Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/33698F34D12B11ECA93204ECF1222468.roa
File: 33698F34D12B11ECA93204ECF1222468.roa (raw, json)
Hash identifier: hag20uRl3/i6kvsUjp3dDDisdoIlpZDsNJowq7IAf4U=
Subject key identifier: 18:EF:58:4E:6A:0E:D3:15:D3:D9:38:E0:3B:52:CC:58:63:6B:3C:1F
Certificate issuer: /CN=F3644FCCAR/serialNumber=88FE8D7BD3B7DC3D54425B8C736D2CEC387F737C
Certificate serial: 02
Authority key identifier: 88:FE:8D:7B:D3:B7:DC:3D:54:42:5B:8C:73:6D:2C:EC:38:7F:73:7C
Authority info access: rsync://rpki.afrinic.net/repository/arin/iP6Ne9O33D1UQluMc20s7Dh_c3w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/33698F34D12B11ECA93204ECF1222468.roa
Signing time: Wed 11 May 2022 13:06:42 +0000
ROA not before: Wed 11 May 2022 13:06:38 +0000
ROA not after: Tue 11 May 2032 13:06:38 +0000
asID: 25695
IP address blocks: 64.57.112.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/iP6Ne9O33D1UQluMc20s7Dh_c3w.crl
rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/iP6Ne9O33D1UQluMc20s7Dh_c3w.mft
rsync://rpki.afrinic.net/repository/arin/iP6Ne9O33D1UQluMc20s7Dh_c3w.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 10 May 2024 00:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3644FCCAR/serialNumber=88FE8D7BD3B7DC3D54425B8C736D2CEC387F737C
Validity
Not Before: May 11 13:06:38 2022 GMT
Not After : May 11 13:06:38 2032 GMT
Subject: CN=627bb4e2-c179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c4:d1:25:ec:f7:9b:d6:2c:37:48:92:03:01:
ba:1f:ce:4d:dc:66:05:46:6d:ff:fe:e7:07:0e:b8:
36:d2:53:b7:d0:f1:ae:0b:36:d8:96:86:8c:7b:65:
1e:75:f0:df:9a:54:00:04:41:39:a7:cd:96:97:af:
b6:b4:c7:06:69:b1:d6:f8:fd:35:02:a3:d3:07:06:
93:03:bb:53:86:fe:eb:c7:a9:5b:65:10:78:af:73:
b0:39:2b:35:5d:55:d8:7a:e4:b0:a8:ac:b5:0f:70:
27:b9:dc:c4:2a:8f:6a:4a:80:04:3e:bc:4d:3c:f2:
c2:95:e3:4d:95:cb:ba:03:14:3a:6f:7c:f1:09:58:
a4:4d:ff:f1:00:b0:3a:d1:06:4e:45:d6:7e:e0:b8:
84:ff:27:b6:0f:0a:45:88:27:72:b1:94:1e:b2:1a:
3d:c6:6e:24:38:21:06:ab:01:c3:0f:85:dd:34:5a:
5f:d2:fa:79:c0:09:e9:22:cf:98:a7:90:bc:7b:ac:
40:b8:f6:1e:8c:e2:5d:2c:ff:aa:9e:ce:69:9c:82:
c5:ed:89:6a:4e:26:71:40:17:7e:8e:c2:62:19:62:
5b:7c:33:a1:1f:93:3a:9c:f8:ac:98:2c:f5:6c:b1:
df:47:4f:c2:83:51:4b:fe:a4:eb:8a:11:71:d0:af:
30:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:EF:58:4E:6A:0E:D3:15:D3:D9:38:E0:3B:52:CC:58:63:6B:3C:1F
X509v3 Authority Key Identifier:
keyid:88:FE:8D:7B:D3:B7:DC:3D:54:42:5B:8C:73:6D:2C:EC:38:7F:73:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/iP6Ne9O33D1UQluMc20s7Dh_c3w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/iP6Ne9O33D1UQluMc20s7Dh_c3w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644FCC/9E115C3CD12A11EC9A8943EAF1222468/33698F34D12B11ECA93204ECF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.57.112.0/20
Signature Algorithm: sha256WithRSAEncryption
13:c2:c3:df:59:cd:8c:82:10:99:93:03:35:32:e2:53:c9:92:
34:e6:f4:9e:e6:e4:26:a6:32:37:b0:52:4a:b8:2a:38:12:19:
52:0d:dd:2c:b1:57:65:07:cb:f2:bf:c1:ee:b6:72:86:55:6f:
d3:42:32:5d:e8:d8:f9:eb:76:3f:b6:41:70:44:e7:19:92:c5:
bf:e2:67:5a:06:dc:e8:37:ef:84:68:8d:7e:42:4f:73:1a:9d:
c1:6c:75:19:9f:3d:c7:3c:07:d3:ee:b2:19:fe:5c:17:62:a8:
94:cc:95:36:14:f4:42:58:31:ed:2d:09:4f:f6:06:e7:00:0d:
74:1d:a3:3f:b6:84:cf:ca:9e:08:b0:9e:34:3d:e5:47:bb:74:
3a:f5:6f:6d:5e:03:15:0e:2b:d3:6a:6b:93:02:25:ff:65:64:
92:4b:e7:e8:4b:82:80:92:6f:91:fb:83:05:43:e0:c2:02:41:
09:01:d8:c7:fb:24:8f:85:bd:89:4d:5f:be:84:6c:38:48:77:
66:02:75:71:9a:be:e7:5e:4e:25:35:c2:a6:8a:36:6f:cb:e6:
05:ec:49:36:ce:5f:c6:d3:a0:16:bb:2e:97:74:0e:03:65:f7:
37:69:a2:1e:6f:6b:e7:8e:0d:e7:3a:e9:ff:52:29:d6:8d:0d:
80:c9:33:fd
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
NEZDQ0FSMTEwLwYDVQQFEyg4OEZFOEQ3QkQzQjdEQzNENTQ0MjVCOEM3MzZEMkNF
QzM4N0Y3MzdDMB4XDTIyMDUxMTEzMDYzOFoXDTMyMDUxMTEzMDYzOFowGDEWMBQG
A1UEAwwNNjI3YmI0ZTItYzE3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJrE0SXs95vWLDdIkgMBuh/OTdxmBUZt//7nBw64NtJTt9Dxrgs22JaGjHtl
HnXw35pUAARBOafNlpevtrTHBmmx1vj9NQKj0wcGkwO7U4b+68epW2UQeK9zsDkr
NV1V2HrksKistQ9wJ7ncxCqPakqABD68TTzywpXjTZXLugMUOm988QlYpE3/8QCw
OtEGTkXWfuC4hP8ntg8KRYgncrGUHrIaPcZuJDghBqsBww+F3TRaX9L6ecAJ6SLP
mKeQvHusQLj2HoziXSz/qp7OaZyCxe2Jak4mcUAXfo7CYhliW3wzoR+TOpz4rJgs
9Wyx30dPwoNRS/6k64oRcdCvMAMCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQY71hO
ag7TFdPZOOA7UsxYY2s8HzAfBgNVHSMEGDAWgBSI/o1707fcPVRCW4xzbSzsOH9z
fDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDRGQ0MvOUUxMTVDM0NEMTJBMTFFQzlBODk0M0VBRjEyMjI0NjgvaVA2TmU5
TzMzRDFVUWx1TWMyMHM3RGhfYzN3LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
aVA2TmU5TzMzRDFVUWx1TWMyMHM3RGhfYzN3LmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NDRGQ0MvOUUxMTVDM0NEMTJBMTFFQzlBODk0M0VBRjEyMjI0
NjgvMzM2OThGMzREMTJCMTFFQ0E5MzIwNEVDRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBEA5cDANBgkqhkiG9w0BAQsFAAOC
AQEAE8LD31nNjIIQmZMDNTLiU8mSNOb0nubkJqYyN7BSSrgqOBIZUg3dLLFXZQfL
8r/B7rZyhlVv00IyXejY+et2P7ZBcETnGZLFv+JnWgbc6DfvhGiNfkJPcxqdwWx1
GZ89xzwH0+6yGf5cF2KolMyVNhT0Qlgx7S0JT/YG5wANdB2jP7aEz8qeCLCeND3l
R7t0OvVvbV4DFQ4r02prkwIl/2Vkkkvn6EuCgJJvkfuDBUPgwgJBCQHYx/skj4W9
iU1fvoRsOEh3ZgJ1cZq+515OJTXCpoo2b8vmBexJNs5fxtOgFrsul3QOA2X3N2mi
Hm9r544N5zrp/1Ip1o0NgMkz/Q==
-----END CERTIFICATE-----
Generated at Wed May 8 04:28:27 2024 by rpki-client on console-ams.rpki-client.org