Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3646FFE/AF17C9DEB02911ECABDF2FC05A40D577/5C5FD3B8B1B811ECBE7762D35A40D577.roa
File: 5C5FD3B8B1B811ECBE7762D35A40D577.roa (raw, json)
Hash identifier: vGmD4pROB8VFUopnGf6To3GzFkP29HGjp5Gl6MpnPn0=
Subject key identifier: B1:9A:BE:66:08:3C:CA:3F:17:85:AB:B1:9D:C4:CB:96:1F:96:45:F4
Certificate issuer: /CN=F3646FFEAR/serialNumber=253F1A68771510A6656D7D660F503D55B06B9004
Certificate serial: 04
Authority key identifier: 25:3F:1A:68:77:15:10:A6:65:6D:7D:66:0F:50:3D:55:B0:6B:90:04
Authority info access: rsync://rpki.afrinic.net/repository/arin/JT8aaHcVEKZlbX1mD1A9VbBrkAQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3646FFE/AF17C9DEB02911ECABDF2FC05A40D577/5C5FD3B8B1B811ECBE7762D35A40D577.roa
Signing time: Fri 01 Apr 2022 12:36:33 +0000
ROA not before: Fri 01 Apr 2022 12:36:29 +0000
ROA not after: Fri 30 Apr 2032 12:36:29 +0000
asID: 37121
IP address blocks: 147.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3646FFE/AF17C9DEB02911ECABDF2FC05A40D577/JT8aaHcVEKZlbX1mD1A9VbBrkAQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F3646FFE/AF17C9DEB02911ECABDF2FC05A40D577/JT8aaHcVEKZlbX1mD1A9VbBrkAQ.mft
rsync://rpki.afrinic.net/repository/arin/JT8aaHcVEKZlbX1mD1A9VbBrkAQ.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3646FFEAR/serialNumber=253F1A68771510A6656D7D660F503D55B06B9004
Validity
Not Before: Apr 1 12:36:29 2022 GMT
Not After : Apr 30 12:36:29 2032 GMT
Subject: CN=6246f1d0-7cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4c:8c:c0:98:07:83:25:ac:72:ec:d0:9c:fc:
02:f0:bb:ff:ef:ef:e5:ea:80:57:be:3c:e0:cf:6b:
c2:ca:fc:0c:28:26:17:a5:37:8a:86:5f:d5:19:39:
56:6e:d7:e1:3a:a6:61:5a:4e:88:32:27:d9:31:39:
8b:9f:d4:8e:4c:74:a9:39:8a:3c:bf:69:41:b2:76:
b2:29:5a:6e:09:fb:65:d4:fe:5e:cb:62:d8:8d:26:
78:98:b1:c1:1a:19:a1:47:36:a8:9b:90:01:5a:ed:
10:46:16:04:48:c2:1b:c4:2d:34:67:53:8a:9b:15:
90:c8:2d:fd:33:63:5c:66:0a:5d:a6:f7:5d:06:cd:
55:04:bd:09:bc:e3:7c:df:7b:40:96:ae:b3:86:65:
c2:b3:46:48:d2:9b:d7:3c:a8:87:b4:ea:7d:1f:ca:
e4:c1:40:a7:c2:4b:83:81:51:81:7e:01:90:e1:d6:
3c:28:11:4d:09:36:1b:4b:51:d9:86:9a:e9:60:0f:
dc:6f:83:a4:c7:46:42:fb:32:b7:f3:91:aa:c0:ae:
d2:8e:82:24:d9:fb:3d:41:9b:2c:4a:f0:d3:7e:eb:
df:69:03:fb:af:e7:31:0d:42:a3:a4:56:d8:97:4c:
fc:02:7f:c1:91:fd:85:03:ea:7f:80:fe:e1:80:49:
26:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9A:BE:66:08:3C:CA:3F:17:85:AB:B1:9D:C4:CB:96:1F:96:45:F4
X509v3 Authority Key Identifier:
keyid:25:3F:1A:68:77:15:10:A6:65:6D:7D:66:0F:50:3D:55:B0:6B:90:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3646FFE/AF17C9DEB02911ECABDF2FC05A40D577/JT8aaHcVEKZlbX1mD1A9VbBrkAQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/JT8aaHcVEKZlbX1mD1A9VbBrkAQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3646FFE/AF17C9DEB02911ECABDF2FC05A40D577/5C5FD3B8B1B811ECBE7762D35A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:2c:eb:70:cc:5c:4b:1a:e5:be:9b:0d:2a:ca:6f:74:17:5f:
e5:9d:2f:22:8a:0f:26:11:04:e1:21:2c:33:3d:d2:a2:45:d2:
a3:98:a4:0d:d9:f1:0a:2b:4c:b1:f0:34:ea:12:3f:6a:73:01:
70:1c:a1:9d:43:60:f4:c9:5a:8f:6e:b0:66:39:04:7d:db:d9:
42:a6:33:15:80:66:5b:3c:8f:01:85:a3:3f:f5:c8:10:1f:3f:
7d:93:38:32:f6:b5:09:f3:2c:40:8a:71:c5:df:78:8b:0c:20:
66:4d:d5:b7:56:ed:bd:6d:03:37:42:0e:fc:82:9e:16:a7:f2:
bd:2c:30:1c:f9:a6:a2:42:6e:2f:b6:10:df:61:4f:6d:99:21:
a4:12:f4:bf:b9:5a:1e:d2:21:68:40:86:47:bb:90:7f:f6:c6:
cd:48:14:47:87:a2:76:7b:30:fa:e6:40:1b:5d:52:eb:f2:7e:
f1:5b:6a:b0:84:a7:c3:ee:65:dc:50:a9:36:1b:b9:a8:99:60:
6e:f6:7c:8a:9b:f9:26:67:0e:f0:b0:6b:48:d3:0c:ba:d9:55:
da:60:f8:8b:0d:56:4a:a0:f7:2a:13:7c:5f:7c:b7:63:af:69:
fa:f6:be:c4:87:c6:fa:f9:51:e6:00:fd:66:e1:98:46:7e:e1:
ef:40:88:40
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
NkZGRUFSMTEwLwYDVQQFEygyNTNGMUE2ODc3MTUxMEE2NjU2RDdENjYwRjUwM0Q1
NUIwNkI5MDA0MB4XDTIyMDQwMTEyMzYyOVoXDTMyMDQzMDEyMzYyOVowGDEWMBQG
A1UEAwwNNjI0NmYxZDAtN2NiMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpMjMCYB4MlrHLs0Jz8AvC7/+/v5eqAV7484M9rwsr8DCgmF6U3ioZf1Rk5
Vm7X4TqmYVpOiDIn2TE5i5/Ujkx0qTmKPL9pQbJ2silabgn7ZdT+Xsti2I0meJix
wRoZoUc2qJuQAVrtEEYWBEjCG8QtNGdTipsVkMgt/TNjXGYKXab3XQbNVQS9Cbzj
fN97QJaus4ZlwrNGSNKb1zyoh7TqfR/K5MFAp8JLg4FRgX4BkOHWPCgRTQk2G0tR
2Yaa6WAP3G+DpMdGQvsyt/ORqsCu0o6CJNn7PUGbLErw037r32kD+6/nMQ1Co6RW
2JdM/AJ/wZH9hQPqf4D+4YBJJrsCAwEAAaOCAqEwggKdMB0GA1UdDgQWBBSxmr5m
CDzKPxeFq7GdxMuWH5ZF9DAfBgNVHSMEGDAWgBQlPxpodxUQpmVtfWYPUD1VsGuQ
BDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDZGRkUvQUYxN0M5REVCMDI5MTFFQ0FCREYyRkMwNUE0MEQ1NzcvSlQ4YWFI
Y1ZFS1psYlgxbUQxQTlWYkJya0FRLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SlQ4YWFIY1ZFS1psYlgxbUQxQTlWYkJya0FRLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NDZGRkUvQUYxN0M5REVCMDI5MTFFQ0FCREYyRkMwNUE0MEQ1
NzcvNUM1RkQzQjhCMUI4MTFFQ0JFNzc2MkQzNUE0MEQ1Nzcucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJNuMA0GCSqGSIb3DQEBCwUAA4IB
AQC1LOtwzFxLGuW+mw0qym90F1/lnS8iig8mEQThISwzPdKiRdKjmKQN2fEKK0yx
8DTqEj9qcwFwHKGdQ2D0yVqPbrBmOQR929lCpjMVgGZbPI8BhaM/9cgQHz99kzgy
9rUJ8yxAinHF33iLDCBmTdW3Vu29bQM3Qg78gp4Wp/K9LDAc+aaiQm4vthDfYU9t
mSGkEvS/uVoe0iFoQIZHu5B/9sbNSBRHh6J2ezD65kAbXVLr8n7xW2qwhKfD7mXc
UKk2G7momWBu9nyKm/kmZw7wsGtI0wy62VXaYPiLDVZKoPcqE3xffLdjr2n69r7E
h8b6+VHmAP1m4ZhGfuHvQIhA
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:34 2024 by rpki-client on console-ams.rpki-client.org