Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/3FB5FE122F6711EE90A2841B4AD9E6FC.roa
File: 3FB5FE122F6711EE90A2841B4AD9E6FC.roa (raw, json)
Hash identifier: WJqH0lra+XjbqtJEVmP0k9XRwahFYNZjcO/TJSOHaQA=
Subject key identifier: 25:33:82:AC:CF:89:AC:2D:A2:23:EE:0E:4C:35:D2:7A:45:80:84:FE
Certificate issuer: /CN=F367EEA2AR/serialNumber=567CAF99182B9E274FB9A6D6908878AB01C34281
Certificate serial: 06
Authority key identifier: 56:7C:AF:99:18:2B:9E:27:4F:B9:A6:D6:90:88:78:AB:01:C3:42:81
Authority info access: rsync://rpki.afrinic.net/repository/arin/VnyvmRgrnidPuabWkIh4qwHDQoE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/3FB5FE122F6711EE90A2841B4AD9E6FC.roa
Signing time: Mon 31 Jul 2023 05:58:19 +0000
ROA not before: Mon 31 Jul 2023 05:58:14 +0000
ROA not after: Fri 31 Jul 2043 05:58:14 +0000
asID: 37697
IP address blocks: 160.119.112.0/21 maxlen: 24
169.255.132.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/VnyvmRgrnidPuabWkIh4qwHDQoE.crl
rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/VnyvmRgrnidPuabWkIh4qwHDQoE.mft
rsync://rpki.afrinic.net/repository/arin/VnyvmRgrnidPuabWkIh4qwHDQoE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367EEA2AR/serialNumber=567CAF99182B9E274FB9A6D6908878AB01C34281
Validity
Not Before: Jul 31 05:58:14 2023 GMT
Not After : Jul 31 05:58:14 2043 GMT
Subject: CN=64c74d7b-3434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:56:c9:9f:ee:be:02:d4:33:fa:99:50:96:4f:
ed:54:11:26:d6:f8:6b:27:dd:57:c5:ce:7d:bd:31:
27:3a:d2:e6:6c:4a:dc:5d:2a:bf:db:b0:de:a3:4f:
20:8d:ac:df:bc:58:a8:eb:fc:c3:07:bc:f4:77:3c:
b2:03:0d:2b:ed:d9:cb:80:c2:c2:a0:f6:1d:e8:de:
f1:8b:7e:99:aa:a6:f5:11:3f:ed:85:88:29:ec:48:
ff:b8:05:7d:60:8a:57:11:28:bc:86:c5:4f:11:5e:
43:4d:64:da:96:24:ec:f2:d9:71:c0:4b:0e:4f:4d:
9b:d9:a9:41:8f:75:b2:fc:c2:a9:75:80:be:6c:23:
e4:06:48:26:d2:40:35:91:ba:f5:15:36:86:c6:47:
19:fb:ec:5f:80:d0:c2:09:fc:71:65:c5:f7:7b:34:
0f:c7:08:c3:83:fc:b7:fa:f3:ff:bb:38:97:c6:df:
95:ed:72:c3:29:41:fc:dc:19:7f:45:b8:2e:72:68:
45:1b:4b:03:ad:02:c4:cd:7d:94:cb:82:d1:76:eb:
3a:5f:61:ae:69:95:18:45:30:35:d3:07:6c:d5:0d:
e3:05:33:be:fc:87:a6:62:73:c3:97:2e:48:58:d0:
9e:cd:df:cc:71:72:b4:0b:35:fd:50:a8:bc:a2:d4:
f7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:33:82:AC:CF:89:AC:2D:A2:23:EE:0E:4C:35:D2:7A:45:80:84:FE
X509v3 Authority Key Identifier:
keyid:56:7C:AF:99:18:2B:9E:27:4F:B9:A6:D6:90:88:78:AB:01:C3:42:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/VnyvmRgrnidPuabWkIh4qwHDQoE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/VnyvmRgrnidPuabWkIh4qwHDQoE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/3FB5FE122F6711EE90A2841B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.119.112.0/21
169.255.132.0/22
Signature Algorithm: sha256WithRSAEncryption
83:c5:e4:2b:b8:0f:35:27:17:31:a4:89:3f:51:63:9b:91:00:
f0:ba:e6:a8:4a:b8:d4:ef:00:52:58:86:fe:79:80:77:76:89:
65:d4:54:bd:5d:b1:d0:68:17:f1:2b:ab:ee:ec:a2:ba:7c:f2:
8c:ff:c8:4c:b2:5e:3f:29:ac:16:41:81:07:14:fb:8b:ae:60:
7c:24:4c:ad:5f:ed:d8:78:56:15:bd:6e:67:5f:01:a0:f9:6d:
4d:7d:af:a9:3a:b7:d5:b8:90:40:76:6d:e5:d5:d4:b5:74:73:
e3:f6:ea:2a:19:df:49:63:79:35:b9:9c:7c:94:be:52:bb:5f:
d7:c0:a6:5a:1e:8c:88:b1:19:d9:b3:3f:e2:7d:af:9d:4d:50:
77:13:b1:c8:2b:d6:65:1b:22:11:b6:19:05:50:a0:53:87:1f:
cf:0f:47:b6:c1:85:34:d8:fe:b8:92:fa:24:18:7d:5d:9b:a6:
53:a7:6f:e1:ea:4c:fe:df:6b:a8:4b:b1:d5:45:b9:1b:11:02:
45:89:4a:cb:a3:97:7d:74:0e:80:f2:ff:dd:d2:60:a5:bd:63:
bb:da:97:77:08:e9:31:21:2c:12:fa:d9:9c:c0:59:da:58:ff:
d7:68:e9:25:50:96:33:3e:1d:02:71:6d:6d:40:34:39:4c:6e:
77:d6:89:5c
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
RUVBMkFSMTEwLwYDVQQFEyg1NjdDQUY5OTE4MkI5RTI3NEZCOUE2RDY5MDg4NzhB
QjAxQzM0MjgxMB4XDTIzMDczMTA1NTgxNFoXDTQzMDczMTA1NTgxNFowGDEWMBQG
A1UEAxMNNjRjNzRkN2ItMzQzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1WyZ/uvgLUM/qZUJZP7VQRJtb4ayfdV8XOfb0xJzrS5mxK3F0qv9uw3qNP
II2s37xYqOv8wwe89Hc8sgMNK+3Zy4DCwqD2Heje8Yt+maqm9RE/7YWIKexI/7gF
fWCKVxEovIbFTxFeQ01k2pYk7PLZccBLDk9Nm9mpQY91svzCqXWAvmwj5AZIJtJA
NZG69RU2hsZHGfvsX4DQwgn8cWXF93s0D8cIw4P8t/rz/7s4l8bfle1ywylB/NwZ
f0W4LnJoRRtLA60CxM19lMuC0XbrOl9hrmmVGEUwNdMHbNUN4wUzvvyHpmJzw5cu
SFjQns3fzHFytAs1/VCovKLU9/ECAwEAAaOCAqgwggKkMB0GA1UdDgQWBBQlM4Ks
z4msLaIj7g5MNdJ6RYCE/jAfBgNVHSMEGDAWgBRWfK+ZGCueJ0+5ptaQiHirAcNC
gTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0VFQTIvQTQ1OUM4QTIyRUI0MTFFRTg5QkFDMzc4NEFEOUU2RkMvVm55dm1S
Z3JuaWRQdWFiV2tJaDRxd0hEUW9FLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
Vm55dm1SZ3JuaWRQdWFiV2tJaDRxd0hEUW9FLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2N0VFQTIvQTQ1OUM4QTIyRUI0MTFFRTg5QkFDMzc4NEFEOUU2
RkMvM0ZCNUZFMTIyRjY3MTFFRTkwQTI4NDFCNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA6B3cAMEAqn/hDANBgkqhkiG9w0B
AQsFAAOCAQEAg8XkK7gPNScXMaSJP1Fjm5EA8LrmqEq41O8AUliG/nmAd3aJZdRU
vV2x0GgX8Sur7uyiunzyjP/ITLJePymsFkGBBxT7i65gfCRMrV/t2HhWFb1uZ18B
oPltTX2vqTq31biQQHZt5dXUtXRz4/bqKhnfSWN5NbmcfJS+Urtf18CmWh6MiLEZ
2bM/4n2vnU1QdxOxyCvWZRsiEbYZBVCgU4cfzw9HtsGFNNj+uJL6JBh9XZumU6dv
4epM/t9rqEux1UW5GxECRYlKy6OXfXQOgPL/3dJgpb1ju9qXdwjpMSEsEvrZnMBZ
2lj/12jpJVCWMz4dAnFtbUA0OUxud9aJXA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:45 2024 by rpki-client on console-ams.rpki-client.org