Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/876B5256B9EC11EE8E299D94775412E6.roa
File: 876B5256B9EC11EE8E299D94775412E6.roa (raw, json)
Hash identifier: xkMe2WoANLcmTDEilczMJ5RYED88QzMpoZ0aWgULHYc=
Subject key identifier: 9C:9E:AD:AD:91:29:64:0E:93:D6:EF:2B:F2:BE:90:45:92:2F:89:73
Certificate issuer: /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial: 0227
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access: rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/876B5256B9EC11EE8E299D94775412E6.roa
Signing time: Tue 23 Jan 2024 12:40:03 +0000
ROA not before: Tue 23 Jan 2024 12:40:00 +0000
ROA not after: Wed 22 Jan 2025 12:40:00 +0000
asID: 174
IP address blocks: 66.251.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl
rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.mft
rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 28 Apr 2024 00:16:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 551 (0x227)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Validity
Not Before: Jan 23 12:40:00 2024 GMT
Not After : Jan 22 12:40:00 2025 GMT
Subject: CN=65afb3a3-a5be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4d:52:82:bb:9d:ae:7a:5d:82:86:06:a1:f5:
da:fa:85:61:1d:0d:06:10:f1:6d:65:db:7c:f6:b9:
7d:06:93:60:61:02:80:f2:76:7d:4e:e0:2e:81:d1:
93:cf:ff:7c:72:ed:76:1a:2e:ec:b7:a5:50:23:91:
e4:79:0f:56:05:2b:81:85:44:a8:4f:b1:55:5d:b4:
ef:cb:51:d5:55:86:b9:13:18:bf:45:eb:31:ff:3f:
d5:ff:67:75:b6:04:e7:3a:3e:49:58:68:de:83:74:
9a:0e:a8:f8:8b:7e:f3:3a:ce:a9:3a:25:61:18:d2:
08:85:3d:e3:5b:85:87:af:a1:4c:b0:9f:e1:ca:02:
79:f2:7b:15:44:54:0f:f8:bf:c2:53:c8:73:88:6c:
52:d3:81:cf:ff:48:3f:0b:ac:06:3e:0f:a6:92:6a:
92:a0:f6:9b:6b:ca:a7:bc:2f:cf:da:56:86:27:d5:
95:8b:fe:e4:99:f2:3e:cd:0b:ce:bc:87:fd:ba:cc:
08:c0:f8:3d:f2:42:7e:53:61:9b:41:10:04:c3:b2:
e5:8d:76:81:0c:bf:9d:ad:ce:bd:c3:6e:68:31:63:
8a:32:4d:5e:f2:e1:2f:f6:86:51:6b:93:a2:97:5c:
c3:24:83:f8:55:06:a1:51:41:1f:44:75:bd:fb:9e:
33:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9E:AD:AD:91:29:64:0E:93:D6:EF:2B:F2:BE:90:45:92:2F:89:73
X509v3 Authority Key Identifier:
keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/876B5256B9EC11EE8E299D94775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
66.251.137.0/24
Signature Algorithm: sha256WithRSAEncryption
76:1f:82:14:a5:a9:1d:9f:80:80:14:36:53:33:30:02:cb:5f:
83:03:42:2f:bf:67:95:d3:02:8a:07:7a:07:c9:b3:f9:29:67:
50:bc:eb:02:0a:c0:71:cf:de:4f:b3:c6:b7:31:e4:55:99:b1:
5b:47:bb:7e:df:e0:52:4d:96:ed:d7:b9:c0:ba:17:ff:e1:b3:
eb:b5:4f:b9:74:a1:52:c1:f4:56:75:ee:94:ea:33:f7:44:2c:
eb:48:de:6f:59:a9:ca:14:19:08:d0:04:94:20:3e:8a:88:8d:
e4:6a:f9:c4:68:43:29:49:6e:df:ea:99:33:70:7f:59:7e:6f:
48:fa:3c:3e:39:05:4e:d1:75:29:9b:e3:0c:29:7d:a9:72:88:
02:97:66:4f:27:32:5c:13:9b:79:07:0b:fb:8c:da:d3:84:f9:
5c:1d:cb:dc:a8:97:2d:df:8f:81:8f:13:56:99:8d:69:bf:65:
f3:03:c0:ec:5b:f2:f1:49:02:75:2a:9d:4c:1c:ed:a5:48:c7:
f6:6a:49:a7:3d:88:a8:22:33:dc:1d:50:f2:6e:6b:27:e6:d7:
e3:c1:08:d2:9e:d6:e2:ce:cf:1c:e7:d9:d4:9c:bb:0a:9d:30:
e8:4e:f3:08:73:1f:e8:50:b4:c7:89:7e:ed:12:3e:92:03:18:
6b:51:85:c2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAicwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yNDAxMjMxMjQwMDBaFw0yNTAxMjIxMjQwMDBaMBgxFjAU
BgNVBAMTDTY1YWZiM2EzLWE1YmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4TVKCu52uel2Chgah9dr6hWEdDQYQ8W1l23z2uX0Gk2BhAoDydn1O4C6B
0ZPP/3xy7XYaLuy3pVAjkeR5D1YFK4GFRKhPsVVdtO/LUdVVhrkTGL9F6zH/P9X/
Z3W2BOc6PklYaN6DdJoOqPiLfvM6zqk6JWEY0giFPeNbhYevoUywn+HKAnnyexVE
VA/4v8JTyHOIbFLTgc//SD8LrAY+D6aSapKg9ptryqe8L8/aVoYn1ZWL/uSZ8j7N
C868h/26zAjA+D3yQn5TYZtBEATDsuWNdoEMv52tzr3DbmgxY4oyTV7y4S/2hlFr
k6KXXMMkg/hVBqFRQR9Edb37njMJAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUnJ6t
rZEpZA6T1u8r8r6QRZIviXMwHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4Lzg3NkI1MjU2QjlFQzExRUU4RTI5OUQ5NDc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+4kwDQYJKoZIhvcNAQELBQAD
ggEBAHYfghSlqR2fgIAUNlMzMALLX4MDQi+/Z5XTAooHegfJs/kpZ1C86wIKwHHP
3k+zxrcx5FWZsVtHu37f4FJNlu3XucC6F//hs+u1T7l0oVLB9FZ17pTqM/dELOtI
3m9ZqcoUGQjQBJQgPoqIjeRq+cRoQylJbt/qmTNwf1l+b0j6PD45BU7RdSmb4wwp
falyiAKXZk8nMlwTm3kHC/uM2tOE+Vwdy9yoly3fj4GPE1aZjWm/ZfMDwOxb8vFJ
AnUqnUwc7aVIx/ZqSac9iKgiM9wdUPJuayfm1+PBCNKe1uLOzxzn2dScuwqdMOhO
8whzH+hQtMeJfu0SPpIDGGtRhcI=
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:17:33 2024 by rpki-client on console-ams.rpki-client.org