Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/36C1DE70B91011ED88D79DBDF1222468.roa
File: 36C1DE70B91011ED88D79DBDF1222468.roa (raw, json)
Hash identifier: W36hnklCxUmaZlJyHZv7Qp792C5Vr81CjD4AlpjIwhA=
Subject key identifier: 52:62:22:EB:33:99:58:E8:30:2B:F0:45:23:D9:7C:A8:9A:4E:0A:EC
Certificate issuer: /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial: 2F
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/36C1DE70B91011ED88D79DBDF1222468.roa
Signing time: Thu 02 Mar 2023 15:38:01 +0000
ROA not before: Thu 02 Mar 2023 15:37:57 +0000
ROA not after: Mon 02 Mar 2026 15:37:57 +0000
asID: 29286
IP address blocks: 160.242.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47 (0x2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Validity
Not Before: Mar 2 15:37:57 2023 GMT
Not After : Mar 2 15:37:57 2026 GMT
Subject: CN=6400c2d9-f5de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:c7:e3:ce:df:09:87:05:de:c9:e7:f2:11:
cd:b5:a4:8b:c1:11:6c:d2:c2:f1:e5:af:61:ac:78:
98:16:21:59:d9:ac:6e:83:02:13:83:eb:17:bf:f5:
5f:f5:d7:4b:f6:b6:74:b5:33:51:5e:e2:0f:03:a2:
ce:52:0a:4a:ee:75:37:ba:65:a7:bb:35:46:7a:c3:
1f:88:d1:a4:f4:b3:93:ac:11:7b:bd:80:ff:da:27:
23:1c:d5:f6:a9:ba:80:d6:53:a3:f9:a7:13:64:8c:
0a:21:49:6c:ac:59:01:71:77:9d:e5:3e:9a:84:f9:
85:39:c6:e5:7f:57:73:93:46:a2:0a:89:0a:22:01:
ca:fa:03:7f:1f:e8:01:0e:3d:03:6f:d1:70:da:8f:
d1:ea:52:fb:09:7c:35:d9:99:eb:ec:87:56:1c:55:
32:3d:41:67:3f:92:61:ce:66:4d:cc:cb:ef:d5:d4:
47:d1:7a:8d:f1:ae:a2:10:8e:96:16:2a:b2:ce:ab:
cd:dc:69:5b:a7:90:77:f1:67:67:14:95:3c:51:e8:
84:d2:07:65:ac:21:b2:79:e1:83:84:a6:82:54:cc:
3c:79:99:6a:a0:13:54:31:55:bc:f5:da:a3:07:79:
6b:e7:36:8c:3e:8b:b8:3f:97:fd:31:fe:4d:3c:af:
14:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:62:22:EB:33:99:58:E8:30:2B:F0:45:23:D9:7C:A8:9A:4E:0A:EC
X509v3 Authority Key Identifier:
keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/36C1DE70B91011ED88D79DBDF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.242.69.0/24
Signature Algorithm: sha256WithRSAEncryption
39:38:74:82:8c:a5:98:47:ce:72:0a:eb:b0:2d:de:a6:31:9f:
37:4e:61:08:fb:01:d4:d5:73:7b:75:40:96:19:76:ba:6e:5a:
1a:a5:47:6d:d7:bd:bf:bb:86:52:a9:44:94:ef:a6:39:a1:9f:
57:03:7e:bc:b8:2e:61:da:cb:a5:4c:5b:3a:c4:16:43:71:a9:
bd:10:48:fe:16:41:e9:d3:73:35:73:f0:a6:4a:db:50:0b:75:
76:12:13:0a:8f:67:83:e1:8b:a8:c9:4d:23:4b:0f:27:94:2c:
23:76:0c:35:ef:76:62:0e:1f:cb:b1:43:5c:43:c1:a9:7f:01:
08:50:6c:30:0b:9b:ca:55:ac:18:b9:cf:eb:e0:2e:da:07:1c:
72:7b:d5:4a:9c:6e:ac:3c:dc:df:20:36:ad:99:b4:0f:d8:82:
84:85:66:03:20:cf:89:ea:b2:ff:4e:40:e3:29:62:7d:ef:c0:
bf:c4:cc:57:96:87:c7:93:a4:6e:d7:db:47:1f:36:94:20:42:
f4:0b:78:7f:b7:f0:1c:14:bc:3e:de:e1:27:11:8d:c3:13:d7:
47:9a:b5:01:3b:62:0b:20:96:ad:6c:60:f9:80:0d:90:e2:25:
e7:7a:1f:9d:45:df:ff:ea:40:8c:b5:eb:70:6e:a5:50:61:b9:
a9:60:68:e2
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBLzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE1Mzc1N1oXDTI2MDMwMjE1Mzc1N1owGDEWMBQG
A1UEAwwNNjQwMGMyZDktZjVkZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcMx+PO3wmHBd7J5/IRzbWki8ERbNLC8eWvYax4mBYhWdmsboMCE4PrF7/1
X/XXS/a2dLUzUV7iDwOizlIKSu51N7plp7s1RnrDH4jRpPSzk6wRe72A/9onIxzV
9qm6gNZTo/mnE2SMCiFJbKxZAXF3neU+moT5hTnG5X9Xc5NGogqJCiIByvoDfx/o
AQ49A2/RcNqP0epS+wl8NdmZ6+yHVhxVMj1BZz+SYc5mTczL79XUR9F6jfGuohCO
lhYqss6rzdxpW6eQd/FnZxSVPFHohNIHZawhsnnhg4SmglTMPHmZaqATVDFVvPXa
owd5a+c2jD6LuD+X/TH+TTyvFKsCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRSYiLr
M5lY6DAr8EUj2Xyomk4K7DAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvMzZDMURFNzBCOTEwMTFFRDg4RDc5REJERjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKDyRTANBgkqhkiG9w0BAQsFAAOC
AQEAOTh0goylmEfOcgrrsC3epjGfN05hCPsB1NVze3VAlhl2um5aGqVHbde9v7uG
UqlElO+mOaGfVwN+vLguYdrLpUxbOsQWQ3GpvRBI/hZB6dNzNXPwpkrbUAt1dhIT
Co9ng+GLqMlNI0sPJ5QsI3YMNe92Yg4fy7FDXEPBqX8BCFBsMAubylWsGLnP6+Au
2gcccnvVSpxurDzc3yA2rZm0D9iChIVmAyDPieqy/05A4ylife/Av8TMV5aHx5Ok
btfbRx82lCBC9At4f7fwHBS8Pt7hJxGNwxPXR5q1ATtiCyCWrWxg+YANkOIl53of
nUXf/+pAjLXrcG6lUGG5qWBo4g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org