Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36374C9/5024DE42542E11E6B8BE071EF8AEA228/A3321ED8542E11E6BE4E521EF8AEA228.roa
File: A3321ED8542E11E6BE4E521EF8AEA228.roa (raw, json)
Hash identifier: sJ9cmmKEMJXtaW4GTF37G3rJicRaTpT/POSsPQBapsQ=
Subject key identifier: 19:E7:45:7F:17:CA:11:B9:DB:47:E1:44:28:69:70:04:5F:9C:69:10
Certificate issuer: /CN=F36374C9AR/serialNumber=415BCDEF71DF74EFDC65563840933D94F22B6913
Certificate serial: 02
Authority key identifier: 41:5B:CD:EF:71:DF:74:EF:DC:65:56:38:40:93:3D:94:F2:2B:69:13
Authority info access: rsync://rpki.afrinic.net/repository/arin/QVvN73HfdO_cZVY4QJM9lPIraRM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36374C9/5024DE42542E11E6B8BE071EF8AEA228/A3321ED8542E11E6BE4E521EF8AEA228.roa
Signing time: Wed 27 Jul 2016 19:16:38 +0000
ROA not before: Wed 27 Jul 2016 19:16:03 +0000
ROA not after: Wed 31 Dec 2025 19:16:03 +0000
asID: 37640
IP address blocks: 45.222.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36374C9/5024DE42542E11E6B8BE071EF8AEA228/QVvN73HfdO_cZVY4QJM9lPIraRM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36374C9/5024DE42542E11E6B8BE071EF8AEA228/QVvN73HfdO_cZVY4QJM9lPIraRM.mft
rsync://rpki.afrinic.net/repository/arin/QVvN73HfdO_cZVY4QJM9lPIraRM.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36374C9AR/serialNumber=415BCDEF71DF74EFDC65563840933D94F22B6913
Validity
Not Before: Jul 27 19:16:03 2016 GMT
Not After : Dec 31 19:16:03 2025 GMT
Subject: CN=57990896-5a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f1:81:b3:a2:4f:1f:73:3c:eb:86:80:29:d9:
3e:16:d1:e3:84:e6:cb:53:7b:cc:63:36:58:20:5e:
77:44:92:1d:7c:46:d0:be:8e:30:67:6f:22:cd:9f:
ff:75:40:c0:62:35:df:43:ef:b3:f5:83:79:eb:8c:
5d:c6:1a:67:5f:27:2a:1e:1b:80:4d:09:be:37:d6:
a6:2e:ca:a7:a5:c7:75:cf:1c:ce:04:b2:9b:34:58:
ba:5e:4e:31:93:18:cf:42:6a:eb:3c:ae:72:84:9e:
5a:7f:b2:a6:83:9c:77:0e:c1:30:5d:19:f2:d0:6a:
48:58:81:55:83:05:66:ae:e2:6c:ef:5b:f8:c1:5e:
61:1d:67:f8:e6:84:4d:c3:b6:6c:98:48:d2:e7:e6:
fc:16:0d:5c:4c:2f:8c:ef:d4:66:18:9a:51:c7:02:
a0:48:3f:a8:67:58:80:f7:60:15:43:26:cf:7b:77:
db:a5:eb:e7:7f:2f:d5:8e:46:7d:2e:c6:2b:07:bd:
35:cc:0d:78:55:fe:a1:93:17:40:db:bc:be:82:26:
3a:49:20:65:fc:76:3c:ee:68:d7:e1:45:4d:ed:4e:
6f:f4:9b:55:1a:63:3e:47:ee:fb:fe:4e:3e:44:58:
d3:50:ca:d5:e9:ce:92:de:70:05:23:e4:80:c7:43:
bb:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E7:45:7F:17:CA:11:B9:DB:47:E1:44:28:69:70:04:5F:9C:69:10
X509v3 Authority Key Identifier:
keyid:41:5B:CD:EF:71:DF:74:EF:DC:65:56:38:40:93:3D:94:F2:2B:69:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36374C9/5024DE42542E11E6B8BE071EF8AEA228/QVvN73HfdO_cZVY4QJM9lPIraRM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/QVvN73HfdO_cZVY4QJM9lPIraRM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36374C9/5024DE42542E11E6B8BE071EF8AEA228/A3321ED8542E11E6BE4E521EF8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
45.222.64.0/19
Signature Algorithm: sha256WithRSAEncryption
61:bf:ab:ea:44:82:52:38:71:9c:e2:d8:7b:94:0e:14:1f:d9:
31:b4:3b:4f:8a:53:c2:b2:23:1d:64:0b:6d:e6:a5:a1:a2:ed:
93:c9:d9:87:47:93:87:e6:03:35:dd:2b:48:b5:65:5c:c7:6e:
77:80:3a:1f:12:db:37:95:df:47:e0:c7:6c:a2:98:63:0e:6a:
1e:66:ea:e5:35:3b:f2:d7:45:a3:aa:8b:b9:94:96:c8:1c:ae:
db:4c:d4:35:26:ee:a7:dd:71:5b:7d:03:79:4a:c0:9d:4a:b7:
64:12:af:b7:15:43:bb:aa:72:3d:99:00:5b:47:44:86:69:5a:
28:8c:bb:5f:a0:27:b6:81:42:fd:8e:7a:4a:3e:d4:fa:cc:3e:
92:ef:39:dd:1b:bd:78:10:55:09:35:f5:cf:22:dc:f9:1a:64:
b9:98:00:54:18:1d:b6:1c:b3:f9:be:e2:0b:81:36:46:0b:f9:
ee:b5:7a:2e:32:f2:5b:f3:4f:89:15:39:77:2c:f9:fa:72:87:
f1:9b:19:14:dd:74:e9:a6:5f:c9:92:60:c6:6c:4d:ea:d6:87:
55:71:79:90:9c:79:57:09:6e:ce:50:04:94:cb:37:cc:29:f5:
0f:0f:f5:db:01:d2:3e:6d:65:4b:3e:29:30:e2:99:39:66:99:
75:75:be:f6
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
NzRDOUFSMTEwLwYDVQQFEyg0MTVCQ0RFRjcxREY3NEVGREM2NTU2Mzg0MDkzM0Q5
NEYyMkI2OTEzMB4XDTE2MDcyNzE5MTYwM1oXDTI1MTIzMTE5MTYwM1owGDEWMBQG
A1UEAxMNNTc5OTA4OTYtNWE3ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/xgbOiTx9zPOuGgCnZPhbR44Tmy1N7zGM2WCBed0SSHXxG0L6OMGdvIs2f
/3VAwGI130Pvs/WDeeuMXcYaZ18nKh4bgE0JvjfWpi7Kp6XHdc8czgSymzRYul5O
MZMYz0Jq6zyucoSeWn+ypoOcdw7BMF0Z8tBqSFiBVYMFZq7ibO9b+MFeYR1n+OaE
TcO2bJhI0ufm/BYNXEwvjO/UZhiaUccCoEg/qGdYgPdgFUMmz3t326Xr538v1Y5G
fS7GKwe9NcwNeFX+oZMXQNu8voImOkkgZfx2PO5o1+FFTe1Ob/SbVRpjPkfu+/5O
PkRY01DK1enOkt5wBSPkgMdDu0ECAwEAAaOCAmswggJnMB0GA1UdDgQWBBQZ50V/
F8oRudtH4UQoaXAEX5xpEDAfBgNVHSMEGDAWgBRBW83vcd9079xlVjhAkz2U8itp
EzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Mzc0QzkvNTAyNERFNDI1NDJFMTFFNkI4QkUwNzFFRjhBRUEyMjgvUVZ2Tjcz
SGZkT19jWlZZNFFKTTlsUElyYVJNLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
UVZ2TjczSGZkT19jWlZZNFFKTTlsUElyYVJNLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2Mzc0QzkvNTAyNERFNDI1NDJFMTFFNkI4QkUwNzFFRjhBRUEy
MjgvQTMzMjFFRDg1NDJFMTFFNkJFNEU1MjFFRjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQFLd5AMA0GCSqGSIb3DQEBCwUAA4IBAQBhv6vq
RIJSOHGc4th7lA4UH9kxtDtPilPCsiMdZAtt5qWhou2TydmHR5OH5gM13StItWVc
x253gDofEts3ld9H4MdsophjDmoeZurlNTvy10Wjqou5lJbIHK7bTNQ1Ju6n3XFb
fQN5SsCdSrdkEq+3FUO7qnI9mQBbR0SGaVoojLtfoCe2gUL9jnpKPtT6zD6S7znd
G714EFUJNfXPItz5GmS5mABUGB22HLP5vuILgTZGC/nutXouMvJb80+JFTl3LPn6
cofxmxkU3XTppl/JkmDGbE3q1odVcXmQnHlXCW7OUASUyzfMKfUPD/XbAdI+bWVL
Pikw4pk5Zpl1db72
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org