Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3662DAB/1ADA46468F3211EDAD621AB8F1222468/DB993B728F4F11ED982ED088F1222468.roa
File: DB993B728F4F11ED982ED088F1222468.roa (raw, json)
Hash identifier: zmof4qkrG67Fqj/AA24Lhy1I6eBvEWQSDaesv5Uqj2o=
Subject key identifier: 41:CF:78:44:9A:4D:F1:DE:FC:58:BB:40:AA:74:F3:04:37:FA:CB:DA
Certificate issuer: /CN=F3662DABAR/serialNumber=28256080D43A04D81238EF53D3116ED647B06E1C
Certificate serial: 02
Authority key identifier: 28:25:60:80:D4:3A:04:D8:12:38:EF:53:D3:11:6E:D6:47:B0:6E:1C
Authority info access: rsync://rpki.afrinic.net/repository/arin/KCVggNQ6BNgSOO9T0xFu1kewbhw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/1ADA46468F3211EDAD621AB8F1222468/DB993B728F4F11ED982ED088F1222468.roa
Signing time: Sun 08 Jan 2023 12:27:47 +0000
ROA not before: Sun 08 Jan 2023 12:27:41 +0000
ROA not after: Mon 31 Jan 2033 12:27:41 +0000
asID: 328073
IP address blocks: 164.160.144.0/22 maxlen: 22
164.160.145.0/24 maxlen: 24
164.160.146.0/24 maxlen: 24
164.160.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/1ADA46468F3211EDAD621AB8F1222468/KCVggNQ6BNgSOO9T0xFu1kewbhw.crl
rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/1ADA46468F3211EDAD621AB8F1222468/KCVggNQ6BNgSOO9T0xFu1kewbhw.mft
rsync://rpki.afrinic.net/repository/arin/KCVggNQ6BNgSOO9T0xFu1kewbhw.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:21:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3662DABAR/serialNumber=28256080D43A04D81238EF53D3116ED647B06E1C
Validity
Not Before: Jan 8 12:27:41 2023 GMT
Not After : Jan 31 12:27:41 2033 GMT
Subject: CN=63bab6c3-a092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d7:5d:85:54:b9:f8:ad:62:ca:c5:8a:73:71:
a9:42:d9:42:a7:37:86:43:4d:2f:d2:64:3b:cd:71:
ef:2c:31:98:67:53:7d:3b:d3:fd:fc:dc:fc:1f:69:
89:83:ed:8e:88:47:15:42:7d:fb:b0:cb:0c:0e:95:
fa:fd:74:a2:2c:aa:a7:5e:9b:b8:67:6d:68:75:ec:
85:57:e7:d6:be:cd:de:02:a7:ee:1a:be:aa:a1:fd:
06:ae:b8:73:b9:c9:a7:cb:77:97:84:2f:f7:e4:78:
32:72:a7:c5:ca:25:0e:40:19:4d:7c:25:07:bc:c9:
ec:f1:3d:df:21:8f:fd:60:24:99:26:17:78:60:fb:
41:5d:77:bf:0f:00:9a:79:60:a9:59:21:c5:ba:0b:
9f:08:d2:03:4a:75:0a:a1:d0:f8:08:96:c1:eb:80:
5b:8d:8c:bd:1d:9e:7b:0c:3a:a5:26:8f:4a:7c:23:
5b:82:d5:22:bd:3d:f6:39:e5:82:65:87:35:7e:a8:
8e:b0:55:2e:55:aa:04:42:0c:5d:a1:ce:d9:4a:3d:
7f:7f:ac:38:85:99:0f:b2:30:2b:54:60:e1:87:d8:
0e:0f:d9:36:62:88:01:bc:74:e7:41:69:ba:7e:84:
c9:e4:ab:08:b6:9c:5d:07:ed:40:f7:4d:82:1f:53:
04:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CF:78:44:9A:4D:F1:DE:FC:58:BB:40:AA:74:F3:04:37:FA:CB:DA
X509v3 Authority Key Identifier:
keyid:28:25:60:80:D4:3A:04:D8:12:38:EF:53:D3:11:6E:D6:47:B0:6E:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/1ADA46468F3211EDAD621AB8F1222468/KCVggNQ6BNgSOO9T0xFu1kewbhw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/KCVggNQ6BNgSOO9T0xFu1kewbhw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3662DAB/1ADA46468F3211EDAD621AB8F1222468/DB993B728F4F11ED982ED088F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
164.160.144.0/22
Signature Algorithm: sha256WithRSAEncryption
88:05:90:d9:47:97:c3:3b:be:6b:74:4c:09:59:72:ee:25:e8:
79:5a:5b:d3:f8:7c:6b:cd:25:51:08:f4:f6:55:96:7a:66:2d:
ea:cf:15:76:e9:fe:46:1b:4e:ac:22:96:62:34:8b:6d:53:8f:
06:13:5a:af:7d:80:7a:0b:83:8e:bb:fb:1a:26:f8:9a:bd:d9:
a7:0f:8e:22:13:8a:2e:e2:95:8a:2b:e4:c3:57:b0:62:59:98:
82:90:44:59:3d:e3:5a:7e:83:c1:51:fe:08:b3:f8:d6:15:2d:
15:63:13:4d:5c:38:03:ef:8a:51:37:ff:4a:22:fd:07:f9:1d:
7f:45:ea:3b:cb:fa:d0:c5:fb:58:d4:e9:aa:57:b6:ae:cc:80:
7d:40:93:15:cd:15:62:f6:13:21:12:64:f6:ed:5e:65:cf:8d:
61:75:d7:44:da:fe:36:e3:e4:57:87:f6:9e:4e:c3:5d:ee:d6:
b1:f2:a3:7b:ae:90:a0:18:94:8d:f3:10:6e:4d:da:01:4e:dd:
6c:a4:aa:c0:b8:45:81:93:12:45:e2:07:54:aa:9f:29:2e:93:
9d:f5:07:3f:60:65:8c:46:2c:91:84:9b:78:d2:8f:06:8e:e4:
2a:d2:41:44:b4:a4:96:e5:0a:2b:7f:74:e1:02:c7:f8:68:c9:
bf:6b:c5:08
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
MkRBQkFSMTEwLwYDVQQFEygyODI1NjA4MEQ0M0EwNEQ4MTIzOEVGNTNEMzExNkVE
NjQ3QjA2RTFDMB4XDTIzMDEwODEyMjc0MVoXDTMzMDEzMTEyMjc0MVowGDEWMBQG
A1UEAwwNNjNiYWI2YzMtYTA5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3XXYVUufitYsrFinNxqULZQqc3hkNNL9JkO81x7ywxmGdTfTvT/fzc/B9p
iYPtjohHFUJ9+7DLDA6V+v10oiyqp16buGdtaHXshVfn1r7N3gKn7hq+qqH9Bq64
c7nJp8t3l4Qv9+R4MnKnxcolDkAZTXwlB7zJ7PE93yGP/WAkmSYXeGD7QV13vw8A
mnlgqVkhxboLnwjSA0p1CqHQ+AiWweuAW42MvR2eeww6pSaPSnwjW4LVIr099jnl
gmWHNX6ojrBVLlWqBEIMXaHO2Uo9f3+sOIWZD7IwK1Rg4YfYDg/ZNmKIAbx050Fp
un6EyeSrCLacXQftQPdNgh9TBA0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRBz3hE
mk3x3vxYu0CqdPMEN/rL2jAfBgNVHSMEGDAWgBQoJWCA1DoE2BI471PTEW7WR7Bu
HDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjJEQUIvMUFEQTQ2NDY4RjMyMTFFREFENjIxQUI4RjEyMjI0NjgvS0NWZ2dO
UTZCTmdTT085VDB4RnUxa2V3Ymh3LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
S0NWZ2dOUTZCTmdTT085VDB4RnUxa2V3Ymh3LmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NjJEQUIvMUFEQTQ2NDY4RjMyMTFFREFENjIxQUI4RjEyMjI0
NjgvREI5OTNCNzI4RjRGMTFFRDk4MkVEMDg4RjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqSgkDANBgkqhkiG9w0BAQsFAAOC
AQEAiAWQ2UeXwzu+a3RMCVly7iXoeVpb0/h8a80lUQj09lWWemYt6s8Vdun+RhtO
rCKWYjSLbVOPBhNar32AeguDjrv7Gib4mr3Zpw+OIhOKLuKViivkw1ewYlmYgpBE
WT3jWn6DwVH+CLP41hUtFWMTTVw4A++KUTf/SiL9B/kdf0XqO8v60MX7WNTpqle2
rsyAfUCTFc0VYvYTIRJk9u1eZc+NYXXXRNr+NuPkV4f2nk7DXe7WsfKje66QoBiU
jfMQbk3aAU7dbKSqwLhFgZMSReIHVKqfKS6TnfUHP2BljEYskYSbeNKPBo7kKtJB
RLSkluUKK3904QLH+GjJv2vFCA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:27 2024 by rpki-client on console-fra.rpki-client.org