Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/35AAF9269B8511EC9C57BEA05A40D577.roa
File: 35AAF9269B8511EC9C57BEA05A40D577.roa (raw, json)
Hash identifier: IkRiEA4+pjihvXLHrg2ngxaBC/GnITy6qHEusBSCBlo=
Subject key identifier: 82:49:3E:33:A5:F0:93:94:07:AF:C2:74:44:86:C9:E8:9A:67:07:51
Certificate issuer: /CN=F3651E73AR/serialNumber=9CBA1420D721CC03023C5006D2251C20BAF4C882
Certificate serial: 080A
Authority key identifier: 9C:BA:14:20:D7:21:CC:03:02:3C:50:06:D2:25:1C:20:BA:F4:C8:82
Authority info access: rsync://rpki.afrinic.net/repository/arin/nLoUINchzAMCPFAG0iUcILr0yII.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/35AAF9269B8511EC9C57BEA05A40D577.roa
Signing time: Fri 04 Mar 2022 06:34:58 +0000
ROA not before: Fri 04 Mar 2022 06:34:45 +0000
ROA not after: Thu 04 Mar 2027 06:34:45 +0000
asID: 327983
IP address blocks: 160.19.112.0/20 maxlen: 24
169.239.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/nLoUINchzAMCPFAG0iUcILr0yII.crl
rsync://rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/nLoUINchzAMCPFAG0iUcILr0yII.mft
rsync://rpki.afrinic.net/repository/arin/nLoUINchzAMCPFAG0iUcILr0yII.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 05 May 2024 00:16:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2058 (0x80a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3651E73AR/serialNumber=9CBA1420D721CC03023C5006D2251C20BAF4C882
Validity
Not Before: Mar 4 06:34:45 2022 GMT
Not After : Mar 4 06:34:45 2027 GMT
Subject: CN=6221b311-96a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7c:61:62:f9:b8:4a:17:fa:43:97:78:08:bc:
84:cd:4b:e7:56:54:85:19:b5:63:2c:6a:b5:55:c2:
b4:dd:a5:4a:6d:7e:da:5f:34:57:2d:1d:30:2d:ab:
ad:c8:45:1c:d2:06:02:d7:63:03:81:5d:c0:5e:cb:
be:b5:3d:82:b9:fd:b7:87:78:6e:91:13:f0:d7:e6:
eb:7a:43:24:cc:0d:57:03:09:a2:23:a7:b8:b7:6a:
3d:02:97:d4:57:b7:0f:53:8a:26:62:e1:fc:b2:58:
7f:e7:12:66:13:49:3d:af:13:78:18:35:00:bc:0b:
92:d9:92:a0:90:cb:82:8e:c4:6e:37:41:aa:39:0b:
80:54:43:59:40:df:c3:5b:e0:38:ce:23:60:02:af:
36:21:b7:88:50:19:80:3c:f6:9c:72:95:8f:ca:f2:
8b:5e:27:8d:0b:6a:23:62:55:c3:67:89:6f:9b:40:
b3:5e:8e:dd:a6:70:3b:a5:af:be:5a:8f:4f:06:2d:
cf:d1:f2:e5:ad:c8:3f:4f:27:be:2b:aa:69:77:09:
6a:84:c8:6a:a5:2e:8d:c0:a1:4a:8e:31:ff:3c:a2:
41:04:4e:1f:6e:1f:ba:00:a6:01:c0:63:4c:e2:98:
f5:dc:34:9d:17:0e:80:48:ea:5d:7c:23:4a:29:59:
e8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:49:3E:33:A5:F0:93:94:07:AF:C2:74:44:86:C9:E8:9A:67:07:51
X509v3 Authority Key Identifier:
keyid:9C:BA:14:20:D7:21:CC:03:02:3C:50:06:D2:25:1C:20:BA:F4:C8:82
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/nLoUINchzAMCPFAG0iUcILr0yII.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/nLoUINchzAMCPFAG0iUcILr0yII.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3651E73/4D3CFA1A78C411E6BB9D4831F8AEA228/35AAF9269B8511EC9C57BEA05A40D577.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.19.112.0/20
169.239.208.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:d1:62:af:5a:5f:9d:c1:a0:b2:a4:17:05:84:03:6f:cb:1e:
e7:d0:74:70:1f:d8:4d:41:50:5e:9b:d8:b1:3f:b3:ce:c5:33:
c8:32:a1:1f:23:09:d7:a9:50:f8:5d:34:72:43:5c:32:68:21:
b4:6a:df:61:ea:86:e0:08:cc:4a:f3:2c:d8:58:31:6d:b2:92:
69:62:77:87:00:7d:d3:a2:2c:5d:f2:27:ee:bb:48:51:09:e7:
5b:b5:0f:d7:4d:c1:13:1b:89:7a:10:c3:2c:be:71:f2:d2:22:
61:09:d9:10:97:c5:61:82:d2:51:08:a1:93:cd:53:17:00:17:
cc:24:7a:a3:57:30:7d:f4:b7:f6:19:d5:0e:51:99:3a:5d:a5:
a3:c5:99:6c:47:78:d9:01:06:e1:59:1d:a7:26:bc:b6:42:e6:
d3:aa:65:85:d7:95:48:c2:b9:95:b3:fa:46:c1:4c:2e:d9:fc:
e2:ce:e7:ad:32:63:f9:0e:76:e9:ee:4f:f7:05:bf:93:54:88:
bc:b7:98:c1:9e:b3:15:08:d3:9c:89:83:a0:42:b8:31:24:0a:
71:80:c8:3b:d4:f3:55:d5:68:5a:5e:7b:15:05:1c:5d:e5:e9:
11:25:bb:4c:82:e2:0d:e1:4a:61:6b:96:6c:ad:4b:13:c2:c3:
26:87:e4:e7
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCAowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTFFNzNBUjExMC8GA1UEBRMoOUNCQTE0MjBENzIxQ0MwMzAyM0M1MDA2RDIyNTFD
MjBCQUY0Qzg4MjAeFw0yMjAzMDQwNjM0NDVaFw0yNzAzMDQwNjM0NDVaMBgxFjAU
BgNVBAMMDTYyMjFiMzExLTk2YTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCwfGFi+bhKF/pDl3gIvITNS+dWVIUZtWMsarVVwrTdpUptftpfNFctHTAt
q63IRRzSBgLXYwOBXcBey761PYK5/beHeG6RE/DX5ut6QyTMDVcDCaIjp7i3aj0C
l9RXtw9TiiZi4fyyWH/nEmYTST2vE3gYNQC8C5LZkqCQy4KOxG43Qao5C4BUQ1lA
38Nb4DjOI2ACrzYht4hQGYA89pxylY/K8oteJ40LaiNiVcNniW+bQLNejt2mcDul
r75aj08GLc/R8uWtyD9PJ74rqml3CWqEyGqlLo3AoUqOMf88okEETh9uH7oApgHA
Y0zimPXcNJ0XDoBI6l18I0opWegXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUgkk+
M6Xwk5QHr8J0RIbJ6JpnB1EwHwYDVR0jBBgwFoAUnLoUINchzAMCPFAG0iUcILr0
yIIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjUxRTczLzREM0NGQTFBNzhDNDExRTZCQjlENDgzMUY4QUVBMjI4L25Mb1VJ
TmNoekFNQ1BGQUcwaVVjSUxyMHlJSS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L25Mb1VJTmNoekFNQ1BGQUcwaVVjSUxyMHlJSS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjUxRTczLzREM0NGQTFBNzhDNDExRTZCQjlENDgzMUY4QUVB
MjI4LzM1QUFGOTI2OUI4NTExRUM5QzU3QkVBMDVBNDBENTc3LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBASgE3ADBAKp79AwDQYJKoZIhvcN
AQELBQADggEBAGvRYq9aX53BoLKkFwWEA2/LHufQdHAf2E1BUF6b2LE/s87FM8gy
oR8jCdepUPhdNHJDXDJoIbRq32HqhuAIzErzLNhYMW2ykmlid4cAfdOiLF3yJ+67
SFEJ51u1D9dNwRMbiXoQwyy+cfLSImEJ2RCXxWGC0lEIoZPNUxcAF8wkeqNXMH30
t/YZ1Q5RmTpdpaPFmWxHeNkBBuFZHacmvLZC5tOqZYXXlUjCuZWz+kbBTC7Z/OLO
560yY/kOdunuT/cFv5NUiLy3mMGesxUI05yJg6BCuDEkCnGAyDvU81XVaFpeexUF
HF3l6RElu0yC4g3hSmFrlmytSxPCwyaH5Oc=
-----END CERTIFICATE-----
Generated at Fri May 3 01:29:40 2024 by rpki-client on console-fra.rpki-client.org