Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/3EE2E920B90911EDB9134AA9F1222468.roa
File: 3EE2E920B90911EDB9134AA9F1222468.roa (raw, json)
Hash identifier: 8bv1IHhzCMs75pQpQOE/yQFazZySPytY2fmDfaDhtTo=
Subject key identifier: 24:BE:20:26:14:E1:87:1C:DA:0F:48:BA:CB:E0:80:B9:F3:AE:38:2F
Certificate issuer: /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial: 1D
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/3EE2E920B90911EDB9134AA9F1222468.roa
Signing time: Thu 02 Mar 2023 14:48:08 +0000
ROA not before: Thu 02 Mar 2023 14:48:04 +0000
ROA not after: Fri 01 Mar 2030 14:48:04 +0000
asID: 33763
IP address blocks: 160.242.80.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Validity
Not Before: Mar 2 14:48:04 2023 GMT
Not After : Mar 1 14:48:04 2030 GMT
Subject: CN=6400b728-29ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:02:25:ae:40:ab:46:92:45:bb:eb:dd:c1:88:
c1:81:6f:a8:d4:2c:1f:f2:b6:33:78:6b:fd:4e:af:
26:d6:26:d0:06:4d:50:88:f4:11:e7:62:95:d5:53:
e8:a6:6e:3a:01:e3:07:33:20:f9:6c:64:fd:29:68:
1d:aa:3a:56:99:71:a8:dc:0e:0a:59:3f:b1:07:10:
f4:7c:03:22:40:82:29:c1:40:2f:43:fd:20:04:b8:
05:a8:0c:97:31:5f:55:c6:fd:d9:6d:72:47:3b:4b:
d8:4e:1c:24:29:2b:16:51:91:df:d2:fe:bd:5b:b5:
a7:9a:ff:b3:8c:1a:3c:41:c9:2f:8a:80:7a:ba:b2:
a4:48:27:fb:57:6e:99:fb:3a:56:5c:46:bd:07:54:
bb:08:00:85:a3:cf:d8:02:8c:d7:59:1a:78:e9:52:
72:d7:c1:d2:2b:bc:6d:28:57:a5:ab:2a:86:16:45:
78:22:93:b6:11:90:35:9f:cb:2f:8b:54:43:ec:d0:
f7:21:52:4c:99:b8:8e:f2:99:6b:c4:b7:ac:07:b5:
67:16:e3:34:09:af:49:b2:1c:2b:fb:96:de:7a:d2:
83:2e:3c:67:61:be:96:c6:94:3e:64:0b:33:6a:76:
d5:85:e1:b0:3d:2d:d4:1b:ac:75:49:26:d1:32:f2:
bc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BE:20:26:14:E1:87:1C:DA:0F:48:BA:CB:E0:80:B9:F3:AE:38:2F
X509v3 Authority Key Identifier:
keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/3EE2E920B90911EDB9134AA9F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.242.80.0/20
Signature Algorithm: sha256WithRSAEncryption
25:db:a6:14:42:95:4d:b5:57:6a:bd:0c:11:10:d1:63:90:e3:
1e:bb:e3:2a:ef:8f:05:ca:6a:ea:3f:e2:a4:69:33:43:ea:86:
79:4b:2b:05:08:0b:c9:f2:1f:71:a1:82:6a:7d:55:3a:88:73:
bf:78:61:92:99:e8:e8:3c:71:11:8a:b5:64:5e:1e:94:32:ba:
f6:bd:48:9d:d8:1e:17:ad:36:e1:07:b9:3a:01:a8:86:0a:c8:
d7:19:db:b5:b8:49:96:e7:07:65:8a:af:63:46:79:27:c3:89:
5d:78:4f:90:18:7c:78:aa:c1:ca:12:68:b4:6f:05:38:83:6f:
27:3f:85:c1:f8:47:51:45:10:b9:c8:40:a3:ee:62:94:1e:17:
9d:b7:6d:60:c4:c6:38:51:ae:b3:21:b9:4e:65:29:ee:d0:71:
b5:9e:ff:13:6b:cf:29:e3:6f:5b:7b:f4:72:06:57:7b:01:a5:
6d:82:5c:bc:3d:bf:15:01:5e:f2:a7:96:f4:b1:91:d8:0d:47:
22:e9:1d:bf:92:2c:6e:82:80:f4:62:7e:b2:1c:be:25:3e:a1:
76:34:de:d6:92:d4:cd:49:76:b2:85:b5:21:f7:43:03:7c:05:
47:9b:00:c4:19:76:a9:8b:34:ea:69:5a:0f:da:68:e8:14:98:
53:9d:99:13
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE0NDgwNFoXDTMwMDMwMTE0NDgwNFowGDEWMBQG
A1UEAwwNNjQwMGI3MjgtMjlhZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO8CJa5Aq0aSRbvr3cGIwYFvqNQsH/K2M3hr/U6vJtYm0AZNUIj0EedildVT
6KZuOgHjBzMg+Wxk/SloHao6VplxqNwOClk/sQcQ9HwDIkCCKcFAL0P9IAS4BagM
lzFfVcb92W1yRztL2E4cJCkrFlGR39L+vVu1p5r/s4waPEHJL4qAerqypEgn+1du
mfs6VlxGvQdUuwgAhaPP2AKM11kaeOlSctfB0iu8bShXpasqhhZFeCKTthGQNZ/L
L4tUQ+zQ9yFSTJm4jvKZa8S3rAe1ZxbjNAmvSbIcK/uW3nrSgy48Z2G+lsaUPmQL
M2p21YXhsD0t1BusdUkm0TLyvD8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQkviAm
FOGHHNoPSLrL4IC58644LzAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvM0VFMkU5MjBCOTA5MTFFREI5MTM0QUE5RjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBKDyUDANBgkqhkiG9w0BAQsFAAOC
AQEAJdumFEKVTbVXar0MERDRY5DjHrvjKu+PBcpq6j/ipGkzQ+qGeUsrBQgLyfIf
caGCan1VOohzv3hhkpno6DxxEYq1ZF4elDK69r1IndgeF6024Qe5OgGohgrI1xnb
tbhJlucHZYqvY0Z5J8OJXXhPkBh8eKrByhJotG8FOINvJz+FwfhHUUUQuchAo+5i
lB4XnbdtYMTGOFGusyG5TmUp7tBxtZ7/E2vPKeNvW3v0cgZXewGlbYJcvD2/FQFe
8qeW9LGR2A1HIukdv5IsboKA9GJ+shy+JT6hdjTe1pLUzUl2soW1IfdDA3wFR5sA
xBl2qYs06mlaD9po6BSYU52ZEw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org