Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/3E5464B4C23911ED988FECF5F1222468.roa
File: 3E5464B4C23911ED988FECF5F1222468.roa (raw, json)
Hash identifier: /hp7kvSrcZNgp2PjQqGMre4rusrPNDhZ4t/WjMK1l7g=
Subject key identifier: F2:76:1A:D6:17:B9:B2:25:5E:46:3F:C7:09:F8:A6:2A:6D:42:4C:21
Certificate issuer: /CN=F364379DAR/serialNumber=FAC0EA242A80AB5B5969BFA61DD5D994B2156EB5
Certificate serial: 06
Authority key identifier: FA:C0:EA:24:2A:80:AB:5B:59:69:BF:A6:1D:D5:D9:94:B2:15:6E:B5
Authority info access: rsync://rpki.afrinic.net/repository/arin/-sDqJCqAq1tZab-mHdXZlLIVbrU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/3E5464B4C23911ED988FECF5F1222468.roa
Signing time: Tue 14 Mar 2023 07:24:23 +0000
ROA not before: Tue 14 Mar 2023 07:24:12 +0000
ROA not after: Fri 14 Mar 2025 07:24:12 +0000
asID: 37014
IP address blocks: 156.38.4.0/22 maxlen: 22
156.38.4.0/24 maxlen: 24
156.38.5.0/24 maxlen: 24
156.38.6.0/24 maxlen: 24
156.38.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/-sDqJCqAq1tZab-mHdXZlLIVbrU.crl
rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/-sDqJCqAq1tZab-mHdXZlLIVbrU.mft
rsync://rpki.afrinic.net/repository/arin/-sDqJCqAq1tZab-mHdXZlLIVbrU.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 29 May 2024 00:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364379DAR/serialNumber=FAC0EA242A80AB5B5969BFA61DD5D994B2156EB5
Validity
Not Before: Mar 14 07:24:12 2023 GMT
Not After : Mar 14 07:24:12 2025 GMT
Subject: CN=64102127-2a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:91:10:09:04:bd:b4:86:97:97:32:9e:f3:6d:
66:05:b3:6d:0e:87:02:23:6e:5d:b9:86:27:44:10:
8b:2b:ff:9b:0d:ea:f4:16:38:78:51:00:91:d8:f6:
75:82:79:16:0f:72:31:91:e4:84:15:ce:f0:bc:15:
48:92:a2:9e:07:49:f8:17:be:23:3c:b7:c7:b8:a1:
86:6a:51:63:b3:d7:b4:02:a3:78:5c:97:57:b2:1c:
48:55:01:d8:32:3d:9f:6c:0b:42:fc:6d:fa:5a:68:
23:10:5e:be:8a:e5:19:ec:28:6c:a8:5c:bc:a5:c6:
fd:71:05:fa:e1:72:f5:a2:8b:b5:56:7c:64:24:42:
48:f1:0e:b8:90:c7:c0:a0:ec:55:02:92:44:07:ec:
78:d0:17:19:ea:00:93:6a:40:2f:0e:04:ab:0f:5c:
84:16:48:e0:17:f0:57:af:59:04:7e:fa:02:1b:6e:
53:5a:b7:26:1f:7d:d9:b0:55:7e:c9:02:c8:97:86:
e5:81:a3:af:17:e2:87:9c:f9:79:cd:a9:88:1a:b6:
90:33:cb:be:00:39:54:e6:ef:93:d0:b1:32:d9:92:
2a:51:5b:d9:c4:d2:3f:aa:16:76:10:c2:d3:56:d5:
09:80:a7:83:a9:80:d3:3b:7b:c6:7a:16:36:4d:93:
63:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:76:1A:D6:17:B9:B2:25:5E:46:3F:C7:09:F8:A6:2A:6D:42:4C:21
X509v3 Authority Key Identifier:
keyid:FA:C0:EA:24:2A:80:AB:5B:59:69:BF:A6:1D:D5:D9:94:B2:15:6E:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/-sDqJCqAq1tZab-mHdXZlLIVbrU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-sDqJCqAq1tZab-mHdXZlLIVbrU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/3E5464B4C23911ED988FECF5F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.38.4.0/22
Signature Algorithm: sha256WithRSAEncryption
39:12:25:a5:15:92:1b:aa:4d:d6:5f:c9:88:29:2b:d8:ff:0f:
ed:58:0b:27:bc:32:47:02:a4:f5:fd:71:29:ce:f8:c9:9e:4d:
e1:f2:05:d5:bd:8b:d9:f6:4d:b0:15:39:3d:85:20:8b:36:ae:
c1:56:1a:13:b9:81:85:c9:41:b2:ad:ab:aa:28:8a:72:48:34:
6b:56:43:20:30:3c:7b:c7:9f:17:70:67:56:14:6f:a9:bb:56:
8f:a6:58:93:2c:0d:3b:69:53:2a:68:7b:32:b3:4d:fc:07:12:
c3:d5:24:37:65:f9:0f:a4:50:fd:96:8e:6e:b6:7b:e5:05:60:
ca:53:4b:3c:64:36:e5:e3:95:49:93:01:fa:24:a1:9d:16:79:
bb:6c:72:8c:56:bf:27:7a:3f:56:5b:d1:9e:22:c7:f3:44:29:
32:92:be:ed:94:96:1a:06:9a:62:14:c8:ea:9d:63:ec:00:4a:
20:ba:38:2c:e6:0d:47:5d:20:06:ac:06:21:57:47:b6:70:cc:
5a:7e:5c:01:30:d3:5f:9b:92:e2:24:e3:0b:b2:50:34:24:2f:
34:c1:b9:53:a1:04:24:27:2b:65:11:37:71:3a:8a:3b:e7:35:
b7:f1:78:98:1c:4d:8f:80:72:6c:75:c9:b2:b2:2c:47:b9:8d:
20:92:b5:c7
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
Mzc5REFSMTEwLwYDVQQFEyhGQUMwRUEyNDJBODBBQjVCNTk2OUJGQTYxREQ1RDk5
NEIyMTU2RUI1MB4XDTIzMDMxNDA3MjQxMloXDTI1MDMxNDA3MjQxMlowGDEWMBQG
A1UEAwwNNjQxMDIxMjctMmE4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWREAkEvbSGl5cynvNtZgWzbQ6HAiNuXbmGJ0QQiyv/mw3q9BY4eFEAkdj2
dYJ5Fg9yMZHkhBXO8LwVSJKingdJ+Be+Izy3x7ihhmpRY7PXtAKjeFyXV7IcSFUB
2DI9n2wLQvxt+lpoIxBevorlGewobKhcvKXG/XEF+uFy9aKLtVZ8ZCRCSPEOuJDH
wKDsVQKSRAfseNAXGeoAk2pALw4Eqw9chBZI4BfwV69ZBH76AhtuU1q3Jh992bBV
fskCyJeG5YGjrxfih5z5ec2piBq2kDPLvgA5VObvk9CxMtmSKlFb2cTSP6oWdhDC
01bVCYCng6mA0zt7xnoWNk2TY9kCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTydhrW
F7myJV5GP8cJ+KYqbUJMITAfBgNVHSMEGDAWgBT6wOokKoCrW1lpv6Yd1dmUshVu
tTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDM3OUQvNTAyQTk3RDRCRjNEMTFFREI4REI0MEYxRjEyMjI0NjgvLXNEcUpD
cUFxMXRaYWItbUhkWFpsTElWYnJVLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
LXNEcUpDcUFxMXRaYWItbUhkWFpsTElWYnJVLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NDM3OUQvNTAyQTk3RDRCRjNEMTFFREI4REI0MEYxRjEyMjI0
NjgvM0U1NDY0QjRDMjM5MTFFRDk4OEZFQ0Y1RjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApwmBDANBgkqhkiG9w0BAQsFAAOC
AQEAORIlpRWSG6pN1l/JiCkr2P8P7VgLJ7wyRwKk9f1xKc74yZ5N4fIF1b2L2fZN
sBU5PYUgizauwVYaE7mBhclBsq2rqiiKckg0a1ZDIDA8e8efF3BnVhRvqbtWj6ZY
kywNO2lTKmh7MrNN/AcSw9UkN2X5D6RQ/ZaObrZ75QVgylNLPGQ25eOVSZMB+iSh
nRZ5u2xyjFa/J3o/VlvRniLH80QpMpK+7ZSWGgaaYhTI6p1j7ABKILo4LOYNR10g
BqwGIVdHtnDMWn5cATDTX5uS4iTjC7JQNCQvNMG5U6EEJCcrZRE3cTqKO+c1t/F4
mBxNj4BybHXJsrIsR7mNIJK1xw==
-----END CERTIFICATE-----
Generated at Mon May 27 02:56:53 2024 by rpki-client on console-fra.rpki-client.org