Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3699B8E/0E47380CB12311E59144614AF8AEA228/3FEDB4D43B6911EEA1EC28794AD9E6FC.roa
File: 3FEDB4D43B6911EEA1EC28794AD9E6FC.roa (raw, json)
Hash identifier: Urr1+RPeSWBQ633dZAK+HE5qMEPCK2i7hu69WdCyFmE=
Subject key identifier: A6:7D:3D:59:26:D9:68:AC:35:D5:B5:EA:21:AD:CD:31:E9:55:6E:1C
Certificate issuer: /CN=F3699B8EAR/serialNumber=8A9F86050B4A4E4E925DE6FFD92AC348333E0712
Certificate serial: 0B22
Authority key identifier: 8A:9F:86:05:0B:4A:4E:4E:92:5D:E6:FF:D9:2A:C3:48:33:3E:07:12
Authority info access: rsync://rpki.afrinic.net/repository/arin/ip-GBQtKTk6SXeb_2SrDSDM-BxI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3699B8E/0E47380CB12311E59144614AF8AEA228/3FEDB4D43B6911EEA1EC28794AD9E6FC.roa
Signing time: Tue 15 Aug 2023 12:42:53 +0000
ROA not before: Tue 15 Aug 2023 12:42:34 +0000
ROA not after: Fri 31 Aug 2035 12:42:34 +0000
asID: 61138
IP address blocks: 169.239.128.0/22 maxlen: 24
169.239.200.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3699B8E/0E47380CB12311E59144614AF8AEA228/ip-GBQtKTk6SXeb_2SrDSDM-BxI.crl
rsync://rpki.afrinic.net/repository/member_repository/F3699B8E/0E47380CB12311E59144614AF8AEA228/ip-GBQtKTk6SXeb_2SrDSDM-BxI.mft
rsync://rpki.afrinic.net/repository/arin/ip-GBQtKTk6SXeb_2SrDSDM-BxI.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2850 (0xb22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3699B8EAR/serialNumber=8A9F86050B4A4E4E925DE6FFD92AC348333E0712
Validity
Not Before: Aug 15 12:42:34 2023 GMT
Not After : Aug 31 12:42:34 2035 GMT
Subject: CN=64db72cc-737b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c8:a1:7c:bd:0e:3a:5d:b2:98:d7:eb:42:63:
56:d3:ff:7d:54:07:06:1b:a9:de:18:e2:f5:df:53:
fd:f8:b9:09:a5:d7:87:c8:a7:d7:1f:74:91:ad:f3:
f9:cc:b0:71:7e:27:44:11:7d:5c:27:d3:8f:c0:82:
d4:88:a2:96:1f:5d:38:48:5e:41:e3:98:aa:ba:a6:
47:84:67:59:59:44:28:cc:c5:94:3f:61:69:21:ae:
16:a9:d7:84:0a:95:78:91:e3:eb:14:b4:d5:1e:0e:
22:e9:6d:70:35:28:9b:d2:20:c6:5a:53:65:c2:a7:
7b:70:21:7c:ef:7e:b3:92:40:6c:a1:19:6d:a6:11:
c2:bb:9c:d2:5c:22:64:85:ac:15:bf:be:36:03:9e:
dd:f7:e2:b7:22:d2:1d:c7:5c:1f:ac:e5:32:84:48:
ad:72:29:17:85:af:52:79:3e:29:9e:7e:92:9c:c7:
f3:7a:6e:66:51:6a:f7:77:3b:cc:67:8b:63:2f:c7:
89:60:74:06:71:ce:5c:ec:73:7c:18:d8:19:4d:9f:
f3:51:5b:c3:5f:97:9e:6e:8e:bf:f9:a3:e4:48:ff:
bf:1d:56:67:19:56:7f:8d:63:a6:14:69:5b:76:f0:
0a:95:d6:b6:77:50:60:a0:ff:0a:d8:7f:5c:6b:e1:
95:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:7D:3D:59:26:D9:68:AC:35:D5:B5:EA:21:AD:CD:31:E9:55:6E:1C
X509v3 Authority Key Identifier:
keyid:8A:9F:86:05:0B:4A:4E:4E:92:5D:E6:FF:D9:2A:C3:48:33:3E:07:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3699B8E/0E47380CB12311E59144614AF8AEA228/ip-GBQtKTk6SXeb_2SrDSDM-BxI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/ip-GBQtKTk6SXeb_2SrDSDM-BxI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3699B8E/0E47380CB12311E59144614AF8AEA228/3FEDB4D43B6911EEA1EC28794AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.128.0/22
169.239.200.0/22
Signature Algorithm: sha256WithRSAEncryption
41:f2:ad:a4:94:f1:45:10:7d:56:21:76:7d:47:b1:f1:98:02:
f5:2f:2c:3e:42:09:4d:5d:d8:ad:e1:c9:70:90:0d:61:5b:83:
fd:b9:85:1e:38:a8:15:bf:65:67:86:d1:96:7f:00:a8:4d:41:
14:aa:98:fd:13:bd:2e:cf:92:73:23:76:89:ca:14:fe:27:6b:
db:5f:ce:2a:93:61:34:12:cd:4a:7e:32:31:53:be:98:e4:84:
6b:bf:72:4f:99:04:53:bd:a7:75:db:99:db:09:6c:c7:3c:38:
0e:5e:8a:9b:aa:54:db:71:f6:29:2f:71:8b:9c:8c:68:f7:dd:
71:68:ed:71:57:42:1a:6c:76:d2:42:1c:6d:c2:3c:22:b8:b0:
91:68:e8:bf:67:8c:a4:90:40:e5:48:0b:2d:7e:da:22:41:c0:
6b:17:b1:f5:3e:c0:c7:2d:7c:91:6b:02:09:66:3c:e6:cb:c7:
e4:b0:b5:82:75:ad:d6:7c:b3:bc:bb:01:45:6b:07:e0:f2:1d:
a7:c9:dc:e1:77:c2:88:b1:36:b5:32:d9:00:08:68:9e:07:75:
04:d4:cc:bc:38:c7:4e:2c:79:71:f9:4e:ca:d6:9c:d5:d3:e7:
b7:3a:96:6e:15:06:cd:6d:41:c7:0b:60:75:06:63:4c:3d:0c:
c3:8e:3e:64
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCyIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OTlCOEVBUjExMC8GA1UEBRMoOEE5Rjg2MDUwQjRBNEU0RTkyNURFNkZGRDkyQUMz
NDgzMzNFMDcxMjAeFw0yMzA4MTUxMjQyMzRaFw0zNTA4MzExMjQyMzRaMBgxFjAU
BgNVBAMTDTY0ZGI3MmNjLTczN2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDyKF8vQ46XbKY1+tCY1bT/31UBwYbqd4Y4vXfU/34uQml14fIp9cfdJGt
8/nMsHF+J0QRfVwn04/AgtSIopYfXThIXkHjmKq6pkeEZ1lZRCjMxZQ/YWkhrhap
14QKlXiR4+sUtNUeDiLpbXA1KJvSIMZaU2XCp3twIXzvfrOSQGyhGW2mEcK7nNJc
ImSFrBW/vjYDnt334rci0h3HXB+s5TKESK1yKReFr1J5PimefpKcx/N6bmZRavd3
O8xni2Mvx4lgdAZxzlzsc3wY2BlNn/NRW8Nfl55ujr/5o+RI/78dVmcZVn+NY6YU
aVt28AqV1rZ3UGCg/wrYf1xr4ZVVAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUpn09
WSbZaKw11bXqIa3NMelVbhwwHwYDVR0jBBgwFoAUip+GBQtKTk6SXeb/2SrDSDM+
BxIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk5QjhFLzBFNDczODBDQjEyMzExRTU5MTQ0NjE0QUY4QUVBMjI4L2lwLUdC
UXRLVGs2U1hlYl8yU3JEU0RNLUJ4SS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2lwLUdCUXRLVGs2U1hlYl8yU3JEU0RNLUJ4SS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjk5QjhFLzBFNDczODBDQjEyMzExRTU5MTQ0NjE0QUY4QUVB
MjI4LzNGRURCNEQ0M0I2OTExRUVBMUVDMjg3OTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAKp74ADBAKp78gwDQYJKoZIhvcN
AQELBQADggEBAEHyraSU8UUQfVYhdn1HsfGYAvUvLD5CCU1d2K3hyXCQDWFbg/25
hR44qBW/ZWeG0ZZ/AKhNQRSqmP0TvS7PknMjdonKFP4na9tfziqTYTQSzUp+MjFT
vpjkhGu/ck+ZBFO9p3XbmdsJbMc8OA5eipuqVNtx9ikvcYucjGj33XFo7XFXQhps
dtJCHG3CPCK4sJFo6L9njKSQQOVICy1+2iJBwGsXsfU+wMctfJFrAglmPObLx+Sw
tYJ1rdZ8s7y7AUVrB+DyHafJ3OF3woixNrUy2QAIaJ4HdQTUzLw4x04seXH5TsrW
nNXT57c6lm4VBs1tQccLYHUGY0w9DMOOPmQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:13 2024 by rpki-client on console-fra.rpki-client.org