Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B8FA1F04B90811ED81AABBA7F1222468.roa
File: B8FA1F04B90811ED81AABBA7F1222468.roa (raw, json)
Hash identifier: 0MNSurAaP8AIdMB01conZnP9fR7ARG/ikiFuWorUpQM=
Subject key identifier: F5:22:2B:38:EB:7C:19:34:FC:D4:B1:76:65:33:72:1A:A0:4D:25:81
Certificate issuer: /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial: 17
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B8FA1F04B90811ED81AABBA7F1222468.roa
Signing time: Thu 02 Mar 2023 14:44:23 +0000
ROA not before: Thu 02 Mar 2023 14:44:20 +0000
ROA not after: Fri 01 Mar 2030 14:44:20 +0000
asID: 33763
IP address blocks: 160.242.48.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 19 May 2024 00:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Validity
Not Before: Mar 2 14:44:20 2023 GMT
Not After : Mar 1 14:44:20 2030 GMT
Subject: CN=6400b647-d9b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:24:13:37:21:22:31:e9:12:70:14:18:51:b7:
ad:db:f7:fd:9b:9c:dc:96:b4:9f:8c:78:5b:f3:d8:
2a:25:31:82:80:b1:1d:58:ed:9d:d6:c1:de:ac:cf:
62:7a:3f:d5:2a:6c:a5:25:64:f2:5e:73:a9:48:6c:
43:eb:08:ab:ac:cb:d5:4a:a9:4e:d8:d9:da:83:ca:
c5:8e:a0:b2:3a:7f:52:f6:c4:9e:6f:a8:c8:72:08:
f3:f8:79:8a:50:69:e6:a0:c5:ec:be:02:9f:69:6c:
d2:67:e2:6b:07:16:93:91:2e:07:08:8e:2c:eb:16:
88:73:35:54:6e:48:06:47:73:25:5f:fe:a9:7b:ce:
75:2b:2b:d5:b8:7a:4e:c7:a9:c8:47:96:f9:71:d6:
7e:42:a6:09:bb:7a:54:fe:b9:84:f8:c0:7e:55:6c:
fb:e1:9a:56:61:07:0d:d9:ba:dc:39:56:09:0a:62:
05:92:b1:ff:7e:ca:25:4e:4a:6f:c7:ec:c4:ed:09:
74:9d:70:f4:e4:d3:47:5a:7a:7d:91:2d:1d:46:f6:
cb:18:6f:5b:72:9c:a0:fa:ea:5b:40:95:c7:b4:1f:
e2:db:f5:a4:53:53:62:ed:88:46:69:91:29:de:b2:
f4:3b:42:02:37:83:77:93:90:29:94:a4:89:c7:7c:
39:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:22:2B:38:EB:7C:19:34:FC:D4:B1:76:65:33:72:1A:A0:4D:25:81
X509v3 Authority Key Identifier:
keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B8FA1F04B90811ED81AABBA7F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.242.48.0/20
Signature Algorithm: sha256WithRSAEncryption
9f:62:80:56:fa:c5:b5:41:b1:b0:82:9e:2c:a0:4d:e0:ef:f5:
6e:99:24:2f:64:95:ab:c3:4d:9e:25:a6:3a:b1:cb:d8:33:ad:
f7:03:c7:0a:04:01:2b:41:5f:bd:31:3e:df:c1:4b:ca:0f:23:
d9:3c:58:62:ba:2b:4d:03:ae:90:6d:20:7a:a1:53:2c:21:a4:
3c:f1:17:21:fe:db:a9:f3:b9:e4:f3:3d:36:49:f2:d3:06:93:
34:99:a2:c4:1f:60:39:ba:63:24:44:97:4b:38:0a:76:a9:84:
ff:d2:e7:9e:86:fb:db:93:c5:36:cb:ac:69:9d:c0:bd:85:da:
14:5c:79:91:e3:cc:d2:b2:e1:02:34:3b:96:ae:06:ca:e1:27:
b4:fe:a6:be:43:32:da:9f:67:b3:60:01:54:08:18:c0:be:1d:
7a:2b:93:c8:e2:cf:4d:8b:1c:2a:43:ad:c2:93:16:81:a7:66:
bc:43:81:ba:ce:70:18:32:80:a6:8d:8a:07:c2:fd:f4:a3:8a:
78:ad:cd:52:ec:c7:8a:da:bf:ea:43:e0:35:d7:3c:c5:84:8e:
76:2a:a1:3d:3c:b8:c2:bc:13:82:26:7c:7f:2e:a2:e4:80:c7:
86:b4:62:30:3f:6f:64:7d:b1:b4:34:41:fd:d7:47:32:15:85:
ec:09:be:b9
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBFzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE0NDQyMFoXDTMwMDMwMTE0NDQyMFowGDEWMBQG
A1UEAwwNNjQwMGI2NDctZDliMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8kEzchIjHpEnAUGFG3rdv3/Zuc3Ja0n4x4W/PYKiUxgoCxHVjtndbB3qzP
Yno/1SpspSVk8l5zqUhsQ+sIq6zL1UqpTtjZ2oPKxY6gsjp/UvbEnm+oyHII8/h5
ilBp5qDF7L4Cn2ls0mfiawcWk5EuBwiOLOsWiHM1VG5IBkdzJV/+qXvOdSsr1bh6
TsepyEeW+XHWfkKmCbt6VP65hPjAflVs++GaVmEHDdm63DlWCQpiBZKx/37KJU5K
b8fsxO0JdJ1w9OTTR1p6fZEtHUb2yxhvW3KcoPrqW0CVx7Qf4tv1pFNTYu2IRmmR
Kd6y9DtCAjeDd5OQKZSkicd8ObECAwEAAaOCAqIwggKeMB0GA1UdDgQWBBT1Iis4
63wZNPzUsXZlM3IaoE0lgTAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvQjhGQTFGMDRCOTA4MTFFRDgxQUFCQkE3RjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBKDyMDANBgkqhkiG9w0BAQsFAAOC
AQEAn2KAVvrFtUGxsIKeLKBN4O/1bpkkL2SVq8NNniWmOrHL2DOt9wPHCgQBK0Ff
vTE+38FLyg8j2TxYYrorTQOukG0geqFTLCGkPPEXIf7bqfO55PM9Nkny0waTNJmi
xB9gObpjJESXSzgKdqmE/9Lnnob725PFNsusaZ3AvYXaFFx5kePM0rLhAjQ7lq4G
yuEntP6mvkMy2p9ns2ABVAgYwL4deiuTyOLPTYscKkOtwpMWgadmvEOBus5wGDKA
po2KB8L99KOKeK3NUuzHitq/6kPgNdc8xYSOdiqhPTy4wrwTgiZ8fy6i5IDHhrRi
MD9vZH2xtDRB/ddHMhWF7Am+uQ==
-----END CERTIFICATE-----
Generated at Fri May 17 03:06:27 2024 by rpki-client on console-ams.rpki-client.org