Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/85D8A04C9DA311EFA3E30AA3762E951A.roa
File: 85D8A04C9DA311EFA3E30AA3762E951A.roa (raw, json)
Hash identifier: FZAfGze8pHegJjIEJ9jMAQEJ821rZgPtbu0NISM+NfU=
Subject key identifier: 90:CC:DF:71:1A:F5:71:E7:22:B3:A6:E1:15:BC:68:EF:B8:55:C3:AD
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0ABD
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/85D8A04C9DA311EFA3E30AA3762E951A.roa
Signing time: Fri 08 Nov 2024 07:31:52 +0000
ROA not before: Fri 08 Nov 2024 07:31:49 +0000
ROA not after: Wed 08 Nov 2034 07:31:49 +0000
asID: 214036
IP address blocks: 192.142.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2749 (0xabd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Validity
Not Before: Nov 8 07:31:49 2024 GMT
Not After : Nov 8 07:31:49 2034 GMT
Subject: CN=672dbe68-b21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:75:9d:01:46:bb:7d:50:63:b6:58:ab:fc:d6:
63:30:33:25:66:34:2e:86:eb:d4:31:1a:95:7c:6c:
8e:d0:5d:91:21:f2:51:7d:7d:47:87:52:5c:01:59:
34:87:84:c3:d8:ab:bd:24:50:65:50:c1:9b:4b:f3:
99:70:d0:a1:81:b5:5c:0c:c6:be:05:ff:f8:de:0e:
6c:18:a6:18:ba:10:10:70:f6:7d:97:3b:a4:a7:2f:
0e:59:47:3e:94:ea:f5:fc:0a:5a:93:d8:24:8c:0f:
d5:77:78:0b:26:bd:b4:f9:34:d2:df:71:91:20:04:
09:28:20:8e:a9:d8:ed:43:e7:a7:d0:f5:3e:f6:56:
89:e9:3c:f0:d6:e7:e6:38:7b:51:50:90:df:70:36:
79:59:67:92:b5:07:3f:b9:62:76:c1:3b:74:db:95:
d7:f6:aa:c0:ed:41:0c:36:39:a3:2b:c1:20:c5:d7:
ce:0a:1f:e9:c7:4f:58:17:11:45:3c:31:4e:25:4d:
e8:ec:84:ac:18:96:d9:7b:17:28:b3:3d:fc:b6:55:
54:3a:77:03:96:1d:d0:1c:89:34:de:78:10:f0:3d:
57:c6:3b:82:f2:c2:65:3a:cc:0f:64:c0:71:a7:7f:
80:17:60:d8:e6:32:20:69:0d:65:95:d1:03:fa:7b:
99:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CC:DF:71:1A:F5:71:E7:22:B3:A6:E1:15:BC:68:EF:B8:55:C3:AD
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/85D8A04C9DA311EFA3E30AA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.0.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:26:77:d1:22:b7:f4:9c:f2:e2:38:18:60:50:a8:de:26:f5:
3a:c4:d8:6b:5f:fe:85:48:fb:4f:c1:df:29:34:a6:94:2f:dd:
67:ab:4a:c1:a9:18:16:0d:40:51:f3:c4:6d:41:04:55:a5:51:
b5:44:f6:3f:6b:26:8c:9e:1d:a0:80:cc:a0:b9:d8:77:97:98:
d2:ca:f9:c9:3f:1d:c8:98:30:0c:29:4b:7f:2b:ad:52:40:6d:
e0:90:a3:be:a6:a5:fa:9f:4e:cc:20:5e:a9:64:b3:12:9c:81:
0f:67:bb:67:e0:27:4a:b6:8b:05:87:3b:8f:83:69:98:45:89:
e5:c6:3f:13:7c:c0:57:85:54:0a:36:bf:56:6e:c8:8c:9c:d2:
89:95:4c:12:c2:76:89:66:e2:4b:6d:cc:c9:2d:e2:bc:83:17:
80:cb:48:64:92:ef:ab:c1:5d:48:60:d6:95:13:b4:12:a9:77:
f5:d6:c3:44:f0:fa:63:3b:78:e5:f8:49:99:d0:2e:43:33:5c:
d3:04:34:e0:a6:24:05:3b:da:8e:5d:04:b5:e5:f5:6e:50:0c:
de:a5:44:37:fb:08:7f:50:e2:6c:64:f5:91:db:2e:61:ab:e8:
ac:41:3c:9d:fb:8e:1e:83:df:bd:bc:73:79:3d:83:c5:6e:a2:
4a:08:b1:ea
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCr0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNDExMDgwNzMxNDlaFw0zNDExMDgwNzMxNDlaMBgxFjAU
BgNVBAMTDTY3MmRiZTY4LWIyMWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC0dZ0BRrt9UGO2WKv81mMwMyVmNC6G69QxGpV8bI7QXZEh8lF9fUeHUlwB
WTSHhMPYq70kUGVQwZtL85lw0KGBtVwMxr4F//jeDmwYphi6EBBw9n2XO6SnLw5Z
Rz6U6vX8ClqT2CSMD9V3eAsmvbT5NNLfcZEgBAkoII6p2O1D56fQ9T72VonpPPDW
5+Y4e1FQkN9wNnlZZ5K1Bz+5YnbBO3Tbldf2qsDtQQw2OaMrwSDF184KH+nHT1gX
EUU8MU4lTejshKwYltl7FyizPfy2VVQ6dwOWHdAciTTeeBDwPVfGO4LywmU6zA9k
wHGnf4AXYNjmMiBpDWWV0QP6e5lvAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUkMzf
cRr1cecis6bhFbxo77hVw60wHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4Lzg1RDhBMDRDOURBMzExRUZBM0UzMEFBMzc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjgAwDQYJKoZIhvcNAQELBQAD
ggEBAA4md9Eit/Sc8uI4GGBQqN4m9TrE2Gtf/oVI+0/B3yk0ppQv3WerSsGpGBYN
QFHzxG1BBFWlUbVE9j9rJoyeHaCAzKC52HeXmNLK+ck/HciYMAwpS38rrVJAbeCQ
o76mpfqfTswgXqlksxKcgQ9nu2fgJ0q2iwWHO4+DaZhFieXGPxN8wFeFVAo2v1Zu
yIyc0omVTBLCdolm4kttzMkt4ryDF4DLSGSS76vBXUhg1pUTtBKpd/XWw0Tw+mM7
eOX4SZnQLkMzXNMENOCmJAU72o5dBLXl9W5QDN6lRDf7CH9Q4mxk9ZHbLmGr6KxB
PJ37jh6D3728c3k9g8VuokoIseo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org