Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3656177/C2857264C85811E6A8EE465FF8AEA228/B6DAAC5EC8C811E9B566A258F8AEA228.roa
File: B6DAAC5EC8C811E9B566A258F8AEA228.roa (raw, json)
Hash identifier: Y4yGjlwVyROuEGeowY33dWqLnQRQW/byvC0cJpLJ8EA=
Subject key identifier: BA:72:CA:89:39:86:0A:CA:FB:3C:C6:8A:8F:60:9A:F0:39:C8:86:32
Certificate issuer: /CN=F3656177AR/serialNumber=1A8F0F74FA3A602F47FCEC36B8B3F79E21F30018
Certificate serial: 03F1
Authority key identifier: 1A:8F:0F:74:FA:3A:60:2F:47:FC:EC:36:B8:B3:F7:9E:21:F3:00:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/Go8PdPo6YC9H_Ow2uLP3niHzABg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3656177/C2857264C85811E6A8EE465FF8AEA228/B6DAAC5EC8C811E9B566A258F8AEA228.roa
Signing time: Tue 27 Aug 2019 12:46:41 +0000
ROA not before: Tue 27 Aug 2019 12:46:36 +0000
ROA not after: Mon 27 Aug 2029 12:46:36 +0000
asID: 328032
IP address blocks: 160.20.24.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3656177/C2857264C85811E6A8EE465FF8AEA228/Go8PdPo6YC9H_Ow2uLP3niHzABg.crl
rsync://rpki.afrinic.net/repository/member_repository/F3656177/C2857264C85811E6A8EE465FF8AEA228/Go8PdPo6YC9H_Ow2uLP3niHzABg.mft
rsync://rpki.afrinic.net/repository/arin/Go8PdPo6YC9H_Ow2uLP3niHzABg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Apr 2024 00:16:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1009 (0x3f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3656177AR/serialNumber=1A8F0F74FA3A602F47FCEC36B8B3F79E21F30018
Validity
Not Before: Aug 27 12:46:36 2019 GMT
Not After : Aug 27 12:46:36 2029 GMT
Subject: CN=5d652630-d117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6c:95:a3:b7:ba:02:18:8a:83:56:b4:a8:0e:
5a:8d:9b:15:32:a0:86:37:94:d1:23:bf:ea:c7:40:
6c:df:6d:23:0e:ad:6a:22:ed:14:5d:fc:e2:67:ab:
db:67:04:28:20:1e:bf:a2:10:b2:c3:92:58:ec:29:
36:90:6b:56:1a:25:b3:45:46:7d:44:fa:c8:cc:9f:
7c:69:27:55:dc:f2:80:5f:ea:66:47:2f:42:bf:ea:
3d:e9:0c:e1:ea:41:5d:24:3a:d6:8c:2d:30:63:43:
61:d0:2c:e1:8f:60:62:df:b3:bd:81:c5:21:13:90:
ff:29:40:76:72:67:98:3f:ad:77:e7:b2:8f:e3:4e:
20:6a:d8:fd:60:be:31:40:81:e1:f5:7e:bb:aa:52:
7c:94:af:64:91:66:db:19:02:5c:f1:28:49:52:79:
8e:3f:e2:29:ae:25:9b:0c:7f:44:0a:b7:3e:44:6a:
db:00:84:db:ca:5e:13:6b:0c:cd:68:2c:54:33:57:
a9:46:e5:04:25:09:6f:59:8e:2f:0c:2d:d6:7e:67:
ad:df:7e:0a:2f:41:49:d4:f6:cf:f5:e6:0e:f5:3a:
8d:49:3f:2a:37:bc:fd:6b:41:25:b3:75:07:2f:1c:
a9:7d:63:0f:ad:7e:0e:15:85:21:95:95:9e:a0:17:
c6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:72:CA:89:39:86:0A:CA:FB:3C:C6:8A:8F:60:9A:F0:39:C8:86:32
X509v3 Authority Key Identifier:
keyid:1A:8F:0F:74:FA:3A:60:2F:47:FC:EC:36:B8:B3:F7:9E:21:F3:00:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3656177/C2857264C85811E6A8EE465FF8AEA228/Go8PdPo6YC9H_Ow2uLP3niHzABg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/Go8PdPo6YC9H_Ow2uLP3niHzABg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3656177/C2857264C85811E6A8EE465FF8AEA228/B6DAAC5EC8C811E9B566A258F8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
160.20.24.0/21
Signature Algorithm: sha256WithRSAEncryption
39:8f:4f:aa:b5:7e:2f:3d:e4:f0:e6:9b:eb:ce:71:23:d1:f8:
cd:75:c7:d5:4c:54:57:28:23:ef:9a:32:6f:94:ee:a5:b3:a3:
1d:aa:61:85:26:36:ca:fd:bc:99:1d:5d:51:18:15:81:c2:29:
37:32:79:59:bc:a5:d3:51:f5:14:7f:b1:4d:b4:23:ab:85:20:
93:c3:66:22:aa:cf:ae:eb:40:17:b8:f7:70:39:95:a3:3d:ea:
97:84:30:b4:19:1c:9e:ab:f5:7c:f3:8e:d1:2c:2b:72:78:06:
38:25:f8:7c:89:7f:c8:6a:0e:03:8c:76:cb:81:a7:2b:4c:e9:
fa:a0:26:d5:64:55:bd:e8:34:c5:fe:79:9f:3d:5f:7c:c3:b5:
4b:54:6f:8a:16:b1:8c:06:8d:df:5c:36:d3:11:61:67:0f:eb:
0f:b3:11:97:dc:9c:1a:2f:5b:83:15:29:9f:3d:24:f8:23:9e:
3f:3f:9f:6e:d2:64:dd:6b:3a:1d:2a:5a:5e:21:0c:d3:4b:35:
93:ca:16:59:a4:16:65:2a:bd:0e:d1:6e:c4:2c:95:69:30:a2:
9f:16:8a:5d:c3:79:a4:e3:a0:30:d2:02:d4:d7:89:5e:04:bc:
bf:c5:e6:f1:ba:2f:3a:10:de:fb:57:da:9f:25:9f:6e:f7:da:
79:24:5d:ed
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgICA/EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTYxNzdBUjExMC8GA1UEBRMoMUE4RjBGNzRGQTNBNjAyRjQ3RkNFQzM2QjhCM0Y3
OUUyMUYzMDAxODAeFw0xOTA4MjcxMjQ2MzZaFw0yOTA4MjcxMjQ2MzZaMBgxFjAU
BgNVBAMTDTVkNjUyNjMwLWQxMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCqbJWjt7oCGIqDVrSoDlqNmxUyoIY3lNEjv+rHQGzfbSMOrWoi7RRd/OJn
q9tnBCggHr+iELLDkljsKTaQa1YaJbNFRn1E+sjMn3xpJ1Xc8oBf6mZHL0K/6j3p
DOHqQV0kOtaMLTBjQ2HQLOGPYGLfs72BxSETkP8pQHZyZ5g/rXfnso/jTiBq2P1g
vjFAgeH1fruqUnyUr2SRZtsZAlzxKElSeY4/4imuJZsMf0QKtz5EatsAhNvKXhNr
DM1oLFQzV6lG5QQlCW9Zji8MLdZ+Z63ffgovQUnU9s/15g71Oo1JPyo3vP1rQSWz
dQcvHKl9Yw+tfg4VhSGVlZ6gF8ZZAgMBAAGjggJrMIICZzAdBgNVHQ4EFgQUunLK
iTmGCsr7PMaKj2Ca8DnIhjIwHwYDVR0jBBgwFoAUGo8PdPo6YC9H/Ow2uLP3niHz
ABgwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU2MTc3L0MyODU3MjY0Qzg1ODExRTZBOEVFNDY1RkY4QUVBMjI4L0dvOFBk
UG82WUM5SF9PdzJ1TFAzbmlIekFCZy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0dvOFBkUG82WUM5SF9PdzJ1TFAzbmlIekFCZy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU2MTc3L0MyODU3MjY0Qzg1ODExRTZBOEVFNDY1RkY4QUVB
MjI4L0I2REFBQzVFQzhDODExRTlCNTY2QTI1OEY4QUVBMjI4LnJvYTAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEA6AUGDANBgkqhkiG9w0BAQsFAAOCAQEAOY9P
qrV+Lz3k8Oab685xI9H4zXXH1UxUVygj75oyb5TupbOjHaphhSY2yv28mR1dURgV
gcIpNzJ5Wbyl01H1FH+xTbQjq4Ugk8NmIqrPrutAF7j3cDmVoz3ql4QwtBkcnqv1
fPOO0SwrcngGOCX4fIl/yGoOA4x2y4GnK0zp+qAm1WRVveg0xf55nz1ffMO1S1Rv
ihaxjAaN31w20xFhZw/rD7MRl9ycGi9bgxUpnz0k+COePz+fbtJk3Ws6HSpaXiEM
00s1k8oWWaQWZSq9DtFuxCyVaTCinxaKXcN5pOOgMNIC1NeJXgS8v8Xm8bovOhDe
+1fanyWfbvfaeSRd7Q==
-----END CERTIFICATE-----
Generated at Thu Apr 18 02:44:35 2024 by rpki-client on console-fra.rpki-client.org