Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/A11224BE49CA11EF9C401F91762E951A.roa
File: A11224BE49CA11EF9C401F91762E951A.roa (raw, json)
Hash identifier: KDj2Lzc4dz6ze7gmYdXtI25bUBjs8RYx75qbzXwadro=
Subject key identifier: BF:38:76:B3:F4:6F:0F:74:89:31:1C:EB:0D:E1:08:5C:BC:27:C9:ED
Certificate issuer: /CN=F368F4A1AR/serialNumber=825DB034FAB437A89A8DD24406AB7282C78B62BA
Certificate serial: 1F
Authority key identifier: 82:5D:B0:34:FA:B4:37:A8:9A:8D:D2:44:06:AB:72:82:C7:8B:62:BA
Authority info access: rsync://rpki.afrinic.net/repository/arin/gl2wNPq0N6iajdJEBqtygseLYro.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/A11224BE49CA11EF9C401F91762E951A.roa
Signing time: Wed 24 Jul 2024 14:40:11 +0000
ROA not before: Wed 24 Jul 2024 14:40:07 +0000
ROA not after: Mon 31 Jul 2034 14:40:07 +0000
asID: 198949
IP address blocks: 168.253.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/gl2wNPq0N6iajdJEBqtygseLYro.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/gl2wNPq0N6iajdJEBqtygseLYro.mft
rsync://rpki.afrinic.net/repository/arin/gl2wNPq0N6iajdJEBqtygseLYro.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 20 Sep 2024 00:16:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31 (0x1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F4A1AR/serialNumber=825DB034FAB437A89A8DD24406AB7282C78B62BA
Validity
Not Before: Jul 24 14:40:07 2024 GMT
Not After : Jul 31 14:40:07 2034 GMT
Subject: CN=66a1124b-b78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:20:81:5b:2e:d8:1c:cc:99:90:ba:e2:a7:b0:
25:9d:e5:0f:e4:8c:cb:3d:e5:67:dc:7a:38:2d:7b:
c4:97:40:4c:55:8a:a4:9f:cd:17:36:cb:0f:91:26:
bb:27:e8:60:07:39:b8:9b:f3:f0:6c:cb:35:6b:ad:
28:88:80:ea:8f:87:6b:60:c9:2f:58:b2:ad:29:15:
7b:4d:67:49:32:77:f6:a7:2e:a1:21:ed:04:74:48:
83:bc:e7:70:e1:61:d7:9f:5b:01:04:55:e7:08:2b:
74:95:61:22:82:6d:00:60:da:9d:32:4a:25:86:1f:
99:2a:2e:3a:90:2c:c4:eb:85:26:9a:3a:51:90:ad:
7d:f1:87:d6:fe:b7:0e:91:83:df:e2:3f:3f:65:6d:
2e:81:0c:90:ea:46:05:64:a4:93:41:ab:13:f0:db:
ac:5f:49:8a:44:34:de:8a:08:d3:f0:e9:aa:2c:45:
a0:9e:4a:95:d1:c5:aa:d0:98:9f:6c:c5:58:13:1e:
9c:3d:d0:63:0d:5b:cd:37:be:e1:db:bb:1e:e9:d6:
3a:00:98:bc:2f:4c:ec:43:0f:a6:80:2b:fa:9d:b8:
25:99:2e:ff:4a:b1:d3:05:c3:fd:8d:16:d4:99:4c:
20:dd:95:89:e6:b3:2a:9e:f0:57:2e:f7:53:8b:35:
7f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:38:76:B3:F4:6F:0F:74:89:31:1C:EB:0D:E1:08:5C:BC:27:C9:ED
X509v3 Authority Key Identifier:
keyid:82:5D:B0:34:FA:B4:37:A8:9A:8D:D2:44:06:AB:72:82:C7:8B:62:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/gl2wNPq0N6iajdJEBqtygseLYro.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/gl2wNPq0N6iajdJEBqtygseLYro.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/A11224BE49CA11EF9C401F91762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.253.128.0/18
Signature Algorithm: sha256WithRSAEncryption
43:3b:2f:f6:e4:94:3a:66:22:9a:e4:a0:90:95:7f:3d:b0:ca:
e1:28:8f:82:ac:8c:63:41:e9:23:02:01:ed:ae:ad:9d:6f:83:
b7:de:4c:9c:ed:84:65:1a:2d:52:22:04:cf:73:1b:34:ff:15:
19:3e:94:bb:af:27:4b:a4:f9:12:4d:2b:0c:08:5f:a3:6c:ac:
b2:ce:2f:7b:08:28:cf:00:27:f0:f8:83:e8:6e:65:65:58:7b:
5a:b5:cb:3b:e3:62:70:43:2f:7a:db:ff:37:2f:3d:27:9e:4f:
98:96:c9:96:17:c4:cd:df:0d:ca:0e:a7:2c:f5:e1:8d:74:9a:
69:02:6c:e1:58:70:2e:30:bd:91:27:c9:71:70:26:f6:b5:35:
88:00:b0:74:d8:22:b4:b6:1e:1d:69:58:27:68:6b:15:03:8c:
27:e1:a4:32:c0:c0:44:59:89:07:d6:5e:dc:bc:95:7f:32:b1:
56:24:02:82:85:20:db:be:93:dc:ed:ab:7c:32:47:b6:34:0c:
b7:a9:a9:d4:28:ee:89:53:d4:73:16:3d:bc:56:e1:a1:27:3a:
ce:a3:7a:24:2a:e5:f5:17:87:67:b1:8f:7e:3e:5e:25:d3:e6:
61:2f:86:44:c9:34:4d:5f:5a:c9:27:64:ba:73:90:0f:d1:d0:
51:0f:75:cc
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
RjRBMUFSMTEwLwYDVQQFEyg4MjVEQjAzNEZBQjQzN0E4OUE4REQyNDQwNkFCNzI4
MkM3OEI2MkJBMB4XDTI0MDcyNDE0NDAwN1oXDTM0MDczMTE0NDAwN1owGDEWMBQG
A1UEAxMNNjZhMTEyNGItYjc4ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMggVsu2BzMmZC64qewJZ3lD+SMyz3lZ9x6OC17xJdATFWKpJ/NFzbLD5Em
uyfoYAc5uJvz8GzLNWutKIiA6o+Ha2DJL1iyrSkVe01nSTJ39qcuoSHtBHRIg7zn
cOFh159bAQRV5wgrdJVhIoJtAGDanTJKJYYfmSouOpAsxOuFJpo6UZCtffGH1v63
DpGD3+I/P2VtLoEMkOpGBWSkk0GrE/DbrF9JikQ03ooI0/DpqixFoJ5KldHFqtCY
n2zFWBMenD3QYw1bzTe+4du7HunWOgCYvC9M7EMPpoAr+p24JZku/0qx0wXD/Y0W
1JlMIN2VieazKp7wVy73U4s1f8cCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBS/OHaz
9G8PdIkxHOsN4QhcvCfJ7TAfBgNVHSMEGDAWgBSCXbA0+rQ3qJqN0kQGq3KCx4ti
ujAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEY0QTEvQTYxRjNCQjgzRjVDMTFFRjlENENDNzdFNzYyRTk1MUEvZ2wyd05Q
cTBONmlhamRKRUJxdHlnc2VMWXJvLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
Z2wyd05QcTBONmlhamRKRUJxdHlnc2VMWXJvLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2OEY0QTEvQTYxRjNCQjgzRjVDMTFFRjlENENDNzdFNzYyRTk1
MUEvQTExMjI0QkU0OUNBMTFFRjlDNDAxRjkxNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBqj9gDANBgkqhkiG9w0BAQsFAAOC
AQEAQzsv9uSUOmYimuSgkJV/PbDK4SiPgqyMY0HpIwIB7a6tnW+Dt95MnO2EZRot
UiIEz3MbNP8VGT6Uu68nS6T5Ek0rDAhfo2ysss4vewgozwAn8PiD6G5lZVh7WrXL
O+NicEMvetv/Ny89J55PmJbJlhfEzd8Nyg6nLPXhjXSaaQJs4VhwLjC9kSfJcXAm
9rU1iACwdNgitLYeHWlYJ2hrFQOMJ+GkMsDARFmJB9Ze3LyVfzKxViQCgoUg276T
3O2rfDJHtjQMt6mp1CjuiVPUcxY9vFbhoSc6zqN6JCrl9ReHZ7GPfj5eJdPmYS+G
RMk0TV9aySdkunOQD9HQUQ91zA==
-----END CERTIFICATE-----
Generated at Wed Sep 18 04:19:56 2024 by rpki-client on console-ams.rpki-client.org