Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3627BD6/4790CFC823F211E680CAE823F8AEA228/6FAF8B00619B11EDB6AEE1D6F1222468.roa
File: 6FAF8B00619B11EDB6AEE1D6F1222468.roa (raw, json)
Hash identifier: /1/Pa04qpcI/k7X0iybt5AEzlNkplFgiGrqG6zpxJw0=
Subject key identifier: 34:84:F3:2B:6E:A6:BA:0F:77:29:BB:FE:5F:EB:B3:C1:BD:E1:FB:B6
Certificate issuer: /CN=F3627BD6AR/serialNumber=2E35253555942F0C3CA637804D46D95A02A4F9E9
Certificate serial: 0966
Authority key identifier: 2E:35:25:35:55:94:2F:0C:3C:A6:37:80:4D:46:D9:5A:02:A4:F9:E9
Authority info access: rsync://rpki.afrinic.net/repository/arin/LjUlNVWULww8pjeATUbZWgKk-ek.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3627BD6/4790CFC823F211E680CAE823F8AEA228/6FAF8B00619B11EDB6AEE1D6F1222468.roa
Signing time: Fri 11 Nov 2022 08:32:54 +0000
ROA not before: Fri 11 Nov 2022 08:32:44 +0000
ROA not after: Thu 11 Nov 2027 08:32:44 +0000
asID: 7020
IP address blocks: 165.233.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3627BD6/4790CFC823F211E680CAE823F8AEA228/LjUlNVWULww8pjeATUbZWgKk-ek.crl
rsync://rpki.afrinic.net/repository/member_repository/F3627BD6/4790CFC823F211E680CAE823F8AEA228/LjUlNVWULww8pjeATUbZWgKk-ek.mft
rsync://rpki.afrinic.net/repository/arin/LjUlNVWULww8pjeATUbZWgKk-ek.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2406 (0x966)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3627BD6AR/serialNumber=2E35253555942F0C3CA637804D46D95A02A4F9E9
Validity
Not Before: Nov 11 08:32:44 2022 GMT
Not After : Nov 11 08:32:44 2027 GMT
Subject: CN=636e08b6-5e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:0f:63:a9:98:74:fb:b5:91:bb:b2:51:69:a8:
ef:43:55:d6:f6:8f:78:4c:64:46:c0:62:0a:8e:eb:
27:e4:be:b5:55:c7:15:84:d9:a5:f9:1a:32:53:78:
a9:31:d2:ae:c7:54:ea:a5:ca:f1:95:32:aa:ca:b1:
79:70:28:90:de:33:df:11:84:15:5e:9c:b8:2b:1d:
3f:3a:48:89:90:eb:b4:7f:54:48:ab:2a:88:8f:77:
75:8e:52:13:05:0f:df:1b:52:7c:33:ec:8c:ff:c3:
ec:48:36:75:b1:5b:ac:c0:70:26:35:88:dc:a3:8d:
49:bc:95:56:bc:7d:b3:5f:b2:8a:5b:a8:d1:a3:0c:
06:44:f1:8c:84:86:f7:05:f8:77:68:d7:68:07:17:
c7:64:73:3d:c3:65:80:f7:e4:ed:68:4f:bb:52:eb:
b2:7d:cb:bb:d7:5c:06:7b:cc:1f:95:d4:67:15:1f:
3e:23:82:df:7c:ae:a6:9d:17:3b:d3:ce:ad:a9:6d:
3e:13:f9:fe:9c:41:8f:4f:e6:f4:6a:b6:81:22:7f:
9c:39:03:ac:76:ab:2e:98:a2:f0:60:ca:bc:55:46:
e5:84:3b:57:f2:5b:29:81:01:9d:90:43:dc:d2:df:
2b:d3:22:a7:58:3b:03:90:5f:7b:f1:62:d4:e4:39:
7d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:84:F3:2B:6E:A6:BA:0F:77:29:BB:FE:5F:EB:B3:C1:BD:E1:FB:B6
X509v3 Authority Key Identifier:
keyid:2E:35:25:35:55:94:2F:0C:3C:A6:37:80:4D:46:D9:5A:02:A4:F9:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3627BD6/4790CFC823F211E680CAE823F8AEA228/LjUlNVWULww8pjeATUbZWgKk-ek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/LjUlNVWULww8pjeATUbZWgKk-ek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3627BD6/4790CFC823F211E680CAE823F8AEA228/6FAF8B00619B11EDB6AEE1D6F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.233.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:55:a4:fb:6c:91:a5:d8:18:31:4f:2a:09:d3:af:ef:69:5d:
4e:4d:a0:4a:7c:bd:b1:60:40:37:41:8c:c2:89:26:db:60:7f:
53:3f:ff:32:da:90:94:f5:7a:14:14:e6:bd:54:9f:7c:fe:fa:
7b:3d:d4:78:15:fe:c8:c2:94:a2:11:62:47:f5:49:a5:21:f9:
dd:c7:8a:e6:07:7b:9a:6d:e7:02:c4:30:3d:1f:f3:95:54:a0:
dc:bf:e5:f0:6f:98:0a:4e:7c:53:38:82:cb:32:fe:85:3b:90:
c2:82:14:4d:f5:3c:15:69:d4:ec:00:1d:96:54:6c:0a:75:17:
69:34:e7:7d:6e:f3:a7:90:30:07:2a:04:bf:7b:2a:66:d4:3f:
a7:0c:5d:05:6a:4b:51:03:77:b5:a3:26:5e:18:a6:cc:c4:84:
b3:51:f2:4d:d8:13:2f:c3:76:b4:e8:3e:80:7b:d2:7a:30:4c:
71:bd:a5:2c:98:3a:67:99:fa:7f:3e:da:6e:72:1c:a0:ea:dc:
0c:d6:15:09:95:c7:11:6b:ad:17:98:4b:73:2f:11:75:86:c8:
ca:bc:c0:3f:7e:9e:ae:46:1e:dd:4a:17:b8:cf:3e:6c:da:29:
e8:a6:f9:b5:40:d0:f6:3f:01:6d:1d:f1:e7:02:64:87:59:8c:
94:ed:52:e0
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCWYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjdCRDZBUjExMC8GA1UEBRMoMkUzNTI1MzU1NTk0MkYwQzNDQTYzNzgwNEQ0NkQ5
NUEwMkE0RjlFOTAeFw0yMjExMTEwODMyNDRaFw0yNzExMTEwODMyNDRaMBgxFjAU
BgNVBAMMDTYzNmUwOGI2LTVlODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD1D2OpmHT7tZG7slFpqO9DVdb2j3hMZEbAYgqO6yfkvrVVxxWE2aX5GjJT
eKkx0q7HVOqlyvGVMqrKsXlwKJDeM98RhBVenLgrHT86SImQ67R/VEirKoiPd3WO
UhMFD98bUnwz7Iz/w+xINnWxW6zAcCY1iNyjjUm8lVa8fbNfsopbqNGjDAZE8YyE
hvcF+Hdo12gHF8dkcz3DZYD35O1oT7tS67J9y7vXXAZ7zB+V1GcVHz4jgt98rqad
FzvTzq2pbT4T+f6cQY9P5vRqtoEif5w5A6x2qy6YovBgyrxVRuWEO1fyWymBAZ2Q
Q9zS3yvTIqdYOwOQX3vxYtTkOX0rAgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUNITz
K26mug93Kbv+X+uzwb3h+7YwHwYDVR0jBBgwFoAULjUlNVWULww8pjeATUbZWgKk
+ekwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI3QkQ2LzQ3OTBDRkM4MjNGMjExRTY4MENBRTgyM0Y4QUVBMjI4L0xqVWxO
VldVTHd3OHBqZUFUVWJaV2dLay1lay5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0xqVWxOVldVTHd3OHBqZUFUVWJaV2dLay1lay5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI3QkQ2LzQ3OTBDRkM4MjNGMjExRTY4MENBRTgyM0Y4QUVB
MjI4LzZGQUY4QjAwNjE5QjExRURCNkFFRTFENkYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwCl6TANBgkqhkiG9w0BAQsFAAOC
AQEAClWk+2yRpdgYMU8qCdOv72ldTk2gSny9sWBAN0GMwokm22B/Uz//MtqQlPV6
FBTmvVSffP76ez3UeBX+yMKUohFiR/VJpSH53ceK5gd7mm3nAsQwPR/zlVSg3L/l
8G+YCk58UziCyzL+hTuQwoIUTfU8FWnU7AAdllRsCnUXaTTnfW7zp5AwByoEv3sq
ZtQ/pwxdBWpLUQN3taMmXhimzMSEs1HyTdgTL8N2tOg+gHvSejBMcb2lLJg6Z5n6
fz7abnIcoOrcDNYVCZXHEWutF5hLcy8RdYbIyrzAP36erkYe3UoXuM8+bNop6Kb5
tUDQ9j8BbR3x5wJkh1mMlO1S4A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:51 2024 by rpki-client on console-fra.rpki-client.org