Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/E71E5D4C2EB411EEA206B6794AD9E6FC.roa
File: E71E5D4C2EB411EEA206B6794AD9E6FC.roa (raw, json)
Hash identifier: hbtcT6eA8KL9XUcRwzBfgyp8AVJuRXtNG7MjkLclPW8=
Subject key identifier: 1D:B0:EB:B9:3E:7A:D3:90:37:36:B7:06:01:D6:94:53:FB:6E:1A:29
Certificate issuer: /CN=F367EEA2AR/serialNumber=567CAF99182B9E274FB9A6D6908878AB01C34281
Certificate serial: 02
Authority key identifier: 56:7C:AF:99:18:2B:9E:27:4F:B9:A6:D6:90:88:78:AB:01:C3:42:81
Authority info access: rsync://rpki.afrinic.net/repository/arin/VnyvmRgrnidPuabWkIh4qwHDQoE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/E71E5D4C2EB411EEA206B6794AD9E6FC.roa
Signing time: Sun 30 Jul 2023 08:41:40 +0000
ROA not before: Sun 30 Jul 2023 08:41:36 +0000
ROA not after: Sun 31 Jul 2033 08:41:36 +0000
asID: 37697
IP address blocks: 160.119.112.0/21 maxlen: 21
169.255.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/VnyvmRgrnidPuabWkIh4qwHDQoE.crl
rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/VnyvmRgrnidPuabWkIh4qwHDQoE.mft
rsync://rpki.afrinic.net/repository/arin/VnyvmRgrnidPuabWkIh4qwHDQoE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:21:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F367EEA2AR/serialNumber=567CAF99182B9E274FB9A6D6908878AB01C34281
Validity
Not Before: Jul 30 08:41:36 2023 GMT
Not After : Jul 31 08:41:36 2033 GMT
Subject: CN=64c62244-72a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d1:d8:3f:87:1d:1d:f0:69:6b:e1:d2:be:1e:
7e:5c:25:9a:82:0b:46:c8:9a:b3:1f:43:f4:5b:c6:
28:7d:80:a3:0f:65:e6:10:f2:51:0f:78:30:ea:a4:
fa:06:a3:37:3b:ca:67:b8:ff:4c:5d:be:07:e6:1c:
d3:90:8f:eb:08:d4:4d:10:31:2e:a9:7c:2b:33:d9:
ba:44:00:e9:97:9f:56:46:02:4a:8c:dc:3f:b0:e3:
b3:9d:33:f1:d6:30:e0:fd:9e:a0:87:1f:05:41:12:
52:8a:67:8c:5e:07:af:12:0c:65:89:88:99:5d:4a:
f1:84:ea:fb:80:e1:8a:32:34:c4:4f:f2:df:5e:79:
b4:82:3d:bc:d1:5e:21:da:1a:c8:31:a6:ac:29:6e:
5e:e6:a0:73:6a:b2:94:9f:a5:f7:aa:4b:df:2f:97:
a9:82:42:26:e5:d2:a9:32:94:ba:84:b2:26:65:0d:
7b:f8:e2:23:ca:a2:a7:79:fc:a4:95:b1:80:0a:4e:
d0:cd:e2:7d:b8:46:ef:eb:bc:84:38:d3:03:ab:9e:
c3:e3:9c:d1:b4:d0:68:92:fc:6f:69:a6:3f:3f:57:
a7:38:59:54:d7:03:94:ef:88:81:9f:93:f2:df:fc:
39:a9:3c:72:dd:32:b5:19:4d:fc:b9:71:a0:5f:2d:
f8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B0:EB:B9:3E:7A:D3:90:37:36:B7:06:01:D6:94:53:FB:6E:1A:29
X509v3 Authority Key Identifier:
keyid:56:7C:AF:99:18:2B:9E:27:4F:B9:A6:D6:90:88:78:AB:01:C3:42:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/VnyvmRgrnidPuabWkIh4qwHDQoE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/VnyvmRgrnidPuabWkIh4qwHDQoE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367EEA2/A459C8A22EB411EE89BAC3784AD9E6FC/E71E5D4C2EB411EEA206B6794AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.119.112.0/21
169.255.132.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:8b:73:9c:53:9c:95:ae:37:00:4e:2a:52:24:d5:b2:3c:72:
63:7c:80:03:11:a0:45:ed:de:e6:a3:cc:e8:4f:34:ca:fe:a6:
e2:fc:13:16:c3:bc:33:d1:b8:56:d7:99:32:19:c9:48:94:6f:
ac:e5:21:b3:bb:56:1a:a5:06:25:56:c9:52:ef:98:c2:ce:57:
bb:69:6b:d4:2a:97:50:a3:f7:88:61:96:14:30:56:06:e2:a2:
e6:c4:40:41:a2:c7:ce:57:e9:01:56:85:c0:53:c4:e5:72:5e:
da:40:2b:7f:d2:85:b8:4f:3e:65:27:f4:d4:a4:3b:c5:18:ea:
92:eb:7f:73:74:61:72:53:15:47:21:a5:2b:5f:e1:fc:2b:40:
e9:7b:f7:fc:f5:6b:4a:3c:a4:96:83:d7:53:15:8b:85:54:6d:
d7:2a:ac:1e:27:ae:54:f7:7d:02:1e:23:2f:fd:a9:a2:c4:fa:
26:44:2b:5f:39:9d:59:65:14:31:68:cb:41:3a:93:5b:a3:3d:
12:10:1d:30:df:4e:d6:9b:5d:bb:e7:c9:4d:52:e3:41:0a:39:
ce:5f:f7:9e:c3:2f:2e:0a:5b:24:8b:50:03:8d:a7:c3:4d:9f:
e4:82:70:36:1c:66:a9:8a:9e:b0:cb:47:98:1d:75:a2:35:9d:
4b:d5:db:dd
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
RUVBMkFSMTEwLwYDVQQFEyg1NjdDQUY5OTE4MkI5RTI3NEZCOUE2RDY5MDg4NzhB
QjAxQzM0MjgxMB4XDTIzMDczMDA4NDEzNloXDTMzMDczMTA4NDEzNlowGDEWMBQG
A1UEAxMNNjRjNjIyNDQtNzJhMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXR2D+HHR3waWvh0r4eflwlmoILRsiasx9D9FvGKH2Aow9l5hDyUQ94MOqk
+gajNzvKZ7j/TF2+B+Yc05CP6wjUTRAxLql8KzPZukQA6ZefVkYCSozcP7Djs50z
8dYw4P2eoIcfBUESUopnjF4HrxIMZYmImV1K8YTq+4DhijI0xE/y3155tII9vNFe
IdoayDGmrCluXuagc2qylJ+l96pL3y+XqYJCJuXSqTKUuoSyJmUNe/jiI8qip3n8
pJWxgApO0M3ifbhG7+u8hDjTA6uew+Oc0bTQaJL8b2mmPz9XpzhZVNcDlO+IgZ+T
8t/8Oak8ct0ytRlN/LlxoF8t+B0CAwEAAaOCAqgwggKkMB0GA1UdDgQWBBQdsOu5
PnrTkDc2twYB1pRT+24aKTAfBgNVHSMEGDAWgBRWfK+ZGCueJ0+5ptaQiHirAcNC
gTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0VFQTIvQTQ1OUM4QTIyRUI0MTFFRTg5QkFDMzc4NEFEOUU2RkMvVm55dm1S
Z3JuaWRQdWFiV2tJaDRxd0hEUW9FLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
Vm55dm1SZ3JuaWRQdWFiV2tJaDRxd0hEUW9FLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2N0VFQTIvQTQ1OUM4QTIyRUI0MTFFRTg5QkFDMzc4NEFEOUU2
RkMvRTcxRTVENEMyRUI0MTFFRUEyMDZCNjc5NEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA6B3cAMEAqn/hDANBgkqhkiG9w0B
AQsFAAOCAQEAnItznFOcla43AE4qUiTVsjxyY3yAAxGgRe3e5qPM6E80yv6m4vwT
FsO8M9G4VteZMhnJSJRvrOUhs7tWGqUGJVbJUu+Yws5Xu2lr1CqXUKP3iGGWFDBW
BuKi5sRAQaLHzlfpAVaFwFPE5XJe2kArf9KFuE8+ZSf01KQ7xRjqkut/c3RhclMV
RyGlK1/h/CtA6Xv3/PVrSjykloPXUxWLhVRt1yqsHieuVPd9Ah4jL/2posT6JkQr
XzmdWWUUMWjLQTqTW6M9EhAdMN9O1ptdu+fJTVLjQQo5zl/3nsMvLgpbJItQA42n
w02f5IJwNhxmqYqesMtHmB11ojWdS9Xb3Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:45 2024 by rpki-client on console-ams.rpki-client.org