Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/5E36D50E9DCB11EFB9034F99762E951A.roa
File: 5E36D50E9DCB11EFB9034F99762E951A.roa (raw, json)
Hash identifier: HLXBEr9S0zLWaBvqVbTfpACpF+TXJrXBt4feeD3zC1g=
Subject key identifier: D2:F8:43:4C:F2:DA:0A:8B:A8:58:A2:69:D9:58:7B:EC:30:9D:C3:64
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0AC3
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/5E36D50E9DCB11EFB9034F99762E951A.roa
Signing time: Fri 08 Nov 2024 12:17:06 +0000
ROA not before: Fri 08 Nov 2024 12:17:02 +0000
ROA not after: Wed 08 Nov 2034 12:17:02 +0000
asID: 6206
IP address blocks: 192.142.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2755 (0xac3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Validity
Not Before: Nov 8 12:17:02 2024 GMT
Not After : Nov 8 12:17:02 2034 GMT
Subject: CN=672e0142-192e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1e:84:b6:4f:b5:a3:b5:e3:3a:63:47:0e:71:
75:5d:fc:29:9c:9b:d0:aa:62:1a:ce:fb:0f:74:8d:
06:7a:82:e1:61:43:b0:3c:36:93:e8:89:fb:0e:db:
1d:9f:5b:09:24:57:0f:55:1f:68:8b:ff:f2:21:ea:
0d:eb:f9:06:c9:47:49:58:72:02:35:e9:e5:ab:df:
70:2b:5a:94:a0:42:c1:64:3e:27:be:4d:6f:98:0c:
2a:eb:fd:0d:5d:e1:86:39:65:56:7e:43:c0:2a:39:
c3:4a:6b:e6:6c:f0:d2:7e:54:1b:51:19:1e:1f:ed:
27:6d:c9:c7:22:f1:1c:5c:c2:a1:00:56:d5:20:27:
cb:14:12:72:35:72:ec:18:14:c2:2a:35:10:80:fc:
a2:e8:f9:52:16:e5:5d:f9:dd:82:b1:ba:b3:69:56:
7f:d6:e2:e8:69:96:d2:d1:f1:ba:26:bc:9d:ed:95:
f1:0b:43:c0:18:0a:ee:be:a4:b9:0a:68:8d:df:34:
04:19:26:2b:db:55:43:7b:1f:13:d0:da:2b:ce:ff:
47:ca:1b:e2:a2:1e:73:c4:1f:43:81:11:a6:17:3d:
ff:ac:c3:07:07:30:47:3c:84:a5:c1:ab:f9:00:8d:
71:33:8c:69:bf:61:ca:e7:17:39:a1:fa:4a:03:71:
71:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F8:43:4C:F2:DA:0A:8B:A8:58:A2:69:D9:58:7B:EC:30:9D:C3:64
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/5E36D50E9DCB11EFB9034F99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.3.0/24
Signature Algorithm: sha256WithRSAEncryption
06:b8:06:a3:fb:b3:74:9c:10:b0:09:a0:27:8a:4f:a7:30:eb:
53:ba:07:de:54:7f:da:4b:de:7c:39:b5:ab:1c:ad:e0:4d:39:
4a:00:fd:13:93:1e:02:06:da:c2:c0:d6:07:21:02:c5:cc:78:
ab:87:b6:50:fe:c4:c6:33:09:9b:90:c4:ac:a4:ed:07:a8:7c:
8f:4c:d8:d9:b9:f0:14:a3:20:1f:80:85:48:91:6b:99:7b:07:
59:09:ef:57:01:ad:4e:d5:d7:3e:2b:fd:3c:9c:39:65:db:f8:
63:a4:55:43:10:13:c2:d6:2a:b7:3d:2a:91:fd:d0:a1:1a:20:
8c:b9:27:6d:c7:92:5d:ca:0e:40:d4:87:01:62:12:75:d4:00:
b6:bc:2d:bc:bc:52:7e:cb:0c:2d:a0:d3:98:95:87:c0:d7:53:
bf:0c:74:9a:ac:53:3d:4a:b3:fd:aa:dd:66:c2:e7:40:0a:3f:
d5:49:01:e9:0e:7a:1e:2c:6d:2a:28:20:bf:57:6b:03:0f:79:
b1:37:39:bf:9f:bd:e4:f7:fd:8a:5e:92:81:c6:a9:85:2c:8c:
5d:32:fa:ac:d2:d5:4f:47:99:bd:0c:da:2b:de:06:de:32:ec:
6a:df:e8:1e:03:d9:1e:34:82:ae:04:4f:9e:83:64:29:2f:fd:
8f:ed:43:9a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCsMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNDExMDgxMjE3MDJaFw0zNDExMDgxMjE3MDJaMBgxFjAU
BgNVBAMTDTY3MmUwMTQyLTE5MmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDFHoS2T7WjteM6Y0cOcXVd/Cmcm9CqYhrO+w90jQZ6guFhQ7A8NpPoifsO
2x2fWwkkVw9VH2iL//Ih6g3r+QbJR0lYcgI16eWr33ArWpSgQsFkPie+TW+YDCrr
/Q1d4YY5ZVZ+Q8AqOcNKa+Zs8NJ+VBtRGR4f7Sdtycci8RxcwqEAVtUgJ8sUEnI1
cuwYFMIqNRCA/KLo+VIW5V353YKxurNpVn/W4uhpltLR8bomvJ3tlfELQ8AYCu6+
pLkKaI3fNAQZJivbVUN7HxPQ2ivO/0fKG+KiHnPEH0OBEaYXPf+swwcHMEc8hKXB
q/kAjXEzjGm/YcrnFzmh+koDcXHjAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU0vhD
TPLaCouoWKJp2Vh77DCdw2QwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzVFMzZENTBFOURDQjExRUZCOTAzNEY5OTc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjgMwDQYJKoZIhvcNAQELBQAD
ggEBAAa4BqP7s3ScELAJoCeKT6cw61O6B95Uf9pL3nw5tascreBNOUoA/ROTHgIG
2sLA1gchAsXMeKuHtlD+xMYzCZuQxKyk7QeofI9M2Nm58BSjIB+AhUiRa5l7B1kJ
71cBrU7V1z4r/TycOWXb+GOkVUMQE8LWKrc9KpH90KEaIIy5J23Hkl3KDkDUhwFi
EnXUALa8Lby8Un7LDC2g05iVh8DXU78MdJqsUz1Ks/2q3WbC50AKP9VJAekOeh4s
bSooIL9XawMPebE3Ob+fveT3/YpekoHGqYUsjF0y+qzS1U9Hmb0M2iveBt4y7Grf
6B4D2R40gq4ET56DZCkv/Y/tQ5o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org