Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/11104E62CEF111EE974B8EA0775412E6.roa
File: 11104E62CEF111EE974B8EA0775412E6.roa (raw, json)
Hash identifier: w21QuXfiAGMWAFRhYp69TKHPA+2TQ5S4OV5lrYqZQPY=
Subject key identifier: 37:71:9B:44:BB:92:BE:90:BA:C3:A9:CE:BB:02:33:B1:6F:E0:61:52
Certificate issuer: /CN=F362B5C8AR/serialNumber=D9E55AA8BC3464BF493D866072EF30BC46861AA8
Certificate serial: 1E
Authority key identifier: D9:E5:5A:A8:BC:34:64:BF:49:3D:86:60:72:EF:30:BC:46:86:1A:A8
Authority info access: rsync://rpki.afrinic.net/repository/arin/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/11104E62CEF111EE974B8EA0775412E6.roa
Signing time: Mon 19 Feb 2024 06:35:26 +0000
ROA not before: Mon 19 Feb 2024 06:35:22 +0000
ROA not after: Sat 19 Feb 2028 06:35:22 +0000
asID: 37284
IP address blocks: 169.239.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.crl
rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.mft
rsync://rpki.afrinic.net/repository/arin/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 28 Jun 2024 00:16:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362B5C8AR/serialNumber=D9E55AA8BC3464BF493D866072EF30BC46861AA8
Validity
Not Before: Feb 19 06:35:22 2024 GMT
Not After : Feb 19 06:35:22 2028 GMT
Subject: CN=65d2f6ae-45c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:66:0a:a4:cc:8e:a9:f0:03:5a:a5:ed:c1:a0:
33:d1:7b:b9:0f:be:bf:66:f9:0e:ec:57:b9:85:b6:
8b:f0:b8:78:52:3d:39:2c:1c:c7:64:ce:35:0c:e3:
cb:25:53:4b:3c:6f:1c:a7:8c:8e:17:df:db:5c:98:
2f:d7:8a:37:fe:2d:c0:ba:90:db:4a:1a:36:d6:58:
a2:e5:52:0c:90:ed:a5:0c:4d:34:50:60:c7:f3:10:
26:0c:13:0d:cd:a0:a8:3a:f6:bd:f8:fb:4c:bd:d7:
27:df:11:38:8d:e9:07:61:72:1d:c8:6b:24:ad:ab:
1b:d1:ac:64:c6:68:0f:95:11:d9:9b:a3:57:a5:03:
c1:fc:2b:6f:35:70:57:35:4b:74:21:6a:dd:28:73:
7b:82:21:1f:a3:04:40:31:56:5a:11:cd:01:1e:52:
d4:d7:42:a5:30:4a:14:f5:52:49:2c:f5:e3:bd:cd:
28:3d:00:0f:a7:2e:42:3f:d5:55:ea:18:65:3e:bd:
cb:d0:1e:0d:d7:12:2e:e6:51:14:70:9a:73:31:4e:
24:ec:81:ab:88:6c:fa:a0:0f:47:b5:ff:4d:7e:49:
00:84:0d:21:de:1e:d7:3e:61:38:af:f3:13:5c:55:
c4:10:90:77:f0:fe:5b:a8:1a:e8:cc:45:10:94:aa:
65:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:71:9B:44:BB:92:BE:90:BA:C3:A9:CE:BB:02:33:B1:6F:E0:61:52
X509v3 Authority Key Identifier:
keyid:D9:E5:5A:A8:BC:34:64:BF:49:3D:86:60:72:EF:30:BC:46:86:1A:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/11104E62CEF111EE974B8EA0775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:a7:cc:46:7e:97:f7:a8:87:d1:21:4a:ec:0a:9f:61:45:54:
40:9f:8f:60:3d:85:39:d1:31:0c:a3:a3:39:4c:4f:5e:62:d1:
3d:37:8b:ff:28:9c:08:c2:68:a4:f9:6e:7d:36:4e:4c:b2:d3:
ce:38:71:95:dd:4f:3a:c4:02:4b:13:2c:24:8b:33:a8:0b:80:
28:c5:08:4d:9b:09:84:c7:4d:dc:ac:b8:d8:1f:ca:91:02:16:
b7:3a:e4:b2:24:c5:da:df:94:83:bf:8c:bb:f9:50:2c:9b:2f:
2e:96:e6:32:5d:9c:c0:4d:94:91:7d:9f:51:ec:bf:d4:66:6f:
b4:c6:e9:d8:8a:45:f5:39:97:75:6e:d0:f6:48:a5:85:35:f1:
cb:cc:77:a9:2e:0d:8d:bc:73:3c:cf:fc:5b:b7:98:1e:79:c6:
7f:68:56:3f:96:c4:71:40:15:08:f9:a2:b4:1c:e8:8c:bb:ea:
23:db:f3:ef:f2:1c:e4:97:5f:fb:ae:b0:6f:b1:2b:16:97:c3:
e9:5c:5f:68:f9:8f:43:28:4a:89:f0:4e:a8:bf:e1:ea:35:29:
d9:70:4b:4b:7e:bd:8e:3e:85:94:db:ce:40:25:fd:f8:a3:6d:
02:a2:42:0a:f9:93:1d:9f:07:66:c3:94:57:eb:b5:5b:4e:38:
a0:8f:9b:a7
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjVDOEFSMTEwLwYDVQQFEyhEOUU1NUFBOEJDMzQ2NEJGNDkzRDg2NjA3MkVGMzBC
QzQ2ODYxQUE4MB4XDTI0MDIxOTA2MzUyMloXDTI4MDIxOTA2MzUyMlowGDEWMBQG
A1UEAxMNNjVkMmY2YWUtNDVjMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9mCqTMjqnwA1ql7cGgM9F7uQ++v2b5DuxXuYW2i/C4eFI9OSwcx2TONQzj
yyVTSzxvHKeMjhff21yYL9eKN/4twLqQ20oaNtZYouVSDJDtpQxNNFBgx/MQJgwT
Dc2gqDr2vfj7TL3XJ98ROI3pB2FyHchrJK2rG9GsZMZoD5UR2ZujV6UDwfwrbzVw
VzVLdCFq3Shze4IhH6MEQDFWWhHNAR5S1NdCpTBKFPVSSSz1473NKD0AD6cuQj/V
VeoYZT69y9AeDdcSLuZRFHCaczFOJOyBq4hs+qAPR7X/TX5JAIQNId4e1z5hOK/z
E1xVxBCQd/D+W6ga6MxFEJSqZZcCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQ3cZtE
u5K+kLrDqc67AjOxb+BhUjAfBgNVHSMEGDAWgBTZ5VqovDRkv0k9hmBy7zC8RoYa
qDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkI1QzgvQTVFQkVGRTRCQjZCMTFFRUEwODExQzU3Nzc1NDEyRTYvMmVWYXFM
dzBaTDlKUFlaZ2N1OHd2RWFHR3FnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmVWYXFMdzBaTDlKUFlaZ2N1OHd2RWFHR3FnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MkI1QzgvQTVFQkVGRTRCQjZCMTFFRUEwODExQzU3Nzc1NDEy
RTYvMTExMDRFNjJDRUYxMTFFRTk3NEI4RUEwNzc1NDEyRTYucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqnvdDANBgkqhkiG9w0BAQsFAAOC
AQEAqafMRn6X96iH0SFK7AqfYUVUQJ+PYD2FOdExDKOjOUxPXmLRPTeL/yicCMJo
pPlufTZOTLLTzjhxld1POsQCSxMsJIszqAuAKMUITZsJhMdN3Ky42B/KkQIWtzrk
siTF2t+Ug7+Mu/lQLJsvLpbmMl2cwE2UkX2fUey/1GZvtMbp2IpF9TmXdW7Q9kil
hTXxy8x3qS4NjbxzPM/8W7eYHnnGf2hWP5bEcUAVCPmitBzojLvqI9vz7/Ic5Jdf
+66wb7ErFpfD6VxfaPmPQyhKifBOqL/h6jUp2XBLS369jj6FlNvOQCX9+KNtAqJC
CvmTHZ8HZsOUV+u1W044oI+bpw==
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:21:08 2024 by rpki-client on console-fra.rpki-client.org