Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/8CB31672BFFA11EE9A6BC8A8775412E6.roa
File: 8CB31672BFFA11EE9A6BC8A8775412E6.roa (raw, json)
Hash identifier: jtPNnsaik+cjq9XOPGOwhJU0Odj3+DhiT09oW45V/qQ=
Subject key identifier: 54:F7:44:73:3C:50:78:B3:A6:F8:39:6F:C1:6A:65:15:8B:F7:63:1C
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 08A0
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/8CB31672BFFA11EE9A6BC8A8775412E6.roa
Signing time: Wed 31 Jan 2024 05:35:32 +0000
ROA not before: Wed 31 Jan 2024 05:35:26 +0000
ROA not after: Wed 18 Jan 2034 05:35:26 +0000
asID: 42831
IP address blocks: 192.142.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 06 May 2024 00:16:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2208 (0x8a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Validity
Not Before: Jan 31 05:35:26 2024 GMT
Not After : Jan 18 05:35:26 2034 GMT
Subject: CN=65b9dc24-d6df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fe:87:f9:5b:23:c0:7b:9c:60:b7:3d:5e:0d:
11:c6:aa:5a:40:97:61:de:04:f6:b2:89:67:b5:b4:
85:21:02:39:51:b8:46:33:69:af:22:b1:18:14:66:
62:18:fd:44:38:3b:56:32:d8:28:ba:12:2a:28:0f:
92:7f:7f:da:25:cc:55:27:f8:8f:b4:69:ac:6a:be:
1f:48:69:1d:a7:4c:f8:e0:ac:53:a7:5b:a7:b4:64:
7a:5e:5f:8b:1e:7d:27:d8:25:10:49:e6:9d:04:84:
6b:ac:e2:fb:42:a1:e3:11:54:f4:8f:c1:48:ed:87:
9f:61:f4:92:ca:38:ca:f3:67:f4:d9:37:3c:3c:0a:
36:6f:7e:00:4f:c6:c7:47:57:e8:94:6d:b3:42:b0:
34:6c:b0:83:9b:7c:90:37:61:b5:51:d1:7c:93:c8:
20:2b:5a:fe:0c:5d:1a:c9:c5:3e:d8:ae:b4:c4:62:
d9:a6:1a:50:d3:df:ad:9b:35:e7:db:3c:bb:f7:84:
87:63:66:e2:70:ff:5d:e5:fc:a2:7b:3a:4e:cf:16:
98:2d:b5:cc:09:b4:e8:e2:e7:d3:5c:b9:e1:55:15:
ae:5c:78:dc:e7:10:d4:78:51:f7:cc:52:43:7c:c6:
38:bd:46:c7:7e:95:82:f3:90:b4:69:f8:ad:cb:db:
c7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F7:44:73:3C:50:78:B3:A6:F8:39:6F:C1:6A:65:15:8B:F7:63:1C
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/8CB31672BFFA11EE9A6BC8A8775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.0.0/22
Signature Algorithm: sha256WithRSAEncryption
83:f9:07:ac:40:f9:23:eb:a9:8b:04:4a:4f:8e:11:48:5f:d1:
88:a1:fa:fe:b0:d7:31:91:48:8c:8a:df:3f:26:8c:cb:57:07:
bd:78:d1:ec:d2:f7:36:f8:85:d3:ea:03:99:40:4a:5f:93:d8:
33:35:fb:66:2e:fb:56:a3:14:a8:aa:38:53:a0:c9:ef:de:79:
20:6b:a3:a4:cf:58:5d:ef:42:05:4e:b4:3a:a2:0e:a7:4b:80:
79:95:aa:0d:1a:8d:f5:ff:1b:fd:4c:f9:8b:f2:57:3b:48:a2:
f8:9b:ab:d4:b7:75:70:60:f6:14:c4:76:19:e6:d4:ef:bc:23:
44:88:94:11:7f:87:1e:30:8f:13:12:b9:d3:96:52:68:26:d3:
96:33:86:fc:58:cf:96:f2:29:64:8b:c8:e2:2c:20:3f:f2:e3:
a0:3c:0d:f1:49:ea:8d:23:dc:fa:33:e1:5c:4f:f5:d5:27:58:
ee:dd:a0:9e:e4:d0:c7:24:31:d6:bc:b9:7e:8c:06:d8:00:9b:
e6:6e:dd:6d:a1:88:30:ae:bf:cc:49:29:19:a3:20:df:78:49:
58:22:df:07:74:13:6d:78:75:a6:90:f3:40:33:a3:07:01:ff:
38:ec:e8:31:74:88:c0:0b:ce:41:f2:3b:f1:38:f8:d6:ea:5e:
83:2b:56:d0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCKAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNDAxMzEwNTM1MjZaFw0zNDAxMTgwNTM1MjZaMBgxFjAU
BgNVBAMTDTY1YjlkYzI0LWQ2ZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8/of5WyPAe5xgtz1eDRHGqlpAl2HeBPayiWe1tIUhAjlRuEYzaa8isRgU
ZmIY/UQ4O1Yy2Ci6EiooD5J/f9olzFUn+I+0aaxqvh9IaR2nTPjgrFOnW6e0ZHpe
X4sefSfYJRBJ5p0EhGus4vtCoeMRVPSPwUjth59h9JLKOMrzZ/TZNzw8CjZvfgBP
xsdHV+iUbbNCsDRssIObfJA3YbVR0XyTyCArWv4MXRrJxT7YrrTEYtmmGlDT362b
NefbPLv3hIdjZuJw/13l/KJ7Ok7PFpgttcwJtOji59NcueFVFa5ceNznENR4UffM
UkN8xji9Rsd+lYLzkLRp+K3L28dJAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUVPdE
czxQeLOm+DlvwWplFYv3YxwwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzhDQjMxNjcyQkZGQTExRUU5QTZCQzhBODc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALAjgAwDQYJKoZIhvcNAQELBQAD
ggEBAIP5B6xA+SPrqYsESk+OEUhf0Yih+v6w1zGRSIyK3z8mjMtXB7140ezS9zb4
hdPqA5lASl+T2DM1+2Yu+1ajFKiqOFOgye/eeSBro6TPWF3vQgVOtDqiDqdLgHmV
qg0ajfX/G/1M+YvyVztIovibq9S3dXBg9hTEdhnm1O+8I0SIlBF/hx4wjxMSudOW
Umgm05YzhvxYz5byKWSLyOIsID/y46A8DfFJ6o0j3Poz4VxP9dUnWO7doJ7k0Mck
Mda8uX6MBtgAm+Zu3W2hiDCuv8xJKRmjIN94SVgi3wd0E214daaQ80AzowcB/zjs
6DF0iMALzkHyO/E4+NbqXoMrVtA=
-----END CERTIFICATE-----
Generated at Sat May 4 01:52:47 2024 by rpki-client on console-ams.rpki-client.org