Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367D68C/C3F92A42920611EB95D6E57CF8AEA228/2E9F588E920811EB83076D7EF8AEA228.roa
File: 2E9F588E920811EB83076D7EF8AEA228.roa (raw, json)
Hash identifier: oQSBrrvnSFdaA34u8bIKrv9RVb6DtnaXK6VUugkT9/s=
Subject key identifier: 17:89:E9:7B:2C:ED:F5:05:B0:7B:AC:DF:83:27:5A:E5:AD:70:59:27
Certificate issuer: /CN=F367D68CAR/serialNumber=598DA01DE4E9CD5474AD0A6826625BE6B808F0AB
Certificate serial: 06
Authority key identifier: 59:8D:A0:1D:E4:E9:CD:54:74:AD:0A:68:26:62:5B:E6:B8:08:F0:AB
Authority info access: rsync://rpki.afrinic.net/repository/arin/WY2gHeTpzVR0rQpoJmJb5rgI8Ks.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367D68C/C3F92A42920611EB95D6E57CF8AEA228/2E9F588E920811EB83076D7EF8AEA228.roa
Signing time: Wed 31 Mar 2021 10:02:21 +0000
ROA not before: Wed 31 Mar 2021 10:02:16 +0000
ROA not after: Tue 31 Mar 2026 10:02:16 +0000
asID: 327859
IP address blocks: 169.255.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367D68C/C3F92A42920611EB95D6E57CF8AEA228/WY2gHeTpzVR0rQpoJmJb5rgI8Ks.crl
rsync://rpki.afrinic.net/repository/member_repository/F367D68C/C3F92A42920611EB95D6E57CF8AEA228/WY2gHeTpzVR0rQpoJmJb5rgI8Ks.mft
rsync://rpki.afrinic.net/repository/arin/WY2gHeTpzVR0rQpoJmJb5rgI8Ks.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367D68CAR/serialNumber=598DA01DE4E9CD5474AD0A6826625BE6B808F0AB
Validity
Not Before: Mar 31 10:02:16 2021 GMT
Not After : Mar 31 10:02:16 2026 GMT
Subject: CN=606448ac-23c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ff:f8:65:cd:3f:42:f9:fd:8c:d4:55:42:13:
fd:de:05:5e:c3:48:07:1c:92:a1:1f:4d:12:4d:52:
70:69:e9:69:4a:b5:dd:5e:56:43:22:51:a9:3f:73:
80:e0:16:64:af:01:07:ee:74:4f:a0:11:2c:47:0c:
3b:30:ae:89:99:07:9f:c1:31:9b:97:ae:54:c1:10:
b9:04:ab:84:c4:e0:b8:2a:a0:87:c9:5b:56:60:fc:
4c:8b:ba:e4:1f:cb:e2:18:9c:aa:02:38:a8:22:2b:
e4:e6:89:46:e5:fd:e2:81:e4:84:0b:13:7c:74:2d:
f4:c4:ed:d1:06:32:2e:5d:d5:c5:70:c0:63:16:3f:
f8:8a:ef:49:8c:8c:38:ab:a4:db:22:b7:f2:a7:b2:
5c:87:18:35:c8:05:ba:d7:11:1c:e8:70:99:3f:75:
28:6a:95:3b:28:a4:b2:72:77:ef:fe:46:40:2a:be:
5e:22:42:ae:71:0b:ae:fc:61:79:2f:ef:59:6d:63:
1b:06:e2:3c:a6:74:97:de:51:35:34:ac:92:bc:16:
2e:7c:aa:4a:63:7b:b7:13:60:7f:68:6e:92:85:43:
b6:12:93:14:5d:0f:12:67:bd:ba:21:29:cd:10:26:
63:aa:19:93:d6:54:43:0c:78:99:c8:33:11:fb:c9:
b6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:89:E9:7B:2C:ED:F5:05:B0:7B:AC:DF:83:27:5A:E5:AD:70:59:27
X509v3 Authority Key Identifier:
keyid:59:8D:A0:1D:E4:E9:CD:54:74:AD:0A:68:26:62:5B:E6:B8:08:F0:AB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367D68C/C3F92A42920611EB95D6E57CF8AEA228/WY2gHeTpzVR0rQpoJmJb5rgI8Ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/WY2gHeTpzVR0rQpoJmJb5rgI8Ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367D68C/C3F92A42920611EB95D6E57CF8AEA228/2E9F588E920811EB83076D7EF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.255.114.0/24
Signature Algorithm: sha256WithRSAEncryption
21:7c:c2:7c:0c:40:d8:2d:09:d1:0e:14:e2:ba:25:30:f4:82:
10:b9:b2:60:3a:91:3b:58:0f:02:54:c2:a4:c1:b7:73:87:1d:
16:bf:68:02:96:c2:87:85:ac:55:56:95:86:a6:ff:2c:69:ed:
e7:32:67:bd:7a:11:12:92:d1:cf:4f:a4:ec:ea:10:fb:f2:61:
88:85:d4:8d:b2:f0:ab:d7:88:fa:16:18:3a:b3:93:32:a4:af:
82:37:83:49:c3:03:4a:3a:c4:57:df:cf:ae:18:9b:6e:d2:2e:
a3:5f:ca:95:a5:8b:f9:7c:75:d6:cd:68:8c:71:54:de:18:5a:
9a:ff:2d:46:c6:8c:92:12:b8:f7:f8:fc:8c:31:57:53:a1:33:
61:18:bf:84:66:f3:89:80:d8:68:f2:e0:3f:59:e5:44:41:a3:
7b:11:e9:f0:b5:dc:f7:1a:fe:0a:c0:38:6e:21:25:28:de:c7:
d4:a3:bb:e7:0c:ce:17:7f:c5:28:fe:4c:55:42:67:23:ab:5b:
ac:54:27:0d:5c:e2:c5:bf:0c:07:f9:88:1f:8f:92:9b:10:62:
4d:2f:e6:06:6f:d4:a0:cc:ea:20:6f:6a:56:73:bb:ae:34:11:
dd:2e:cd:94:ce:d3:9e:dd:cc:e4:1e:4c:a6:4f:f6:f2:f2:aa:
d0:96:b5:82
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
RDY4Q0FSMTEwLwYDVQQFEyg1OThEQTAxREU0RTlDRDU0NzRBRDBBNjgyNjYyNUJF
NkI4MDhGMEFCMB4XDTIxMDMzMTEwMDIxNloXDTI2MDMzMTEwMDIxNlowGDEWMBQG
A1UEAxMNNjA2NDQ4YWMtMjNjMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANv/+GXNP0L5/YzUVUIT/d4FXsNIBxySoR9NEk1ScGnpaUq13V5WQyJRqT9z
gOAWZK8BB+50T6ARLEcMOzCuiZkHn8Exm5euVMEQuQSrhMTguCqgh8lbVmD8TIu6
5B/L4hicqgI4qCIr5OaJRuX94oHkhAsTfHQt9MTt0QYyLl3VxXDAYxY/+IrvSYyM
OKuk2yK38qeyXIcYNcgFutcRHOhwmT91KGqVOyiksnJ37/5GQCq+XiJCrnELrvxh
eS/vWW1jGwbiPKZ0l95RNTSskrwWLnyqSmN7txNgf2hukoVDthKTFF0PEme9uiEp
zRAmY6oZk9ZUQwx4mcgzEfvJthsCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQXiel7
LO31BbB7rN+DJ1rlrXBZJzAfBgNVHSMEGDAWgBRZjaAd5OnNVHStCmgmYlvmuAjw
qzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0Q2OEMvQzNGOTJBNDI5MjA2MTFFQjk1RDZFNTdDRjhBRUEyMjgvV1kyZ0hl
VHB6VlIwclFwb0ptSmI1cmdJOEtzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
V1kyZ0hlVHB6VlIwclFwb0ptSmI1cmdJOEtzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2N0Q2OEMvQzNGOTJBNDI5MjA2MTFFQjk1RDZFNTdDRjhBRUEy
MjgvMkU5RjU4OEU5MjA4MTFFQjgzMDc2RDdFRjhBRUEyMjgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKn/cjANBgkqhkiG9w0BAQsFAAOC
AQEAIXzCfAxA2C0J0Q4U4rolMPSCELmyYDqRO1gPAlTCpMG3c4cdFr9oApbCh4Ws
VVaVhqb/LGnt5zJnvXoREpLRz0+k7OoQ+/JhiIXUjbLwq9eI+hYYOrOTMqSvgjeD
ScMDSjrEV9/PrhibbtIuo1/KlaWL+Xx11s1ojHFU3hhamv8tRsaMkhK49/j8jDFX
U6EzYRi/hGbziYDYaPLgP1nlREGjexHp8LXc9xr+CsA4biElKN7H1KO75wzOF3/F
KP5MVUJnI6tbrFQnDVzixb8MB/mIH4+SmxBiTS/mBm/UoMzqIG9qVnO7rjQR3S7N
lM7Tnt3M5B5Mpk/28vKq0Ja1gg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:45 2024 by rpki-client on console-ams.rpki-client.org