Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3671DBD/3EE102DE124411ED9F6268B4F1222468/B1BFBFEA278711ED8808E3CDF1222468.roa
File: B1BFBFEA278711ED8808E3CDF1222468.roa (raw, json)
Hash identifier: Assvrj8OD6s30X7gj/5howMI7VisH2Gq7WxHn9j6+kQ=
Subject key identifier: D5:43:6A:91:09:83:21:46:A4:3C:42:C8:0E:42:FE:4F:B0:9F:6C:F4
Certificate issuer: /CN=F3671DBDAR/serialNumber=C83DC68CE2BE43253AAA551AAE22F95A1F1DAD2B
Certificate serial: 20
Authority key identifier: C8:3D:C6:8C:E2:BE:43:25:3A:AA:55:1A:AE:22:F9:5A:1F:1D:AD:2B
Authority info access: rsync://rpki.afrinic.net/repository/arin/yD3GjOK-QyU6qlUariL5Wh8drSs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/3EE102DE124411ED9F6268B4F1222468/B1BFBFEA278711ED8808E3CDF1222468.roa
Signing time: Mon 29 Aug 2022 10:45:27 +0000
ROA not before: Mon 29 Aug 2022 10:45:23 +0000
ROA not after: Sun 29 Aug 2032 10:45:23 +0000
asID: 327896
IP address blocks: 169.255.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/3EE102DE124411ED9F6268B4F1222468/yD3GjOK-QyU6qlUariL5Wh8drSs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/3EE102DE124411ED9F6268B4F1222468/yD3GjOK-QyU6qlUariL5Wh8drSs.mft
rsync://rpki.afrinic.net/repository/arin/yD3GjOK-QyU6qlUariL5Wh8drSs.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 May 2024 00:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32 (0x20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3671DBDAR/serialNumber=C83DC68CE2BE43253AAA551AAE22F95A1F1DAD2B
Validity
Not Before: Aug 29 10:45:23 2022 GMT
Not After : Aug 29 10:45:23 2032 GMT
Subject: CN=630c98c7-1d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:48:9e:4c:4d:20:85:23:f9:d7:01:dc:bb:91:
6c:2e:02:df:25:75:d9:6e:d0:53:1e:76:da:a8:2f:
c6:4d:dc:ed:f7:25:64:45:9f:c3:f4:67:6d:fb:9f:
7d:10:40:1f:50:6d:6c:46:a4:9e:2b:10:de:9e:13:
84:14:aa:cc:e0:06:6e:83:d2:55:c4:01:98:81:2b:
be:0f:94:eb:be:49:09:8d:a8:fa:43:d9:c3:9c:b0:
ff:36:de:ea:3a:b0:01:6c:43:48:d1:1e:55:39:23:
93:26:ca:b3:83:dc:e3:53:cd:d7:82:7e:71:80:88:
2b:b8:f6:23:2c:d0:fe:46:83:e8:6d:c8:8a:f4:33:
de:1d:57:fd:1e:a6:84:51:e6:15:0d:78:93:8a:91:
1c:a5:a0:b7:7e:59:8c:d3:00:b9:54:a6:77:ba:29:
18:ed:68:df:66:ab:76:cf:b8:86:54:a9:e7:2d:6d:
78:86:20:36:f1:7a:ef:89:2f:31:e0:48:98:cb:d8:
02:3e:e8:ad:4b:a5:e6:c8:20:c4:dd:b2:dd:72:56:
b0:5f:4f:43:e0:38:53:89:cc:fd:a9:e4:b1:ee:35:
14:5f:b2:8c:13:49:72:c6:59:95:fc:38:12:03:0a:
02:1a:db:f1:00:1a:58:8f:08:73:8c:b0:86:6b:8d:
e8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:43:6A:91:09:83:21:46:A4:3C:42:C8:0E:42:FE:4F:B0:9F:6C:F4
X509v3 Authority Key Identifier:
keyid:C8:3D:C6:8C:E2:BE:43:25:3A:AA:55:1A:AE:22:F9:5A:1F:1D:AD:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/3EE102DE124411ED9F6268B4F1222468/yD3GjOK-QyU6qlUariL5Wh8drSs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/yD3GjOK-QyU6qlUariL5Wh8drSs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3671DBD/3EE102DE124411ED9F6268B4F1222468/B1BFBFEA278711ED8808E3CDF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.255.240.0/22
Signature Algorithm: sha256WithRSAEncryption
06:e3:15:11:ab:b9:8a:83:a1:50:38:23:8d:cd:ba:90:7e:0b:
a0:67:f2:4a:16:b3:7a:84:6f:70:30:5b:02:33:aa:53:c6:77:
c1:50:95:4c:e9:e7:bd:c5:88:9c:d5:16:42:d9:51:1c:e3:b2:
3e:72:4f:66:c9:1c:62:0f:30:b8:6a:ea:37:db:5f:64:f1:9b:
60:25:c6:2d:04:57:07:08:f2:a4:a8:f3:ad:9c:e4:bf:20:da:
68:d7:6c:e3:39:f9:d8:31:d6:a4:6c:56:23:8f:f7:33:35:44:
57:83:10:ff:a5:78:e6:13:ff:9d:e8:c5:5c:fb:50:7f:53:81:
0b:62:89:3a:50:d4:82:0a:70:e7:af:fe:6d:e7:3e:83:04:70:
8e:8d:ab:99:80:ec:d9:92:0e:f4:30:78:9e:f4:0b:0a:7d:6f:
c7:d3:13:d7:08:2a:f6:89:8d:6c:bb:f9:0c:b0:61:02:b7:3e:
b0:7f:06:94:83:20:60:c5:65:ab:75:66:95:13:98:1e:4c:3b:
0f:17:46:68:62:34:ea:bf:fb:8f:b9:21:12:fb:dd:5c:66:84:
02:a0:7d:32:92:e5:bf:07:81:f5:03:6d:61:e0:c1:f4:6c:4d:
7b:e3:85:8a:3c:19:97:30:36:c6:93:9a:66:ac:25:5b:90:c2:
d2:ba:17:09
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBIDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY3
MURCREFSMTEwLwYDVQQFEyhDODNEQzY4Q0UyQkU0MzI1M0FBQTU1MUFBRTIyRjk1
QTFGMURBRDJCMB4XDTIyMDgyOTEwNDUyM1oXDTMyMDgyOTEwNDUyM1owGDEWMBQG
A1UEAwwNNjMwYzk4YzctMWQxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNInkxNIIUj+dcB3LuRbC4C3yV12W7QUx522qgvxk3c7fclZEWfw/Rnbfuf
fRBAH1BtbEaknisQ3p4ThBSqzOAGboPSVcQBmIErvg+U675JCY2o+kPZw5yw/zbe
6jqwAWxDSNEeVTkjkybKs4Pc41PN14J+cYCIK7j2IyzQ/kaD6G3IivQz3h1X/R6m
hFHmFQ14k4qRHKWgt35ZjNMAuVSmd7opGO1o32ards+4hlSp5y1teIYgNvF674kv
MeBImMvYAj7orUul5sggxN2y3XJWsF9PQ+A4U4nM/ankse41FF+yjBNJcsZZlfw4
EgMKAhrb8QAaWI8Ic4ywhmuN6EUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTVQ2qR
CYMhRqQ8QsgOQv5PsJ9s9DAfBgNVHSMEGDAWgBTIPcaM4r5DJTqqVRquIvlaHx2t
KzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzFEQkQvM0VFMTAyREUxMjQ0MTFFRDlGNjI2OEI0RjEyMjI0NjgveUQzR2pP
Sy1ReVU2cWxVYXJpTDVXaDhkclNzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eUQzR2pPSy1ReVU2cWxVYXJpTDVXaDhkclNzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NzFEQkQvM0VFMTAyREUxMjQ0MTFFRDlGNjI2OEI0RjEyMjI0
NjgvQjFCRkJGRUEyNzg3MTFFRDg4MDhFM0NERjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqn/8DANBgkqhkiG9w0BAQsFAAOC
AQEABuMVEau5ioOhUDgjjc26kH4LoGfyShazeoRvcDBbAjOqU8Z3wVCVTOnnvcWI
nNUWQtlRHOOyPnJPZskcYg8wuGrqN9tfZPGbYCXGLQRXBwjypKjzrZzkvyDaaNds
4zn52DHWpGxWI4/3MzVEV4MQ/6V45hP/nejFXPtQf1OBC2KJOlDUggpw56/+bec+
gwRwjo2rmYDs2ZIO9DB4nvQLCn1vx9MT1wgq9omNbLv5DLBhArc+sH8GlIMgYMVl
q3VmlROYHkw7DxdGaGI06r/7j7khEvvdXGaEAqB9MpLlvweB9QNtYeDB9GxNe+OF
ijwZlzA2xpOaZqwlW5DC0roXCQ==
-----END CERTIFICATE-----
Generated at Fri May 17 03:06:26 2024 by rpki-client on console-ams.rpki-client.org