Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668231/7002A3AC6B8E11E79C20EC65F8AEA228/DA08B89A6B8E11E7952D2166F8AEA228.roa
File: DA08B89A6B8E11E7952D2166F8AEA228.roa (raw, json)
Hash identifier: rve7QOec9FqmRJKLI6WNqhqnq4CSIGF+XgPlE64aa9A=
Subject key identifier: 4A:A7:CD:6C:3A:15:57:F9:CF:84:79:66:55:27:9C:E8:5E:42:DF:57
Certificate issuer: /CN=F3668231AR/serialNumber=4C543345671A3D0C4088284A91FC77FB6CC6B068
Certificate serial: 02
Authority key identifier: 4C:54:33:45:67:1A:3D:0C:40:88:28:4A:91:FC:77:FB:6C:C6:B0:68
Authority info access: rsync://rpki.afrinic.net/repository/arin/TFQzRWcaPQxAiChKkfx3-2zGsGg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3668231/7002A3AC6B8E11E79C20EC65F8AEA228/DA08B89A6B8E11E7952D2166F8AEA228.roa
Signing time: Tue 18 Jul 2017 07:58:18 +0000
ROA not before: Tue 18 Jul 2017 07:58:07 +0000
ROA not after: Tue 13 Jul 2027 07:58:07 +0000
asID: 36924
IP address blocks: 156.38.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3668231/7002A3AC6B8E11E79C20EC65F8AEA228/TFQzRWcaPQxAiChKkfx3-2zGsGg.crl
rsync://rpki.afrinic.net/repository/member_repository/F3668231/7002A3AC6B8E11E79C20EC65F8AEA228/TFQzRWcaPQxAiChKkfx3-2zGsGg.mft
rsync://rpki.afrinic.net/repository/arin/TFQzRWcaPQxAiChKkfx3-2zGsGg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 27 Apr 2024 00:16:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3668231AR/serialNumber=4C543345671A3D0C4088284A91FC77FB6CC6B068
Validity
Not Before: Jul 18 07:58:07 2017 GMT
Not After : Jul 13 07:58:07 2027 GMT
Subject: CN=596dbf9a-86f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ea:27:96:d0:72:0e:af:d1:0e:7c:17:c5:b8:
01:1d:6e:a4:38:10:2e:20:79:dd:ef:be:51:8f:63:
a0:43:f9:2a:c6:41:47:9b:95:f5:73:c9:e6:7f:e3:
ae:78:f3:e3:87:dd:5e:38:93:02:4e:1f:ab:12:7c:
e2:50:db:a0:c7:65:cc:96:a6:22:9f:94:76:e2:8a:
84:44:61:f9:d0:0a:e1:32:3d:a7:63:b1:a2:f9:26:
02:8a:41:35:8e:19:8e:5f:17:3f:4b:ff:37:df:8b:
ba:c4:4a:da:6b:07:64:9a:7b:61:8e:fc:83:ed:19:
ae:32:50:ce:1d:f5:84:ce:9e:d0:88:3e:a1:d4:09:
64:22:55:10:21:fd:75:7b:b6:c6:46:40:d4:eb:37:
2c:cd:ca:43:be:3f:c6:c5:d2:20:42:e7:94:b4:13:
8d:c8:f2:8a:ae:f7:be:fa:98:a8:ca:de:80:74:c4:
0b:13:a3:29:70:90:1e:90:cb:0c:60:a8:b6:92:6f:
9d:f9:61:76:a1:c7:a9:c6:3d:01:34:82:04:48:7a:
af:45:12:3b:7b:7b:3a:ae:cf:ef:99:a0:98:d9:6e:
c4:e5:74:f3:b3:55:a7:c6:43:7a:17:d2:0e:69:76:
76:0f:5f:b5:6b:cf:fc:5c:2b:fb:28:80:ea:a3:fd:
8c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A7:CD:6C:3A:15:57:F9:CF:84:79:66:55:27:9C:E8:5E:42:DF:57
X509v3 Authority Key Identifier:
keyid:4C:54:33:45:67:1A:3D:0C:40:88:28:4A:91:FC:77:FB:6C:C6:B0:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3668231/7002A3AC6B8E11E79C20EC65F8AEA228/TFQzRWcaPQxAiChKkfx3-2zGsGg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/TFQzRWcaPQxAiChKkfx3-2zGsGg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668231/7002A3AC6B8E11E79C20EC65F8AEA228/DA08B89A6B8E11E7952D2166F8AEA228.roa
sbgp-ipAddrBlock: critical
IPv4:
156.38.64.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:75:cf:95:6a:46:e3:aa:c8:ac:65:d1:3c:86:8a:e3:7e:e3:
fd:b6:bb:f0:c5:3e:ce:95:d0:24:f2:a1:04:5e:d8:c7:c8:c5:
ec:a8:e6:8b:33:07:8d:00:de:ad:87:22:78:f6:58:63:83:16:
9a:08:e4:ea:a9:97:7d:29:f2:53:67:63:7d:78:96:a3:e4:c0:
38:13:03:25:67:84:e6:4c:78:a5:a6:da:68:03:04:db:58:da:
bc:af:d5:49:20:f7:ba:ec:98:9f:e2:57:59:e9:25:2d:30:83:
02:96:88:47:3f:72:4d:5f:37:af:4e:b8:41:75:83:f5:83:54:
8c:25:4a:46:a8:24:7e:a2:cb:0e:fd:0f:f8:36:07:c2:24:ce:
dc:1c:90:a5:33:4a:d0:00:71:d2:6b:3a:17:77:da:42:9e:cb:
3d:4f:68:92:e3:36:79:90:6e:ed:8f:6b:76:5a:c8:51:46:e1:
88:7c:b3:66:21:dd:79:5b:a7:f9:a8:29:1d:e2:8b:ae:c4:28:
26:e1:54:1a:b9:eb:6d:c5:86:1a:89:7f:96:4a:4d:1f:ae:cf:
48:da:c1:4e:01:c1:e4:41:78:85:a1:0e:2e:36:73:80:21:5b:
90:6f:20:a0:8c:da:1d:d9:79:c3:5e:7a:ee:96:25:1a:2b:6b:
40:bd:b9:0d
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
ODIzMUFSMTEwLwYDVQQFEyg0QzU0MzM0NTY3MUEzRDBDNDA4ODI4NEE5MUZDNzdG
QjZDQzZCMDY4MB4XDTE3MDcxODA3NTgwN1oXDTI3MDcxMzA3NTgwN1owGDEWMBQG
A1UEAxMNNTk2ZGJmOWEtODZmMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMfqJ5bQcg6v0Q58F8W4AR1upDgQLiB53e++UY9joEP5KsZBR5uV9XPJ5n/j
rnjz44fdXjiTAk4fqxJ84lDboMdlzJamIp+UduKKhERh+dAK4TI9p2OxovkmAopB
NY4Zjl8XP0v/N9+LusRK2msHZJp7YY78g+0ZrjJQzh31hM6e0Ig+odQJZCJVECH9
dXu2xkZA1Os3LM3KQ74/xsXSIELnlLQTjcjyiq73vvqYqMregHTECxOjKXCQHpDL
DGCotpJvnflhdqHHqcY9ATSCBEh6r0USO3t7Oq7P75mgmNluxOV087NVp8ZDehfS
Dml2dg9ftWvP/Fwr+yiA6qP9jBUCAwEAAaOCAmswggJnMB0GA1UdDgQWBBRKp81s
OhVX+c+EeWZVJ5zoXkLfVzAfBgNVHSMEGDAWgBRMVDNFZxo9DECIKEqR/Hf7bMaw
aDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjgyMzEvNzAwMkEzQUM2QjhFMTFFNzlDMjBFQzY1RjhBRUEyMjgvVEZRelJX
Y2FQUXhBaUNoS2tmeDMtMnpHc0dnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
VEZRelJXY2FQUXhBaUNoS2tmeDMtMnpHc0dnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NjgyMzEvNzAwMkEzQUM2QjhFMTFFNzlDMjBFQzY1RjhBRUEy
MjgvREEwOEI4OUE2QjhFMTFFNzk1MkQyMTY2RjhBRUEyMjgucm9hMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQFnCZAMA0GCSqGSIb3DQEBCwUAA4IBAQAKdc+V
akbjqsisZdE8horjfuP9trvwxT7OldAk8qEEXtjHyMXsqOaLMweNAN6thyJ49lhj
gxaaCOTqqZd9KfJTZ2N9eJaj5MA4EwMlZ4TmTHilptpoAwTbWNq8r9VJIPe67Jif
4ldZ6SUtMIMClohHP3JNXzevTrhBdYP1g1SMJUpGqCR+ossO/Q/4NgfCJM7cHJCl
M0rQAHHSazoXd9pCnss9T2iS4zZ5kG7tj2t2WshRRuGIfLNmId15W6f5qCkd4ouu
xCgm4VQauettxYYaiX+WSk0frs9I2sFOAcHkQXiFoQ4uNnOAIVuQbyCgjNod2XnD
XnruliUaK2tAvbkN
-----END CERTIFICATE-----
Generated at Thu Apr 25 02:00:23 2024 by rpki-client on console-ams.rpki-client.org