa (raw, json)
Hash identifier: 5OeBbRJHEVwQHYMsMh21oaZGcRQ6CIkyxW4B3TZM+Y0=
Subject key identifier: FB:11:11:96:2A:3B:9A:6D:1F:06:A9:6E:A6:56:D2:0B:87:47:70:1F
Certificate issuer: /CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Certificate serial: 18
Authority key identifier: AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
Authority info access: rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/0DFD9136052911EEA012AC454AD9E6FC.roa
Signing time: Wed 07 Jun 2023 11:47:18 +0000
ROA not before: Wed 07 Jun 2023 11:47:14 +0000
ROA not after: Mon 30 Jun 2025 11:47:14 +0000
asID: 37463
IP address blocks: 160.113.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.mft
rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 18 Jun 2024 00:16:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24 (0x18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Validity
Not Before: Jun 7 11:47:14 2023 GMT
Not After : Jun 30 11:47:14 2025 GMT
Subject: CN=64806e46-d382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:88:a8:94:65:a5:a7:3f:a6:c6:fd:9d:d7:de:
1e:e7:da:51:b1:4b:62:d7:aa:c6:b7:67:2f:88:b5:
ae:6f:1f:60:14:68:52:b1:fc:88:ba:79:6d:da:79:
46:9d:20:25:3b:40:7e:8b:45:52:8f:e9:1c:59:79:
bc:2c:6b:fb:29:7b:63:eb:e1:06:a6:e8:e1:ae:fb:
57:da:e2:4e:db:20:84:c7:d1:3c:34:db:c6:d6:85:
1e:2e:93:46:53:fc:b6:73:52:a1:c3:86:6e:3a:70:
18:17:5e:6c:bb:ee:af:7d:99:e3:dc:14:f1:02:d9:
f7:f5:39:b8:e1:fd:d4:4c:d6:9c:fc:0a:4d:91:10:
a7:b3:00:e8:f1:1b:97:54:64:ef:1d:e2:23:a0:9f:
c1:f6:61:45:2c:17:fa:fd:dd:df:74:ee:7f:b6:25:
4b:3f:a3:76:81:0d:2f:cf:dc:eb:5d:e6:28:e7:5f:
26:30:a4:7a:1e:54:43:ad:24:07:9f:f1:6b:3f:27:
fb:7e:02:10:c5:ee:97:6c:0c:64:93:37:98:85:95:
b6:1f:9d:4a:7f:c4:c8:d8:96:15:63:4c:a3:d9:77:
22:b3:13:ee:22:0f:1c:0b:16:05:50:c2:f8:d4:1b:
f9:28:83:74:d5:8b:5d:9d:4f:a0:b2:af:ab:19:f7:
af:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:11:11:96:2A:3B:9A:6D:1F:06:A9:6E:A6:56:D2:0B:87:47:70:1F
X509v3 Authority Key Identifier:
keyid:AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/0DFD9136052911EEA012AC454AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.113.20.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:56:53:cf:5e:da:a5:cf:30:b8:2a:cf:84:1b:26:d0:0d:f8:
a7:0f:ea:29:f3:98:58:98:33:a1:40:b7:4b:a9:75:26:33:cc:
6a:36:21:f1:0c:ae:9e:0f:16:53:32:88:d6:0e:85:09:2e:72:
8b:ff:19:63:b3:42:6d:b6:a6:61:f4:03:88:06:1a:83:20:cd:
ed:05:44:c7:ab:bb:99:64:e3:1d:c9:23:41:74:11:23:1d:87:
ac:be:19:4f:cb:37:90:81:65:8b:2b:c5:b1:b3:99:fe:84:43:
fa:be:5d:68:b8:41:6a:2c:69:b4:0f:6a:d4:f8:a8:d5:93:a3:
cd:a9:6c:dc:75:30:06:1a:b0:76:f6:8d:23:a9:ac:63:af:26:
59:6d:8d:49:05:fc:83:cc:21:5b:bb:c6:6e:4a:9c:51:05:61:
e6:65:c4:10:ae:73:7b:97:e8:f2:a8:67:d8:cc:8d:49:a6:56:
fd:e4:05:98:d4:58:d9:9e:22:83:ad:cb:69:42:9c:de:64:c8:
86:a3:24:57:fd:ca:6a:2f:33:25:eb:68:46:2e:a5:13:db:5a:
9f:c1:ff:51:a4:db:4e:07:4e:e2:0c:17:5f:3f:c8:ee:31:a1:
a0:7e:c3:21:0c:49:34:53:25:a3:cb:60:b7:e5:0a:24:4c:58:
49:9f:f9:4a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBGDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEMxNkFSMTEwLwYDVQQFEyhBRTUxMjkzNjI3RjFCRDdBOUY1Mzc4OEUyQTY1RUEw
NDEzNDZBNzAyMB4XDTIzMDYwNzExNDcxNFoXDTI1MDYzMDExNDcxNFowGDEWMBQG
A1UEAxMNNjQ4MDZlNDYtZDM4MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2IqJRlpac/psb9ndfeHufaUbFLYteqxrdnL4i1rm8fYBRoUrH8iLp5bdp5
Rp0gJTtAfotFUo/pHFl5vCxr+yl7Y+vhBqbo4a77V9riTtsghMfRPDTbxtaFHi6T
RlP8tnNSocOGbjpwGBdebLvur32Z49wU8QLZ9/U5uOH91EzWnPwKTZEQp7MA6PEb
l1Rk7x3iI6CfwfZhRSwX+v3d33Tuf7YlSz+jdoENL8/c613mKOdfJjCkeh5UQ60k
B5/xaz8n+34CEMXul2wMZJM3mIWVth+dSn/EyNiWFWNMo9l3IrMT7iIPHAsWBVDC
+NQb+SiDdNWLXZ1PoLKvqxn3r5cCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBT7ERGW
KjuabR8GqW6mVtILh0dwHzAfBgNVHSMEGDAWgBSuUSk2J/G9ep9TeI4qZeoEE0an
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2RkMvcmxFcE5p
Znh2WHFmVTNpT0ttWHFCQk5HcHdJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
cmxFcE5pZnh2WHFmVTNpT0ttWHFCQk5HcHdJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2
RkMvMERGRDkxMzYwNTI5MTFFRUEwMTJBQzQ1NEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKBxFDANBgkqhkiG9w0BAQsFAAOC
AQEAe1ZTz17apc8wuCrPhBsm0A34pw/qKfOYWJgzoUC3S6l1JjPMajYh8Qyung8W
UzKI1g6FCS5yi/8ZY7NCbbamYfQDiAYagyDN7QVEx6u7mWTjHckjQXQRIx2HrL4Z
T8s3kIFliyvFsbOZ/oRD+r5daLhBaixptA9q1Pio1ZOjzals3HUwBhqwdvaNI6ms
Y68mWW2NSQX8g8whW7vGbkqcUQVh5mXEEK5ze5fo8qhn2MyNSaZW/eQFmNRY2Z4i
g63LaUKc3mTIhqMkV/3Kai8zJetoRi6lE9tan8H/UaTbTgdO4gwXXz/I7jGhoH7D
IQxJNFMlo8tgt+UKJExYSZ/5Sg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:07 2024 by rpki-client on console-fra.rpki-client.org