Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/6825EFB4B9EC11EE9FDF6A94775412E6.roa
File: 6825EFB4B9EC11EE9FDF6A94775412E6.roa (raw, json)
Hash identifier: EsEK/VVaEqLbjnepq/8j7WtLiv3asTBJvWGb/USTBQs=
Subject key identifier: 57:34:DD:75:54:D7:37:B2:E8:C9:65:1A:58:E7:DC:1E:B3:1A:BB:41
Certificate issuer: /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial: 0225
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access: rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/6825EFB4B9EC11EE9FDF6A94775412E6.roa
Signing time: Tue 23 Jan 2024 12:39:11 +0000
ROA not before: Tue 23 Jan 2024 12:39:07 +0000
ROA not after: Wed 22 Jan 2025 12:39:07 +0000
asID: 174
IP address blocks: 66.251.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl
rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.mft
rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 30 Apr 2024 00:16:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 549 (0x225)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Validity
Not Before: Jan 23 12:39:07 2024 GMT
Not After : Jan 22 12:39:07 2025 GMT
Subject: CN=65afb36e-fe6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:63:8a:a6:6c:b9:6c:4f:f6:af:e4:42:2d:ec:
ed:01:ca:9d:74:a9:f6:96:ef:6f:b2:39:a0:27:c4:
c0:11:15:78:83:5d:7c:71:42:e6:16:e5:b3:5e:d5:
8f:76:1d:1e:b0:5f:9c:39:ac:52:53:33:34:03:32:
c9:fa:b4:be:c1:74:e6:ba:4f:48:13:d1:88:b8:36:
22:55:89:a0:07:e0:79:fd:70:c1:90:1e:88:2b:0c:
e4:56:e6:06:6f:93:9d:58:19:a6:57:e7:b6:a9:78:
4a:9b:67:82:ee:33:7b:01:47:9a:dc:be:14:b7:d0:
ed:a1:c9:59:4f:1e:a9:ff:26:ff:51:49:b9:ef:49:
f3:21:ba:2b:06:56:78:b1:43:c5:5c:1a:5b:29:f1:
15:30:8c:77:dd:07:07:69:46:b9:1c:4b:d2:f0:03:
42:87:f3:d5:86:2a:d7:cd:47:0b:24:04:be:bc:ef:
39:9a:aa:fc:0c:74:06:c8:43:a7:74:9d:f2:6d:75:
14:56:ca:e3:37:4a:6c:cc:64:12:ab:79:fb:35:4b:
cb:e0:de:76:e1:ef:08:03:6e:8e:c4:f0:b8:9a:2e:
98:c9:82:e0:e4:84:1f:f4:c3:7e:a3:6a:c0:15:72:
96:64:c5:d4:53:cd:b2:d6:0b:f9:6f:6b:79:eb:b2:
57:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:34:DD:75:54:D7:37:B2:E8:C9:65:1A:58:E7:DC:1E:B3:1A:BB:41
X509v3 Authority Key Identifier:
keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/6825EFB4B9EC11EE9FDF6A94775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.251.136.0/24
Signature Algorithm: sha256WithRSAEncryption
60:7a:b9:ab:31:9c:91:51:2a:28:3b:fa:ce:b9:9e:2b:9d:12:
ae:f4:11:a3:72:d5:d6:47:56:3c:2e:50:61:66:fd:69:48:1c:
58:99:15:96:1e:64:bd:30:fe:c7:ae:9d:b7:2c:85:c0:54:31:
03:a2:e0:dd:a6:bb:d1:83:25:13:86:43:70:93:4f:66:bf:c2:
ce:28:45:49:c2:25:a1:27:1c:eb:ec:c2:27:eb:79:3c:5c:36:
0d:72:0b:24:c2:e9:9d:5b:09:ac:5d:cb:87:7b:5f:f2:45:21:
db:1a:79:c5:ba:b3:5b:ee:46:39:3b:9f:2d:96:49:4c:40:67:
5b:24:05:77:61:3c:a1:ce:e8:47:54:f4:da:c8:d1:40:55:f2:
59:d3:33:03:ad:9c:1b:ad:d3:ce:55:e7:b7:1b:72:da:94:5b:
76:a2:f9:6b:61:78:d2:22:b7:97:bf:7d:96:0d:a2:3f:b8:37:
b0:1a:18:ec:e4:46:c0:74:5f:ef:96:df:0a:71:36:8f:03:c4:
36:92:ad:2e:ba:90:a3:43:e9:f5:e4:73:af:ba:f6:e7:b4:38:
de:3c:bb:82:f7:02:8e:b2:73:64:8a:9c:ac:6f:c6:3d:a2:0c:
57:70:3c:10:12:2d:63:45:13:69:ef:7e:4a:82:36:45:48:69:
f0:4d:8f:f7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAiUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yNDAxMjMxMjM5MDdaFw0yNTAxMjIxMjM5MDdaMBgxFjAU
BgNVBAMTDTY1YWZiMzZlLWZlNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLY4qmbLlsT/av5EIt7O0Byp10qfaW72+yOaAnxMARFXiDXXxxQuYW5bNe
1Y92HR6wX5w5rFJTMzQDMsn6tL7BdOa6T0gT0Yi4NiJViaAH4Hn9cMGQHogrDORW
5gZvk51YGaZX57apeEqbZ4LuM3sBR5rcvhS30O2hyVlPHqn/Jv9RSbnvSfMhuisG
VnixQ8VcGlsp8RUwjHfdBwdpRrkcS9LwA0KH89WGKtfNRwskBL687zmaqvwMdAbI
Q6d0nfJtdRRWyuM3SmzMZBKrefs1S8vg3nbh7wgDbo7E8LiaLpjJguDkhB/0w36j
asAVcpZkxdRTzbLWC/lva3nrsld9AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUVzTd
dVTXN7LoyWUaWOfcHrMau0EwHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4LzY4MjVFRkI0QjlFQzExRUU5RkRGNkE5NDc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+4gwDQYJKoZIhvcNAQELBQAD
ggEBAGB6uasxnJFRKig7+s65niudEq70EaNy1dZHVjwuUGFm/WlIHFiZFZYeZL0w
/seunbcshcBUMQOi4N2mu9GDJROGQ3CTT2a/ws4oRUnCJaEnHOvswifreTxcNg1y
CyTC6Z1bCaxdy4d7X/JFIdsaecW6s1vuRjk7ny2WSUxAZ1skBXdhPKHO6EdU9NrI
0UBV8lnTMwOtnBut085V57cbctqUW3ai+WtheNIit5e/fZYNoj+4N7AaGOzkRsB0
X++W3wpxNo8DxDaSrS66kKND6fXkc6+69ue0ON48u4L3Ao6yc2SKnKxvxj2iDFdw
PBASLWNFE2nvfkqCNkVIafBNj/c=
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:10:31 2024 by rpki-client on console-ams.rpki-client.org