Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3624E32/F1340E4EEE7211EDBA5327164AD9E6FC/5CEB9A26EE7311EDAE92A5174AD9E6FC.roa
File: 5CEB9A26EE7311EDAE92A5174AD9E6FC.roa (raw, json)
Hash identifier: rLtmy6+gg/x50UbRPkkqh7K/Hhi9wWQKPE+ocVnJ+7I=
Subject key identifier: F1:23:86:19:6A:B6:F4:FE:D5:D8:C1:8C:43:2B:7C:5F:37:6D:88:A3
Certificate issuer: /CN=F3624E32AR/serialNumber=560ABBEE9944BC16374D28BE4C2607212C5C841A
Certificate serial: 02
Authority key identifier: 56:0A:BB:EE:99:44:BC:16:37:4D:28:BE:4C:26:07:21:2C:5C:84:1A
Authority info access: rsync://rpki.afrinic.net/repository/arin/Vgq77plEvBY3TSi-TCYHISxchBo.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3624E32/F1340E4EEE7211EDBA5327164AD9E6FC/5CEB9A26EE7311EDAE92A5174AD9E6FC.roa
Signing time: Tue 09 May 2023 14:11:17 +0000
ROA not before: Tue 09 May 2023 14:11:12 +0000
ROA not after: Fri 09 May 2025 14:11:12 +0000
asID: 328249
IP address blocks: 156.0.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3624E32/F1340E4EEE7211EDBA5327164AD9E6FC/Vgq77plEvBY3TSi-TCYHISxchBo.crl
rsync://rpki.afrinic.net/repository/member_repository/F3624E32/F1340E4EEE7211EDBA5327164AD9E6FC/Vgq77plEvBY3TSi-TCYHISxchBo.mft
rsync://rpki.afrinic.net/repository/arin/Vgq77plEvBY3TSi-TCYHISxchBo.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:21:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3624E32AR/serialNumber=560ABBEE9944BC16374D28BE4C2607212C5C841A
Validity
Not Before: May 9 14:11:12 2023 GMT
Not After : May 9 14:11:12 2025 GMT
Subject: CN=645a5485-b21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:67:48:d0:e9:44:da:2b:3c:53:a5:dd:ff:27:
6f:80:87:3c:dd:32:21:ba:1b:64:61:30:98:fe:38:
88:5a:ea:00:b1:4b:2e:a0:42:5d:86:f3:ac:d9:61:
d7:66:7a:c1:3d:f6:5b:e2:d3:17:bb:89:0d:3c:76:
81:3f:e1:ac:69:12:d6:36:7c:c1:f6:67:63:c9:17:
25:9a:aa:5e:ee:f2:62:ae:34:24:49:81:87:14:e0:
ed:68:f3:e3:cf:df:17:89:ed:72:c4:bb:64:5f:b9:
91:93:24:2d:0e:86:e0:1c:0f:f1:e2:48:82:95:1a:
d1:98:3c:78:af:d4:2e:6f:d9:7d:49:f3:da:da:14:
97:12:7e:7a:60:cd:fe:3e:62:36:c6:3a:89:cb:88:
3b:6c:fc:38:3a:1a:06:14:a4:52:b4:f8:3d:d0:a6:
06:24:ee:0f:56:bf:46:b5:db:ac:36:48:fe:9e:30:
92:30:28:e8:1f:ed:97:4a:8a:f5:34:f9:0a:f9:e6:
08:f3:29:6d:f9:6a:13:6c:f8:6a:a0:87:0e:d7:de:
91:d2:85:b8:f1:6f:a5:ba:20:3a:da:8d:b4:14:12:
95:d3:91:83:70:b3:45:81:36:a7:fc:bb:c1:de:e8:
21:d4:aa:30:0f:8e:ff:ac:b6:9f:62:fa:ab:cd:78:
be:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:23:86:19:6A:B6:F4:FE:D5:D8:C1:8C:43:2B:7C:5F:37:6D:88:A3
X509v3 Authority Key Identifier:
keyid:56:0A:BB:EE:99:44:BC:16:37:4D:28:BE:4C:26:07:21:2C:5C:84:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3624E32/F1340E4EEE7211EDBA5327164AD9E6FC/Vgq77plEvBY3TSi-TCYHISxchBo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/Vgq77plEvBY3TSi-TCYHISxchBo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3624E32/F1340E4EEE7211EDBA5327164AD9E6FC/5CEB9A26EE7311EDAE92A5174AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.88.0/22
Signature Algorithm: sha256WithRSAEncryption
68:69:8a:0e:37:84:f9:02:74:53:32:64:8c:75:39:53:c3:cb:
d7:c1:3d:fd:35:0f:0c:9c:61:f9:10:f3:46:1c:9a:b4:1a:e5:
f3:64:da:30:e7:25:67:e8:74:a5:95:07:56:5b:61:9b:35:14:
9b:97:0a:75:61:be:38:b3:6f:6e:41:aa:b7:a5:2d:58:6c:29:
b0:45:c8:4d:cd:c7:2d:47:87:d7:e7:af:0e:2d:da:46:8b:2e:
74:50:71:ab:59:e5:71:7c:2d:b3:60:cd:28:23:fa:8a:e7:bf:
d2:a0:82:8f:37:71:53:74:40:8e:f2:8f:49:06:97:5c:3c:65:
44:f0:6f:ee:9a:d8:94:96:a6:95:17:2c:9e:8f:32:64:b1:e6:
df:57:47:fb:be:72:ad:fc:36:c2:bf:5d:f9:c1:85:e0:49:c2:
09:0e:4c:42:cd:87:1b:ff:77:78:27:97:38:20:a4:9a:96:71:
61:90:ff:8e:22:96:4d:3c:e5:bf:4f:08:9d:3e:4d:72:8b:35:
34:80:c1:b5:e4:27:4b:66:f7:13:4a:1d:4c:9a:be:9e:98:e4:
f4:5e:b2:ae:a0:2c:5f:ba:e9:a9:43:66:d3:8b:f8:54:bd:8e:
eb:e4:86:ff:96:14:ed:ee:99:e2:25:d5:0e:48:65:b9:d7:91:
58:72:09:83
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NEUzMkFSMTEwLwYDVQQFEyg1NjBBQkJFRTk5NDRCQzE2Mzc0RDI4QkU0QzI2MDcy
MTJDNUM4NDFBMB4XDTIzMDUwOTE0MTExMloXDTI1MDUwOTE0MTExMlowGDEWMBQG
A1UEAxMNNjQ1YTU0ODUtYjIxZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxnSNDpRNorPFOl3f8nb4CHPN0yIbobZGEwmP44iFrqALFLLqBCXYbzrNlh
12Z6wT32W+LTF7uJDTx2gT/hrGkS1jZ8wfZnY8kXJZqqXu7yYq40JEmBhxTg7Wjz
48/fF4ntcsS7ZF+5kZMkLQ6G4BwP8eJIgpUa0Zg8eK/ULm/ZfUnz2toUlxJ+emDN
/j5iNsY6icuIO2z8ODoaBhSkUrT4PdCmBiTuD1a/RrXbrDZI/p4wkjAo6B/tl0qK
9TT5CvnmCPMpbflqE2z4aqCHDtfekdKFuPFvpbogOtqNtBQSldORg3CzRYE2p/y7
wd7oIdSqMA+O/6y2n2L6q814vgkCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTxI4YZ
arb0/tXYwYxDK3xfN22IozAfBgNVHSMEGDAWgBRWCrvumUS8FjdNKL5MJgchLFyE
GjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjRFMzIvRjEzNDBFNEVFRTcyMTFFREJBNTMyNzE2NEFEOUU2RkMvVmdxNzdw
bEV2QlkzVFNpLVRDWUhJU3hjaEJvLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
VmdxNzdwbEV2QlkzVFNpLVRDWUhJU3hjaEJvLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjRFMzIvRjEzNDBFNEVFRTcyMTFFREJBNTMyNzE2NEFEOUU2
RkMvNUNFQjlBMjZFRTczMTFFREFFOTJBNTE3NEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApwAWDANBgkqhkiG9w0BAQsFAAOC
AQEAaGmKDjeE+QJ0UzJkjHU5U8PL18E9/TUPDJxh+RDzRhyatBrl82TaMOclZ+h0
pZUHVlthmzUUm5cKdWG+OLNvbkGqt6UtWGwpsEXITc3HLUeH1+evDi3aRosudFBx
q1nlcXwts2DNKCP6iue/0qCCjzdxU3RAjvKPSQaXXDxlRPBv7prYlJamlRcsno8y
ZLHm31dH+75yrfw2wr9d+cGF4EnCCQ5MQs2HG/93eCeXOCCkmpZxYZD/jiKWTTzl
v08InT5Ncos1NIDBteQnS2b3E0odTJq+npjk9F6yrqAsX7rpqUNm04v4VL2O6+SG
/5YU7e6Z4iXVDkhludeRWHIJgw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:43 2024 by rpki-client on console-ams.rpki-client.org