Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/FFBD17A449C911EF9BD0848C762E951A.roa
File: FFBD17A449C911EF9BD0848C762E951A.roa (raw, json)
Hash identifier: 1q6DfjzPCakdGBa3y25kmYy0lgCV4qqQEYn4uXM0n0g=
Subject key identifier: 73:BC:4A:CA:63:7A:51:78:97:4E:5C:98:04:CB:CF:72:95:69:88:4E
Certificate issuer: /CN=F368F4A1AR/serialNumber=825DB034FAB437A89A8DD24406AB7282C78B62BA
Certificate serial: 1A
Authority key identifier: 82:5D:B0:34:FA:B4:37:A8:9A:8D:D2:44:06:AB:72:82:C7:8B:62:BA
Authority info access: rsync://rpki.afrinic.net/repository/arin/gl2wNPq0N6iajdJEBqtygseLYro.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/FFBD17A449C911EF9BD0848C762E951A.roa
Signing time: Wed 24 Jul 2024 14:35:40 +0000
ROA not before: Wed 24 Jul 2024 14:35:37 +0000
ROA not after: Mon 31 Jul 2034 14:35:37 +0000
asID: 49902
IP address blocks: 168.253.128.0/18 maxlen: 19
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/gl2wNPq0N6iajdJEBqtygseLYro.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/gl2wNPq0N6iajdJEBqtygseLYro.mft
rsync://rpki.afrinic.net/repository/arin/gl2wNPq0N6iajdJEBqtygseLYro.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 20 Sep 2024 00:16:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F4A1AR/serialNumber=825DB034FAB437A89A8DD24406AB7282C78B62BA
Validity
Not Before: Jul 24 14:35:37 2024 GMT
Not After : Jul 31 14:35:37 2034 GMT
Subject: CN=66a1113c-dd27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fa:1a:98:e4:d5:e5:1d:7a:d9:65:89:32:39:
f9:51:e9:77:f2:f2:e5:e2:06:e4:e8:72:57:c9:5b:
d1:88:0e:66:63:d2:79:4e:dc:9c:86:f6:c6:d5:7b:
4e:a1:8c:e9:75:ad:d8:24:c9:e2:2f:e2:7a:54:33:
2e:86:9d:6a:d5:76:fd:74:83:f1:a9:8e:a4:46:56:
21:f1:d1:d9:74:ef:c1:46:b5:ae:6c:2c:61:ba:ce:
61:f6:cd:2e:4b:f2:e2:a4:37:d7:53:49:05:20:bd:
ac:63:92:e4:5f:45:cb:d5:bd:71:95:9d:13:4b:29:
d2:65:01:5b:7a:88:fc:ae:e4:06:22:ca:91:b2:06:
ca:ed:fa:7e:6f:bd:1f:f3:d5:a5:5e:92:f9:9a:cc:
75:cc:ec:66:64:eb:11:49:7b:b3:c9:32:c7:04:99:
96:e2:90:2e:c5:c5:cb:95:ad:f8:35:ef:67:03:3c:
f5:6f:86:2b:c0:be:d6:d9:50:a1:eb:cb:7d:28:76:
bc:67:b2:a1:f8:ff:ee:8e:86:49:e9:9d:73:1c:a8:
3a:bc:12:58:27:90:96:1a:63:39:9f:31:d4:cb:3b:
54:55:e1:e2:39:27:27:27:c2:a7:45:14:21:98:b1:
d0:e2:f8:f6:a5:b0:b9:32:8a:e9:b9:a0:ad:6c:ba:
37:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:BC:4A:CA:63:7A:51:78:97:4E:5C:98:04:CB:CF:72:95:69:88:4E
X509v3 Authority Key Identifier:
keyid:82:5D:B0:34:FA:B4:37:A8:9A:8D:D2:44:06:AB:72:82:C7:8B:62:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/gl2wNPq0N6iajdJEBqtygseLYro.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/gl2wNPq0N6iajdJEBqtygseLYro.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F4A1/A61F3BB83F5C11EF9D4CC77E762E951A/FFBD17A449C911EF9BD0848C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.253.128.0/18
Signature Algorithm: sha256WithRSAEncryption
56:38:00:04:4f:36:3d:56:9a:dc:5f:d2:2c:a6:35:48:a6:c1:
ec:f2:32:a5:a7:01:f2:07:57:f5:23:17:c9:21:27:de:d9:45:
80:22:7d:a9:85:6b:40:95:b8:4c:ff:df:15:1e:63:96:9e:38:
47:26:b9:d0:ab:ae:12:7b:80:30:9f:0d:18:c9:d2:e9:84:e0:
14:4f:7e:9d:02:57:c7:3b:1c:1e:a5:ba:00:42:9a:44:d8:bb:
cb:80:42:66:5d:ec:47:cb:7d:c0:4b:cb:bd:b9:c4:c9:e8:da:
69:0e:76:db:dc:b9:e4:ce:8c:6b:3f:99:39:2c:4b:2c:85:72:
01:8a:05:23:ce:22:a7:c2:4d:2f:3f:3c:db:7d:f1:48:9b:02:
e3:fb:88:c0:31:48:99:66:e6:c2:bb:c6:1d:69:32:e5:a2:71:
a1:b2:90:bb:86:3e:bb:22:e0:18:09:44:fb:84:a0:76:da:69:
73:08:a5:9c:ae:3e:d4:e8:b8:59:12:79:80:f4:f5:e7:4f:c9:
69:54:3b:2e:a2:ed:41:26:4a:a2:3d:fd:43:e8:e3:23:06:72:
7d:a1:d9:0c:66:ee:21:c9:f6:3b:bb:98:1d:11:68:6e:30:eb:
f2:6d:9f:63:2a:7d:a1:8a:77:31:8b:f1:a1:5c:77:30:e5:96:
38:86:fa:41
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
RjRBMUFSMTEwLwYDVQQFEyg4MjVEQjAzNEZBQjQzN0E4OUE4REQyNDQwNkFCNzI4
MkM3OEI2MkJBMB4XDTI0MDcyNDE0MzUzN1oXDTM0MDczMTE0MzUzN1owGDEWMBQG
A1UEAxMNNjZhMTExM2MtZGQyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALX6Gpjk1eUdetlliTI5+VHpd/Ly5eIG5OhyV8lb0YgOZmPSeU7cnIb2xtV7
TqGM6XWt2CTJ4i/ielQzLoadatV2/XSD8amOpEZWIfHR2XTvwUa1rmwsYbrOYfbN
Lkvy4qQ311NJBSC9rGOS5F9Fy9W9cZWdE0sp0mUBW3qI/K7kBiLKkbIGyu36fm+9
H/PVpV6S+ZrMdczsZmTrEUl7s8kyxwSZluKQLsXFy5Wt+DXvZwM89W+GK8C+1tlQ
oevLfSh2vGeyofj/7o6GSemdcxyoOrwSWCeQlhpjOZ8x1Ms7VFXh4jknJyfCp0UU
IZix0OL49qWwuTKK6bmgrWy6NzECAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRzvErK
Y3pReJdOXJgEy89ylWmITjAfBgNVHSMEGDAWgBSCXbA0+rQ3qJqN0kQGq3KCx4ti
ujAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OEY0QTEvQTYxRjNCQjgzRjVDMTFFRjlENENDNzdFNzYyRTk1MUEvZ2wyd05Q
cTBONmlhamRKRUJxdHlnc2VMWXJvLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
Z2wyd05QcTBONmlhamRKRUJxdHlnc2VMWXJvLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2OEY0QTEvQTYxRjNCQjgzRjVDMTFFRjlENENDNzdFNzYyRTk1
MUEvRkZCRDE3QTQ0OUM5MTFFRjlCRDA4NDhDNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBqj9gDANBgkqhkiG9w0BAQsFAAOC
AQEAVjgABE82PVaa3F/SLKY1SKbB7PIypacB8gdX9SMXySEn3tlFgCJ9qYVrQJW4
TP/fFR5jlp44Rya50KuuEnuAMJ8NGMnS6YTgFE9+nQJXxzscHqW6AEKaRNi7y4BC
Zl3sR8t9wEvLvbnEyejaaQ5229y55M6Maz+ZOSxLLIVyAYoFI84ip8JNLz88233x
SJsC4/uIwDFImWbmwrvGHWky5aJxobKQu4Y+uyLgGAlE+4SgdtppcwilnK4+1Oi4
WRJ5gPT150/JaVQ7LqLtQSZKoj39Q+jjIwZyfaHZDGbuIcn2O7uYHRFobjDr8m2f
Yyp9oYp3MYvxoVx3MOWWOIb6QQ==
-----END CERTIFICATE-----
Generated at Wed Sep 18 04:19:56 2024 by rpki-client on console-ams.rpki-client.org