Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/8E6F51EAB90911EDA8C54FAAF1222468.roa
File: 8E6F51EAB90911EDA8C54FAAF1222468.roa (raw, json)
Hash identifier: KvGFnoqgX8e0sSQhns9l0emB0PuLl/3GyT/+80nye1M=
Subject key identifier: 19:63:62:31:F2:CE:0E:8E:D8:32:C6:F4:51:62:EE:E5:EE:5A:F7:D4
Certificate issuer: /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial: 1F
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/8E6F51EAB90911EDA8C54FAAF1222468.roa
Signing time: Thu 02 Mar 2023 14:50:21 +0000
ROA not before: Thu 02 Mar 2023 14:50:18 +0000
ROA not after: Mon 02 Mar 2026 14:50:18 +0000
asID: 33763
IP address blocks: 160.242.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 22 May 2024 00:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31 (0x1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Validity
Not Before: Mar 2 14:50:18 2023 GMT
Not After : Mar 2 14:50:18 2026 GMT
Subject: CN=6400b7ad-f187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:63:b2:8f:b6:d9:44:f4:d2:b1:98:ef:9f:db:
2f:12:bf:a4:88:57:4f:8e:24:8b:fc:0f:10:03:63:
0f:bb:2c:ae:e8:96:a1:ac:a9:d1:39:eb:af:d6:d6:
75:22:1b:1b:85:57:b4:de:91:d7:3b:af:1d:48:9b:
9f:67:d1:17:ad:00:f7:0a:e8:ec:fa:39:49:77:24:
d8:15:c2:71:85:1f:06:06:10:c9:85:c0:22:fe:e1:
6a:aa:be:36:26:97:97:cb:39:da:f8:20:4e:3d:46:
78:1a:53:90:2a:91:7a:0f:38:09:df:41:a6:c8:d9:
ac:f0:49:13:a2:0f:9d:c4:c7:d6:b9:10:7e:f0:e1:
ce:c9:ce:32:89:80:29:bc:2e:8b:21:25:b7:10:e2:
3f:87:fc:79:55:97:d8:fa:64:a0:19:23:68:2e:ef:
cc:f8:2e:34:fb:19:5d:e9:4d:e9:82:2b:02:ee:6a:
29:cf:43:0e:ab:c4:f5:48:89:e6:52:f1:94:3d:a0:
84:7c:23:da:c0:3c:8c:22:61:e3:cf:45:a3:b0:66:
18:2d:af:0b:eb:b9:3a:5e:34:35:e5:69:eb:8e:91:
ca:41:58:61:85:43:67:04:bc:04:b2:52:53:04:dd:
47:64:21:58:62:00:da:e3:32:99:aa:11:b7:37:ae:
a1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:63:62:31:F2:CE:0E:8E:D8:32:C6:F4:51:62:EE:E5:EE:5A:F7:D4
X509v3 Authority Key Identifier:
keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/8E6F51EAB90911EDA8C54FAAF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.242.96.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:c7:0b:28:cb:25:d8:21:97:00:dd:00:64:26:d8:7d:6c:0c:
9b:64:0e:00:ca:a1:ef:de:72:c4:9b:dc:78:a0:f1:00:92:33:
52:a9:ce:90:89:78:5a:dd:cd:2c:18:94:d2:6c:6f:d8:6f:00:
01:09:4d:f7:f3:60:fe:45:9a:74:48:82:ef:9e:56:25:90:0f:
cb:19:b9:93:0e:45:12:7f:95:38:5a:08:e5:28:4b:2e:75:e4:
5c:e1:10:f5:4c:38:d9:21:93:01:de:c9:2f:ef:0e:45:0e:72:
c0:67:e7:0d:cd:38:94:44:56:39:bb:2e:c5:f6:6d:c7:d8:51:
77:a5:c2:c2:12:30:a7:dd:79:99:03:91:a0:6e:02:17:95:9d:
9a:09:27:91:49:7d:8c:89:2e:fe:f3:ee:da:a7:6d:4f:f0:fb:
8a:72:7b:e7:38:35:cf:b4:4b:4e:c7:fc:21:10:16:02:3a:87:
f7:b0:b7:52:56:85:72:06:7f:ab:4c:54:bf:8b:e1:9b:b5:fd:
41:0d:63:c1:37:25:68:db:3c:8b:16:18:80:b1:20:b7:31:3f:
05:cd:98:a2:49:f8:10:ba:07:ae:3c:1c:14:f1:cb:02:c5:56:
f3:aa:d8:24:dd:06:72:f6:37:95:62:76:7e:23:ab:3d:00:35:
c3:ea:87:79
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE0NTAxOFoXDTI2MDMwMjE0NTAxOFowGDEWMBQG
A1UEAwwNNjQwMGI3YWQtZjE4NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1jso+22UT00rGY75/bLxK/pIhXT44ki/wPEANjD7ssruiWoayp0Tnrr9bW
dSIbG4VXtN6R1zuvHUibn2fRF60A9wro7Po5SXck2BXCcYUfBgYQyYXAIv7haqq+
NiaXl8s52vggTj1GeBpTkCqReg84Cd9BpsjZrPBJE6IPncTH1rkQfvDhzsnOMomA
KbwuiyEltxDiP4f8eVWX2PpkoBkjaC7vzPguNPsZXelN6YIrAu5qKc9DDqvE9UiJ
5lLxlD2ghHwj2sA8jCJh489Fo7BmGC2vC+u5Ol40NeVp646RykFYYYVDZwS8BLJS
UwTdR2QhWGIA2uMymaoRtzeuoXsCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQZY2Ix
8s4OjtgyxvRRYu7l7lr31DAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvOEU2RjUxRUFCOTA5MTFFREE4QzU0RkFBRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA6DyYDANBgkqhkiG9w0BAQsFAAOC
AQEAC8cLKMsl2CGXAN0AZCbYfWwMm2QOAMqh795yxJvceKDxAJIzUqnOkIl4Wt3N
LBiU0mxv2G8AAQlN9/Ng/kWadEiC755WJZAPyxm5kw5FEn+VOFoI5ShLLnXkXOEQ
9Uw42SGTAd7JL+8ORQ5ywGfnDc04lERWObsuxfZtx9hRd6XCwhIwp915mQORoG4C
F5WdmgknkUl9jIku/vPu2qdtT/D7inJ75zg1z7RLTsf8IRAWAjqH97C3UlaFcgZ/
q0xUv4vhm7X9QQ1jwTclaNs8ixYYgLEgtzE/Bc2Yokn4ELoHrjwcFPHLAsVW86rY
JN0GcvY3lWJ2fiOrPQA1w+qHeQ==
-----END CERTIFICATE-----
Generated at Mon May 20 03:21:16 2024 by rpki-client on console-ams.rpki-client.org