Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/D91F7F7CB90811EDB45839A8F1222468.roa
File: D91F7F7CB90811EDB45839A8F1222468.roa (raw, json)
Hash identifier: /AqBc8JhP+3lngt9NO9tWOXFsemAbOAmvNyWVZaSbTk=
Subject key identifier: 6C:9A:C3:C6:9A:5F:E1:07:DD:BE:22:3D:54:54:8B:20:36:76:91:CF
Certificate issuer: /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial: 19
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access: rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/D91F7F7CB90811EDB45839A8F1222468.roa
Signing time: Thu 02 Mar 2023 14:45:18 +0000
ROA not before: Thu 02 Mar 2023 14:45:13 +0000
ROA not after: Mon 02 Mar 2026 14:45:13 +0000
asID: 33763
IP address blocks: 160.242.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25 (0x19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Validity
Not Before: Mar 2 14:45:13 2023 GMT
Not After : Mar 2 14:45:13 2026 GMT
Subject: CN=6400b67d-5b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b1:74:59:3a:27:ac:b1:5e:5d:b0:9b:e7:c6:
b3:d8:e7:b0:15:1f:b2:71:6f:26:7e:5f:3b:ae:8b:
45:72:df:40:de:ab:6d:a7:f6:43:59:38:7f:86:c4:
a8:05:91:17:fc:7b:1c:90:94:4a:90:6f:90:96:7b:
99:a5:51:46:66:98:93:25:75:de:59:01:18:ea:f2:
11:31:e4:9b:d9:b0:69:73:32:61:a2:9f:ce:16:0c:
8a:ae:9d:9e:9c:9a:24:7f:f9:42:92:f4:47:a6:9b:
bd:b5:17:68:8f:3e:77:e0:e7:85:44:f9:e7:65:ec:
e8:b8:66:18:06:12:18:b4:d0:c3:6f:36:d0:bc:3d:
0d:b6:03:19:90:f5:9c:f1:d3:96:d9:48:5b:e3:f3:
e3:20:31:eb:79:73:9c:8a:35:57:f5:78:67:5b:cc:
33:91:e4:5d:62:0e:0a:0b:a9:ca:a4:e3:62:38:cf:
51:e4:7a:96:70:8c:a5:8b:ef:24:70:69:7b:29:9b:
4e:79:61:4e:fa:40:f8:72:ff:9b:e5:31:a9:87:08:
dd:61:2e:e2:ab:7a:71:c2:28:15:36:bc:e6:02:d3:
44:38:12:16:7f:93:8b:97:6d:01:03:7f:e1:1f:0f:
6b:97:70:28:da:06:8b:5a:d7:66:6f:44:f6:04:2b:
42:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9A:C3:C6:9A:5F:E1:07:DD:BE:22:3D:54:54:8B:20:36:76:91:CF
X509v3 Authority Key Identifier:
keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/D91F7F7CB90811EDB45839A8F1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.242.55.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:3f:5d:2d:ba:97:9e:6b:f3:2a:0c:e5:61:b7:7d:64:5a:32:
00:56:b4:0d:2c:4a:64:a8:eb:ab:a0:6b:b2:d2:4f:7c:a3:ca:
a5:e4:c4:89:09:01:0a:80:b7:e2:81:59:cf:16:dd:cb:13:8a:
77:1b:b8:53:b8:2b:49:20:ae:78:10:5b:ac:47:9d:ba:f8:d8:
9f:ba:de:4d:9b:79:61:8a:62:83:b7:eb:a6:58:8b:dd:70:82:
e1:f5:d5:f6:4a:4b:26:43:d9:f0:7e:53:7f:9a:e4:12:8a:09:
dd:7f:1f:f3:00:8b:5c:87:01:88:6a:94:d5:26:bd:13:71:4c:
22:5a:7d:6c:b6:d4:e9:7f:e7:26:38:8c:b9:1d:ee:f8:b1:0d:
3c:df:9f:55:0f:b8:47:37:1d:f4:b0:ed:05:79:c2:cc:e5:58:
4d:78:d2:65:2d:ce:39:c3:a5:81:26:9d:58:36:9e:e5:64:ef:
4c:da:f9:6c:0f:b4:41:16:92:33:49:6a:5a:0d:58:0b:3e:cd:
3b:91:fb:e0:24:cd:9c:d8:1f:56:c4:86:14:af:92:6c:da:0c:
38:56:4b:29:d0:7a:e8:b7:d0:7d:6b:eb:5c:9a:2a:71:6e:2c:
43:5d:ce:8e:61:5e:1b:1f:46:9b:fd:a7:b7:cf:f8:16:e2:22:
c0:c5:50:0b
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBGTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE0NDUxM1oXDTI2MDMwMjE0NDUxM1owGDEWMBQG
A1UEAwwNNjQwMGI2N2QtNWI4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+xdFk6J6yxXl2wm+fGs9jnsBUfsnFvJn5fO66LRXLfQN6rbaf2Q1k4f4bE
qAWRF/x7HJCUSpBvkJZ7maVRRmaYkyV13lkBGOryETHkm9mwaXMyYaKfzhYMiq6d
npyaJH/5QpL0R6abvbUXaI8+d+DnhUT552Xs6LhmGAYSGLTQw2820Lw9DbYDGZD1
nPHTltlIW+Pz4yAx63lznIo1V/V4Z1vMM5HkXWIOCgupyqTjYjjPUeR6lnCMpYvv
JHBpeymbTnlhTvpA+HL/m+UxqYcI3WEu4qt6ccIoFTa85gLTRDgSFn+Ti5dtAQN/
4R8Pa5dwKNoGi1rXZm9E9gQrQq8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRsmsPG
ml/hB92+Ij1UVIsgNnaRzzAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvRDkxRjdGN0NCOTA4MTFFREI0NTgzOUE4RjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKDyNzANBgkqhkiG9w0BAQsFAAOC
AQEA1z9dLbqXnmvzKgzlYbd9ZFoyAFa0DSxKZKjrq6BrstJPfKPKpeTEiQkBCoC3
4oFZzxbdyxOKdxu4U7grSSCueBBbrEeduvjYn7reTZt5YYpig7frpliL3XCC4fXV
9kpLJkPZ8H5Tf5rkEooJ3X8f8wCLXIcBiGqU1Sa9E3FMIlp9bLbU6X/nJjiMuR3u
+LENPN+fVQ+4Rzcd9LDtBXnCzOVYTXjSZS3OOcOlgSadWDae5WTvTNr5bA+0QRaS
M0lqWg1YCz7NO5H74CTNnNgfVsSGFK+SbNoMOFZLKdB66LfQfWvrXJoqcW4sQ13O
jmFeGx9Gm/2nt8/4FuIiwMVQCw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org