Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B4BE92AEB90711ED8CC2D9A4F1222468.roa
File: B4BE92AEB90711ED8CC2D9A4F1222468.roa (raw, json)
Hash identifier: JOPBR+tvvjRemnu4y66+pd4vjEJr1OisV+nPw742BIY=
Subject key identifier: CC:B6:82:67:8F:46:C9:B9:13:11:D0:C0:AA:7A:CB:8C:24:89:4F:7A
Certificate issuer: /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial: 13
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B4BE92AEB90711ED8CC2D9A4F1222468.roa
Signing time: Thu 02 Mar 2023 14:37:07 +0000
ROA not before: Thu 02 Mar 2023 14:37:03 +0000
ROA not after: Fri 01 Mar 2030 14:37:03 +0000
asID: 33763
IP address blocks: 160.242.32.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 May 2024 00:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Validity
Not Before: Mar 2 14:37:03 2023 GMT
Not After : Mar 1 14:37:03 2030 GMT
Subject: CN=6400b493-36c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c0:4b:04:29:e4:80:e6:42:40:c9:fe:50:87:
57:6d:fd:7f:13:aa:fa:53:a6:fc:2a:73:e4:b7:8c:
8a:5c:94:46:05:e7:95:71:52:a8:3e:ea:71:2e:62:
36:b5:fc:69:39:94:12:33:9d:30:67:cd:44:8d:e9:
93:42:33:c2:84:72:60:29:64:f5:94:b2:e8:4c:ab:
4d:cb:75:65:02:96:13:5d:57:58:b2:ac:71:86:b0:
14:a3:64:85:c3:fd:04:6d:df:aa:7f:47:d2:49:8c:
cf:7d:19:33:ae:11:e7:ae:9a:16:24:9d:2a:c5:e1:
84:49:56:8a:b0:e6:8d:1d:86:2b:9f:d4:64:7e:09:
cd:9b:3b:de:90:0f:49:bd:bd:c5:2e:79:b9:72:f2:
02:e6:75:04:3d:d3:d7:56:a0:3c:aa:d0:87:d5:ba:
28:5f:50:94:4c:ea:01:7e:af:2e:d8:f3:21:e4:c1:
e8:6f:f3:40:8d:a9:4b:f5:78:f0:e8:b3:be:27:d5:
18:cc:61:32:fc:98:91:12:39:77:57:2c:e0:ac:19:
0f:e4:d4:7c:0c:52:74:f0:5b:bf:90:59:a6:b5:a1:
cd:3e:f6:5d:3e:58:b4:05:c6:6d:c5:fa:be:f9:35:
9e:c8:04:7a:a4:fa:8f:f0:d7:a1:b3:69:1e:ca:33:
c8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B6:82:67:8F:46:C9:B9:13:11:D0:C0:AA:7A:CB:8C:24:89:4F:7A
X509v3 Authority Key Identifier:
keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B4BE92AEB90711ED8CC2D9A4F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.242.32.0/21
Signature Algorithm: sha256WithRSAEncryption
26:9f:ac:65:f2:f7:95:16:80:1a:69:54:68:48:c8:f3:c7:7b:
3b:c4:d5:f0:cb:1d:d5:c2:cf:ed:15:7a:d4:57:29:e7:66:49:
fa:2e:85:60:61:b4:5a:13:1f:d4:05:63:2c:9c:80:df:b0:56:
ba:ec:00:02:5d:8e:ab:48:d3:c1:00:2f:d1:57:f9:ce:13:61:
47:a9:66:6d:66:ba:2b:47:67:cd:73:d1:f4:c5:d7:24:77:6b:
c1:4c:3d:57:18:16:37:d5:c5:3e:86:68:c9:ac:74:2b:f6:27:
8f:25:d7:9a:42:85:4f:ab:07:f4:c3:0e:1d:77:81:5b:4e:c5:
4f:bd:d8:9f:78:c9:4f:a8:8f:f1:c9:38:cb:c7:aa:6b:59:5a:
00:36:aa:db:cd:d8:e6:ba:a4:4d:f7:ef:27:d3:3f:9d:9c:20:
8f:2b:2a:50:7a:0d:dc:aa:fd:58:7a:16:c5:a7:1c:08:66:ab:
91:0a:bf:47:02:40:5e:ee:04:f5:82:fa:f1:da:12:5d:83:98:
26:ab:8d:94:a2:6a:f8:40:69:81:49:e4:be:37:a2:d2:c0:68:
96:f2:4a:5c:32:07:f1:26:b5:70:c8:c4:f6:00:7a:41:4f:ca:
72:6b:ac:2d:b2:3c:76:c7:cf:28:60:65:6d:5a:62:2f:26:e0:
8d:a1:9b:89
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBEzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE0MzcwM1oXDTMwMDMwMTE0MzcwM1owGDEWMBQG
A1UEAwwNNjQwMGI0OTMtMzZjNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzASwQp5IDmQkDJ/lCHV239fxOq+lOm/Cpz5LeMilyURgXnlXFSqD7qcS5i
NrX8aTmUEjOdMGfNRI3pk0IzwoRyYClk9ZSy6EyrTct1ZQKWE11XWLKscYawFKNk
hcP9BG3fqn9H0kmMz30ZM64R566aFiSdKsXhhElWirDmjR2GK5/UZH4JzZs73pAP
Sb29xS55uXLyAuZ1BD3T11agPKrQh9W6KF9QlEzqAX6vLtjzIeTB6G/zQI2pS/V4
8OizvifVGMxhMvyYkRI5d1cs4KwZD+TUfAxSdPBbv5BZprWhzT72XT5YtAXGbcX6
vvk1nsgEeqT6j/DXobNpHsozyOcCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTMtoJn
j0bJuRMR0MCqesuMJIlPejAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvQjRCRTkyQUVCOTA3MTFFRDhDQzJEOUE0RjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA6DyIDANBgkqhkiG9w0BAQsFAAOC
AQEAJp+sZfL3lRaAGmlUaEjI88d7O8TV8Msd1cLP7RV61Fcp52ZJ+i6FYGG0WhMf
1AVjLJyA37BWuuwAAl2Oq0jTwQAv0Vf5zhNhR6lmbWa6K0dnzXPR9MXXJHdrwUw9
VxgWN9XFPoZoyax0K/YnjyXXmkKFT6sH9MMOHXeBW07FT73Yn3jJT6iP8ck4y8eq
a1laADaq283Y5rqkTffvJ9M/nZwgjysqUHoN3Kr9WHoWxaccCGarkQq/RwJAXu4E
9YL68doSXYOYJquNlKJq+EBpgUnkvjei0sBolvJKXDIH8Sa1cMjE9gB6QU/Kcmus
LbI8dsfPKGBlbVpiLybgjaGbiQ==
-----END CERTIFICATE-----
Generated at Sat May 18 04:03:40 2024 by rpki-client on console-ams.rpki-client.org