Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/58D3E21AB91011EDB68C04BEF1222468.roa
File: 58D3E21AB91011EDB68C04BEF1222468.roa (raw, json)
Hash identifier: eYmtu3W0WuAq9vif5Te4vSxu2C52E3LM0QU3hP8gC68=
Subject key identifier: 69:B2:0F:B6:45:83:7A:C4:C6:E8:41:30:D6:D6:4E:D7:26:E4:BA:07
Certificate issuer: /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial: 31
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/58D3E21AB91011EDB68C04BEF1222468.roa
Signing time: Thu 02 Mar 2023 15:38:58 +0000
ROA not before: Thu 02 Mar 2023 15:38:54 +0000
ROA not after: Mon 02 Mar 2026 15:38:54 +0000
asID: 29286
IP address blocks: 160.242.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49 (0x31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Validity
Not Before: Mar 2 15:38:54 2023 GMT
Not After : Mar 2 15:38:54 2026 GMT
Subject: CN=6400c312-9c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ce:ca:98:16:38:45:ce:b9:b2:ae:fe:a5:30:
60:32:23:ed:b9:af:77:fb:3f:4e:14:89:8a:50:da:
23:a1:ce:31:5c:22:4f:dd:22:39:2c:5b:a6:f1:be:
58:24:2b:c0:20:82:16:92:c7:85:65:e2:aa:c5:ce:
09:bb:77:57:d6:af:80:0b:4a:95:ac:87:b0:4e:3a:
ff:1f:ef:9f:08:ad:cd:06:63:70:a9:58:6f:da:84:
7b:cf:c8:a4:33:e5:d1:23:3d:b5:b2:2f:f8:4d:0c:
45:ae:e2:e0:1b:9a:48:6b:86:0e:75:77:1d:a1:89:
af:ef:79:82:bb:48:8f:00:1f:14:91:48:8b:76:57:
3c:fb:2c:0f:29:a8:8e:c4:9b:0a:92:c1:19:c8:2e:
4c:7d:30:35:ba:77:0b:b3:9b:93:cd:7a:f0:80:e5:
fd:b7:26:d9:9e:58:0c:c8:59:0c:69:e5:ab:4b:a5:
80:b8:37:87:93:de:64:77:6f:bd:22:d8:49:93:b1:
b6:04:89:40:d3:f5:cd:5e:5d:a9:ab:a5:12:ae:5a:
31:81:20:1c:d1:f7:97:20:de:69:7c:b9:69:d3:69:
d6:cc:d4:23:1d:d2:17:20:88:3a:9a:21:49:e5:1a:
1c:35:41:cc:c5:47:ec:0d:9a:ab:49:db:a2:2b:63:
17:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B2:0F:B6:45:83:7A:C4:C6:E8:41:30:D6:D6:4E:D7:26:E4:BA:07
X509v3 Authority Key Identifier:
keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/58D3E21AB91011EDB68C04BEF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.242.71.0/24
Signature Algorithm: sha256WithRSAEncryption
e0:4e:55:1c:6e:f8:cc:f5:f7:2b:8d:13:84:bb:3f:f0:3c:13:
f4:77:f8:86:06:4c:91:63:1f:2b:23:1c:5f:06:f7:cc:29:ed:
ff:31:b6:22:dd:62:09:ba:75:52:82:33:87:14:94:52:74:eb:
c0:78:28:3a:35:b5:5b:38:0d:51:e0:bc:5a:ad:92:b1:95:78:
08:9c:09:b5:37:98:8e:ac:be:f0:06:90:a3:a4:fa:a6:c0:05:
57:ea:c1:3b:ad:96:ca:ff:a2:96:ce:ae:ab:0f:71:45:5a:b2:
a0:bf:93:26:46:e0:16:72:5e:a8:73:f9:fa:10:d8:7e:58:56:
51:13:ee:5f:a5:92:15:d3:20:40:3f:43:ac:b2:eb:19:b8:18:
f5:46:70:83:93:fb:91:7a:28:f9:f8:bc:b0:93:73:71:b9:b2:
1c:09:03:19:89:f6:39:ca:59:bf:52:ca:6c:88:4f:5a:9c:80:
9f:46:2e:65:55:3a:56:60:08:c7:db:12:94:db:df:56:61:bc:
d9:84:77:dc:be:39:f1:d0:85:9c:b4:02:f9:26:42:77:56:90:
95:53:04:06:ae:42:86:1c:54:07:57:7a:32:01:48:fa:49:a5:
37:ef:7c:d5:83:9f:1e:a4:52:3e:cd:39:c4:fc:90:15:73:2d:
f5:bd:0f:aa
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBMTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE1Mzg1NFoXDTI2MDMwMjE1Mzg1NFowGDEWMBQG
A1UEAwwNNjQwMGMzMTItOWM2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTOypgWOEXOubKu/qUwYDIj7bmvd/s/ThSJilDaI6HOMVwiT90iOSxbpvG+
WCQrwCCCFpLHhWXiqsXOCbt3V9avgAtKlayHsE46/x/vnwitzQZjcKlYb9qEe8/I
pDPl0SM9tbIv+E0MRa7i4BuaSGuGDnV3HaGJr+95grtIjwAfFJFIi3ZXPPssDymo
jsSbCpLBGcguTH0wNbp3C7Obk8168IDl/bcm2Z5YDMhZDGnlq0ulgLg3h5PeZHdv
vSLYSZOxtgSJQNP1zV5dqaulEq5aMYEgHNH3lyDeaXy5adNp1szUIx3SFyCIOpoh
SeUaHDVBzMVH7A2aq0nboitjF8MCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRpsg+2
RYN6xMboQTDW1k7XJuS6BzAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvNThEM0UyMUFCOTEwMTFFREI2OEMwNEJFRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKDyRzANBgkqhkiG9w0BAQsFAAOC
AQEA4E5VHG74zPX3K40ThLs/8DwT9Hf4hgZMkWMfKyMcXwb3zCnt/zG2It1iCbp1
UoIzhxSUUnTrwHgoOjW1WzgNUeC8Wq2SsZV4CJwJtTeYjqy+8AaQo6T6psAFV+rB
O62Wyv+ils6uqw9xRVqyoL+TJkbgFnJeqHP5+hDYflhWURPuX6WSFdMgQD9DrLLr
GbgY9UZwg5P7kXoo+fi8sJNzcbmyHAkDGYn2OcpZv1LKbIhPWpyAn0YuZVU6VmAI
x9sSlNvfVmG82YR33L458dCFnLQC+SZCd1aQlVMEBq5ChhxUB1d6MgFI+kmlN+98
1YOfHqRSPs05xPyQFXMt9b0Pqg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org