Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3639A71/311E502AAD5211EE82F093AE775412E6/CE2F2690AD5311EE8E27B3B1775412E6.roa
File: CE2F2690AD5311EE8E27B3B1775412E6.roa (raw, json)
Hash identifier: 8IJ5uu88BzDrvRLts60KNKjSTABo8XS/43EbjaMJPDo=
Subject key identifier: A1:4E:72:76:30:28:CB:05:3D:77:34:1F:88:47:61:46:7E:76:69:AB
Certificate issuer: /CN=F3639A71AR/serialNumber=0CDE0B7E678FFEA9E3AE0579FEE18477612E4FE9
Certificate serial: 02
Authority key identifier: 0C:DE:0B:7E:67:8F:FE:A9:E3:AE:05:79:FE:E1:84:77:61:2E:4F:E9
Authority info access: rsync://rpki.afrinic.net/repository/arin/DN4LfmeP_qnjrgV5_uGEd2EuT-k.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3639A71/311E502AAD5211EE82F093AE775412E6/CE2F2690AD5311EE8E27B3B1775412E6.roa
Signing time: Sun 07 Jan 2024 11:56:35 +0000
ROA not before: Sun 07 Jan 2024 11:56:31 +0000
ROA not after: Sat 07 Jan 2034 11:56:31 +0000
asID: 37721
IP address blocks: 160.119.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3639A71/311E502AAD5211EE82F093AE775412E6/DN4LfmeP_qnjrgV5_uGEd2EuT-k.crl
rsync://rpki.afrinic.net/repository/member_repository/F3639A71/311E502AAD5211EE82F093AE775412E6/DN4LfmeP_qnjrgV5_uGEd2EuT-k.mft
rsync://rpki.afrinic.net/repository/arin/DN4LfmeP_qnjrgV5_uGEd2EuT-k.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3639A71AR/serialNumber=0CDE0B7E678FFEA9E3AE0579FEE18477612E4FE9
Validity
Not Before: Jan 7 11:56:31 2024 GMT
Not After : Jan 7 11:56:31 2034 GMT
Subject: CN=659a9173-daab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c0:0b:7c:5e:dc:c7:4b:0b:2d:dc:10:a5:a8:
f9:05:38:80:09:7e:14:b0:21:a7:97:09:f0:97:f6:
25:1b:cd:8a:e9:00:09:9f:c2:af:99:d6:74:46:a0:
76:84:5c:4b:19:da:f9:b0:2a:8a:5b:1c:46:bc:5f:
4a:7d:c1:ba:21:a4:98:67:f9:34:a9:fe:71:68:a1:
df:f9:f1:d3:4b:f0:d0:3a:1e:38:b3:ef:93:de:3b:
1b:db:e2:7f:5c:b3:2a:d4:c1:87:ec:8c:e4:dc:c5:
55:9e:54:01:72:0a:82:5c:e5:8f:17:c4:8d:42:b9:
2d:49:4d:65:47:77:ca:f9:35:a8:4d:9b:ab:11:c6:
e8:1d:bd:19:09:6c:7c:f6:eb:ad:69:85:d5:d1:1d:
cd:ef:97:2c:55:84:cd:2c:9a:50:d2:11:f6:9e:b6:
e7:26:e6:48:4a:64:57:57:66:fd:11:02:25:78:65:
56:9d:63:8b:d2:33:61:b5:5d:29:8e:6c:33:8b:76:
a0:b8:68:00:44:93:d0:78:8b:da:fd:5c:65:21:d7:
24:1d:0f:fb:d0:0b:7e:ef:98:6f:94:69:57:95:1c:
77:5f:e7:56:a0:f2:20:f6:03:85:50:c9:72:50:09:
b4:a5:a5:0c:d7:04:32:25:31:d2:65:d1:56:3e:20:
ad:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:4E:72:76:30:28:CB:05:3D:77:34:1F:88:47:61:46:7E:76:69:AB
X509v3 Authority Key Identifier:
keyid:0C:DE:0B:7E:67:8F:FE:A9:E3:AE:05:79:FE:E1:84:77:61:2E:4F:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3639A71/311E502AAD5211EE82F093AE775412E6/DN4LfmeP_qnjrgV5_uGEd2EuT-k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/DN4LfmeP_qnjrgV5_uGEd2EuT-k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3639A71/311E502AAD5211EE82F093AE775412E6/CE2F2690AD5311EE8E27B3B1775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.119.88.0/21
Signature Algorithm: sha256WithRSAEncryption
99:ff:1a:fb:49:ee:60:c3:c3:df:0c:81:af:59:0a:0d:f7:7c:
de:9a:00:a4:68:2a:1c:b4:5b:21:a8:a0:b4:e3:1e:19:ad:30:
ae:7c:11:0e:39:7c:a3:8a:62:1e:45:45:fc:92:b8:e1:e9:e1:
2f:3f:2a:36:20:ae:33:8e:b1:2c:ca:d7:5a:33:75:fa:aa:c5:
e7:39:50:eb:04:6d:0a:7a:5e:88:1b:e4:1a:be:a5:e7:4d:d0:
af:b8:04:2e:c7:42:6d:46:92:2f:a4:6b:9c:9f:0b:b9:08:a6:
11:fc:3d:1c:87:2e:8a:d9:6c:f0:49:84:6d:a5:17:1a:7d:c6:
1b:10:6d:26:72:73:cc:b2:c3:ee:8b:bd:f6:87:1f:a0:2a:3d:
62:53:aa:b2:11:9c:45:c1:58:07:33:ad:55:42:14:56:0c:11:
c3:b4:46:8d:e4:72:03:fb:73:d2:c9:57:a6:72:4a:a7:d0:1a:
08:e9:25:bb:0b:54:f3:ce:53:57:59:13:bc:1c:63:f4:d4:76:
eb:ac:7f:ae:0f:38:a2:9c:f7:64:01:0c:b2:97:7c:a3:90:36:
4f:b5:51:06:b7:ae:14:ae:57:39:1d:27:38:b1:88:e5:ba:b6:
f9:a1:fe:96:85:99:12:95:19:10:9c:f3:c1:d3:49:e7:1c:9e:
86:b4:31:f5
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
OUE3MUFSMTEwLwYDVQQFEygwQ0RFMEI3RTY3OEZGRUE5RTNBRTA1NzlGRUUxODQ3
NzYxMkU0RkU5MB4XDTI0MDEwNzExNTYzMVoXDTM0MDEwNzExNTYzMVowGDEWMBQG
A1UEAxMNNjU5YTkxNzMtZGFhYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOjAC3xe3MdLCy3cEKWo+QU4gAl+FLAhp5cJ8Jf2JRvNiukACZ/Cr5nWdEag
doRcSxna+bAqilscRrxfSn3BuiGkmGf5NKn+cWih3/nx00vw0DoeOLPvk947G9vi
f1yzKtTBh+yM5NzFVZ5UAXIKglzljxfEjUK5LUlNZUd3yvk1qE2bqxHG6B29GQls
fPbrrWmF1dEdze+XLFWEzSyaUNIR9p625ybmSEpkV1dm/RECJXhlVp1ji9IzYbVd
KY5sM4t2oLhoAEST0HiL2v1cZSHXJB0P+9ALfu+Yb5RpV5Ucd1/nVqDyIPYDhVDJ
clAJtKWlDNcEMiUx0mXRVj4grZUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBShTnJ2
MCjLBT13NB+IR2FGfnZpqzAfBgNVHSMEGDAWgBQM3gt+Z4/+qeOuBXn+4YR3YS5P
6TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzlBNzEvMzExRTUwMkFBRDUyMTFFRTgyRjA5M0FFNzc1NDEyRTYvRE40TGZt
ZVBfcW5qcmdWNV91R0VkMkV1VC1rLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
RE40TGZtZVBfcW5qcmdWNV91R0VkMkV1VC1rLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MzlBNzEvMzExRTUwMkFBRDUyMTFFRTgyRjA5M0FFNzc1NDEy
RTYvQ0UyRjI2OTBBRDUzMTFFRThFMjdCM0IxNzc1NDEyRTYucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA6B3WDANBgkqhkiG9w0BAQsFAAOC
AQEAmf8a+0nuYMPD3wyBr1kKDfd83poApGgqHLRbIaigtOMeGa0wrnwRDjl8o4pi
HkVF/JK44enhLz8qNiCuM46xLMrXWjN1+qrF5zlQ6wRtCnpeiBvkGr6l503Qr7gE
LsdCbUaSL6RrnJ8LuQimEfw9HIcuitls8EmEbaUXGn3GGxBtJnJzzLLD7ou99ocf
oCo9YlOqshGcRcFYBzOtVUIUVgwRw7RGjeRyA/tz0slXpnJKp9AaCOkluwtU885T
V1kTvBxj9NR266x/rg84opz3ZAEMspd8o5A2T7VRBreuFK5XOR0nOLGI5bq2+aH+
loWZEpUZEJzzwdNJ5xyehrQx9Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:33 2024 by rpki-client on console-ams.rpki-client.org