Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363520F/1AE67086848811EAA67B9A80F8AEA228/8104FC9C848911EA82BC1782F8AEA228.roa
File: 8104FC9C848911EA82BC1782F8AEA228.roa (raw, json)
Hash identifier: KTgxzgKlLvwuUfYFb/4cul18aGzyYjnz15y3R7TNf60=
Subject key identifier: E6:09:DE:C5:F4:29:1C:0D:E0:BD:FF:8C:2A:66:EE:A5:75:EB:58:24
Certificate issuer: /CN=F363520FAR/serialNumber=8A99E3854604A21AADCF66518E4B59FE8A13A206
Certificate serial: 02
Authority key identifier: 8A:99:E3:85:46:04:A2:1A:AD:CF:66:51:8E:4B:59:FE:8A:13:A2:06
Authority info access: rsync://rpki.afrinic.net/repository/arin/ipnjhUYEohqtz2ZRjktZ_ooTogY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363520F/1AE67086848811EAA67B9A80F8AEA228/8104FC9C848911EA82BC1782F8AEA228.roa
Signing time: Wed 22 Apr 2020 11:07:50 +0000
ROA not before: Wed 22 Apr 2020 11:07:35 +0000
ROA not after: Mon 22 Apr 2030 11:07:35 +0000
asID: 37611
IP address blocks: 165.73.0.0/17 maxlen: 17
165.255.0.0/16 maxlen: 16
169.0.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363520F/1AE67086848811EAA67B9A80F8AEA228/ipnjhUYEohqtz2ZRjktZ_ooTogY.crl
rsync://rpki.afrinic.net/repository/member_repository/F363520F/1AE67086848811EAA67B9A80F8AEA228/ipnjhUYEohqtz2ZRjktZ_ooTogY.mft
rsync://rpki.afrinic.net/repository/arin/ipnjhUYEohqtz2ZRjktZ_ooTogY.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363520FAR/serialNumber=8A99E3854604A21AADCF66518E4B59FE8A13A206
Validity
Not Before: Apr 22 11:07:35 2020 GMT
Not After : Apr 22 11:07:35 2030 GMT
Subject: CN=5ea02586-f8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:93:89:bf:bb:44:83:6e:cd:7a:0d:7b:5f:
de:7f:5d:fa:a1:7e:ac:9c:1b:ca:a7:51:83:3d:d7:
55:e5:81:88:05:9b:7c:04:71:61:d7:58:53:de:d7:
13:ba:8b:36:75:36:2e:b8:e2:8a:95:6d:6e:a3:d3:
87:5b:8e:b9:b5:8f:74:b7:f8:c6:c5:6f:62:a7:3a:
0c:64:0f:ba:2b:8b:70:c8:ba:00:69:d7:44:0a:0e:
1c:24:7a:eb:36:82:c1:92:a4:a4:96:ca:05:6c:2e:
fc:18:65:b3:84:b9:f9:b9:54:25:6d:f6:3d:bd:10:
be:a0:a1:6f:ee:64:fa:f5:44:b6:e6:0c:2c:7d:08:
f7:33:bc:7c:65:7f:d8:11:5e:57:34:de:3e:9e:0f:
db:72:00:bc:49:c0:f3:08:d0:84:b5:9c:0e:8f:7c:
de:68:0a:f5:6b:20:ab:e9:4e:e0:68:db:b3:1d:65:
b4:02:05:92:6e:4a:47:63:03:ef:00:a6:ed:0e:a6:
3e:b2:52:a1:6a:f2:47:61:95:3f:78:80:13:f1:75:
8e:a9:79:32:17:a1:c3:b1:29:0e:1f:0b:8f:95:4f:
c4:39:31:6d:47:5a:9e:86:f6:49:ed:2c:c2:98:c4:
83:0e:28:92:ad:a1:84:f9:ca:34:35:7b:4a:32:d5:
68:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:09:DE:C5:F4:29:1C:0D:E0:BD:FF:8C:2A:66:EE:A5:75:EB:58:24
X509v3 Authority Key Identifier:
keyid:8A:99:E3:85:46:04:A2:1A:AD:CF:66:51:8E:4B:59:FE:8A:13:A2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363520F/1AE67086848811EAA67B9A80F8AEA228/ipnjhUYEohqtz2ZRjktZ_ooTogY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/ipnjhUYEohqtz2ZRjktZ_ooTogY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363520F/1AE67086848811EAA67B9A80F8AEA228/8104FC9C848911EA82BC1782F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.73.0.0/17
165.255.0.0/16
169.0.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a1:5a:1c:fd:eb:18:dc:06:e5:a8:b1:5a:17:45:88:7c:6c:fe:
cc:a7:14:fc:ee:aa:41:a4:f4:6f:51:61:e7:51:95:ae:97:05:
ff:cd:4b:fe:64:28:d7:4b:99:e0:ce:08:ec:f4:55:01:ea:04:
ab:0c:00:ee:2b:0d:25:5a:03:1a:2c:bb:a0:bf:36:2c:db:36:
c4:0f:a0:f6:99:5f:27:bb:a8:2a:85:ac:8a:49:db:2e:b4:ff:
36:3a:59:af:d9:ac:79:00:38:71:f4:75:28:9d:9a:44:8d:a6:
30:1e:5b:a5:8e:23:95:aa:04:1e:67:9c:d7:3f:b4:3d:4a:51:
83:3f:91:71:8d:96:d7:cf:2a:e1:5b:76:dd:1f:8e:67:e9:6c:
89:6f:48:38:a0:ec:5a:9a:ef:0a:99:41:da:a0:31:09:24:77:
1c:0a:8a:b8:fd:b1:82:93:1b:cf:f5:b7:b1:bb:93:04:8e:a8:
9c:79:a4:a2:89:86:4a:9e:d6:fc:3a:18:1b:ac:bf:e1:08:34:
45:8b:ef:42:ec:71:84:b6:32:7c:cc:50:8c:75:2d:73:a9:ac:
52:10:f7:34:34:d0:90:be:f4:fb:53:11:ee:40:4d:2b:53:d5:
8a:d0:67:61:41:25:6f:ec:79:b5:07:e3:17:26:c4:64:fa:09:
a8:05:57:0a
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
NTIwRkFSMTEwLwYDVQQFEyg4QTk5RTM4NTQ2MDRBMjFBQURDRjY2NTE4RTRCNTlG
RThBMTNBMjA2MB4XDTIwMDQyMjExMDczNVoXDTMwMDQyMjExMDczNVowGDEWMBQG
A1UEAxMNNWVhMDI1ODYtZjhhNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuwk4m/u0SDbs16DXtf3n9d+qF+rJwbyqdRgz3XVeWBiAWbfARxYddYU97X
E7qLNnU2LrjiipVtbqPTh1uOubWPdLf4xsVvYqc6DGQPuiuLcMi6AGnXRAoOHCR6
6zaCwZKkpJbKBWwu/Bhls4S5+blUJW32Pb0QvqChb+5k+vVEtuYMLH0I9zO8fGV/
2BFeVzTePp4P23IAvEnA8wjQhLWcDo983mgK9Wsgq+lO4Gjbsx1ltAIFkm5KR2MD
7wCm7Q6mPrJSoWryR2GVP3iAE/F1jql5Mhehw7EpDh8Lj5VPxDkxbUdanob2Se0s
wpjEgw4okq2hhPnKNDV7SjLVaFkCAwEAAaOCAqwwggKoMB0GA1UdDgQWBBTmCd7F
9CkcDeC9/4wqZu6ldetYJDAfBgNVHSMEGDAWgBSKmeOFRgSiGq3PZlGOS1n+ihOi
BjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzUyMEYvMUFFNjcwODY4NDg4MTFFQUE2N0I5QTgwRjhBRUEyMjgvaXBuamhV
WUVvaHF0ejJaUmprdFpfb29Ub2dZLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
aXBuamhVWUVvaHF0ejJaUmprdFpfb29Ub2dZLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MzUyMEYvMUFFNjcwODY4NDg4MTFFQUE2N0I5QTgwRjhBRUEy
MjgvODEwNEZDOUM4NDg5MTFFQTgyQkMxNzgyRjhBRUEyMjgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAp
BggrBgEFBQcBBwEB/wQaMBgwFgQCAAEwEAMEB6VJAAMDAKX/AwMBqQAwDQYJKoZI
hvcNAQELBQADggEBAKFaHP3rGNwG5aixWhdFiHxs/synFPzuqkGk9G9RYedRla6X
Bf/NS/5kKNdLmeDOCOz0VQHqBKsMAO4rDSVaAxosu6C/NizbNsQPoPaZXye7qCqF
rIpJ2y60/zY6Wa/ZrHkAOHH0dSidmkSNpjAeW6WOI5WqBB5nnNc/tD1KUYM/kXGN
ltfPKuFbdt0fjmfpbIlvSDig7Fqa7wqZQdqgMQkkdxwKirj9sYKTG8/1t7G7kwSO
qJx5pKKJhkqe1vw6GBusv+EINEWL70LscYS2MnzMUIx1LXOprFIQ9zQ00JC+9PtT
Ee5ATStT1YrQZ2FBJW/sebUH4xcmxGT6CagFVwo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org