Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/37AD41C2B90A11ED8DAB4CACF1222468.roa
File: 37AD41C2B90A11ED8DAB4CACF1222468.roa (raw, json)
Hash identifier: mSWIE5KDecVcRW4iDL50SkMiLWpIwV3bXouL+7gPuPY=
Subject key identifier: 6F:9B:D0:68:3B:E5:FD:76:12:D3:65:3D:00:2C:0D:B5:00:FE:34:21
Certificate issuer: /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial: 27
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/37AD41C2B90A11ED8DAB4CACF1222468.roa
Signing time: Thu 02 Mar 2023 14:55:05 +0000
ROA not before: Thu 02 Mar 2023 14:55:01 +0000
ROA not after: Mon 02 Mar 2026 14:55:01 +0000
asID: 33763
IP address blocks: 160.242.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:21:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39 (0x27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Validity
Not Before: Mar 2 14:55:01 2023 GMT
Not After : Mar 2 14:55:01 2026 GMT
Subject: CN=6400b8c9-ac38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:32:89:59:22:13:3c:1d:ea:d8:2c:c9:bd:21:
cd:c8:d7:7a:f2:ff:3c:3d:db:7d:db:75:c0:cb:b3:
e0:2f:1b:ce:25:4b:96:9d:72:07:82:ad:f7:7f:bd:
75:32:95:b6:f6:6d:8e:f6:ae:61:3e:4e:b1:89:8c:
c2:aa:95:ad:e3:4f:39:eb:1f:db:e6:09:f6:8f:a3:
02:a9:64:01:f0:20:df:bb:fd:1b:a7:7a:5d:77:32:
a9:b2:ea:e5:39:1c:73:1d:85:c3:f6:3c:ce:be:49:
5c:42:33:01:da:21:b5:6f:a1:ce:af:32:18:20:bd:
93:bb:47:35:1c:74:e6:07:02:2e:fd:19:0f:c6:11:
33:20:15:4c:75:47:de:d7:90:0a:15:a7:cb:77:f3:
01:ff:83:a5:e0:32:1e:8f:00:7f:fe:e2:f5:36:47:
d6:1b:e1:af:3d:8f:6a:58:a3:3d:5e:23:10:96:e0:
fa:5d:ed:b8:43:3c:b7:dc:4f:02:9c:65:65:83:16:
14:ce:ef:27:39:78:fd:3f:9a:29:75:1f:c4:3a:36:
b8:c7:ad:ea:85:5a:c5:bf:5c:ee:1c:bf:be:ec:58:
2b:27:55:42:04:9e:15:9b:49:3b:e7:b4:d8:dc:e1:
8b:cd:9e:fe:d9:4c:a2:c7:74:f0:3f:7a:50:48:9b:
1b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:9B:D0:68:3B:E5:FD:76:12:D3:65:3D:00:2C:0D:B5:00:FE:34:21
X509v3 Authority Key Identifier:
keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/37AD41C2B90A11ED8DAB4CACF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.242.113.0/24
Signature Algorithm: sha256WithRSAEncryption
be:c9:1b:db:48:c3:3c:75:df:70:45:e2:06:b5:8f:79:cb:44:
39:17:ce:24:ca:a4:67:19:7d:eb:ec:e1:55:28:e0:ee:db:6e:
a9:d5:69:b5:87:d6:0a:73:1a:f5:a4:e7:c8:fb:25:30:d0:25:
0b:81:72:cf:6b:b8:90:be:a6:28:81:e1:a0:98:2b:d4:21:c7:
5c:00:61:d2:5d:e4:04:74:3b:0f:33:e7:45:c8:9f:50:1f:aa:
90:20:78:19:2e:cb:f0:4f:b8:f0:f3:ea:8d:4b:99:20:8a:b6:
47:18:d8:22:bb:1b:75:f2:58:4c:e4:a3:28:ce:3a:5d:bb:a4:
35:e4:62:cc:f3:3a:15:b6:a7:6b:81:56:c2:1b:b8:2c:f8:81:
22:92:1d:7e:32:a7:f8:4d:0c:89:fe:ef:b4:34:d6:c8:ae:dc:
59:99:20:af:7b:22:65:d2:2d:03:7f:3a:c6:d7:db:cb:9e:db:
53:ff:0e:82:88:00:79:04:c3:e0:09:eb:79:8f:6d:ee:5c:35:
7d:b0:e8:6f:61:57:57:2d:2f:fc:e5:17:93:61:36:2d:72:37:
2a:ce:05:c0:f5:4e:89:13:55:6b:6c:9a:57:e2:3d:f7:02:35:
29:db:6c:23:36:3d:2e:0e:38:1d:8c:ee:df:55:46:0a:84:d4:
43:bf:cb:ec
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBJzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE0NTUwMVoXDTI2MDMwMjE0NTUwMVowGDEWMBQG
A1UEAwwNNjQwMGI4YzktYWMzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYyiVkiEzwd6tgsyb0hzcjXevL/PD3bfdt1wMuz4C8bziVLlp1yB4Kt93+9
dTKVtvZtjvauYT5OsYmMwqqVreNPOesf2+YJ9o+jAqlkAfAg37v9G6d6XXcyqbLq
5Tkccx2Fw/Y8zr5JXEIzAdohtW+hzq8yGCC9k7tHNRx05gcCLv0ZD8YRMyAVTHVH
3teQChWny3fzAf+DpeAyHo8Af/7i9TZH1hvhrz2PalijPV4jEJbg+l3tuEM8t9xP
ApxlZYMWFM7vJzl4/T+aKXUfxDo2uMet6oVaxb9c7hy/vuxYKydVQgSeFZtJO+e0
2Nzhi82e/tlMosd08D96UEibG/MCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRvm9Bo
O+X9dhLTZT0ALA21AP40ITAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvMzdBRDQxQzJCOTBBMTFFRDhEQUI0Q0FDRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKDycTANBgkqhkiG9w0BAQsFAAOC
AQEAvskb20jDPHXfcEXiBrWPectEORfOJMqkZxl96+zhVSjg7ttuqdVptYfWCnMa
9aTnyPslMNAlC4Fyz2u4kL6mKIHhoJgr1CHHXABh0l3kBHQ7DzPnRcifUB+qkCB4
GS7L8E+48PPqjUuZIIq2RxjYIrsbdfJYTOSjKM46XbukNeRizPM6Fbana4FWwhu4
LPiBIpIdfjKn+E0Mif7vtDTWyK7cWZkgr3siZdItA386xtfby57bU/8OgogAeQTD
4AnreY9t7lw1fbDob2FXVy0v/OUXk2E2LXI3Ks4FwPVOiRNVa2yaV+I99wI1Kdts
IzY9Lg44HYzu31VGCoTUQ7/L7A==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:46 2024 by rpki-client on console-ams.rpki-client.org