Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/3AFCF8AADC9411EE96652BA1775412E6.roa
File: 3AFCF8AADC9411EE96652BA1775412E6.roa (raw, json)
Hash identifier: Xy30UyDmAgRi6Ew4y2B+uFEj2u0THkqditnzHDkIILo=
Subject key identifier: 52:1C:D9:00:3D:48:C1:66:C3:1B:BE:6F:6F:41:7C:42:75:45:ED:0D
Certificate issuer: /CN=F36A34E4AR/serialNumber=2C671F4259707027237540BF62265A2D97EB95CB
Certificate serial: 0E
Authority key identifier: 2C:67:1F:42:59:70:70:27:23:75:40:BF:62:26:5A:2D:97:EB:95:CB
Authority info access: rsync://rpki.afrinic.net/repository/arin/LGcfQllwcCcjdUC_YiZaLZfrlcs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/3AFCF8AADC9411EE96652BA1775412E6.roa
Signing time: Thu 07 Mar 2024 15:06:10 +0000
ROA not before: Thu 07 Mar 2024 15:06:07 +0000
ROA not after: Fri 07 Mar 2025 15:06:07 +0000
asID: 37613
IP address blocks: 169.239.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/LGcfQllwcCcjdUC_YiZaLZfrlcs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/LGcfQllwcCcjdUC_YiZaLZfrlcs.mft
rsync://rpki.afrinic.net/repository/arin/LGcfQllwcCcjdUC_YiZaLZfrlcs.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A34E4AR/serialNumber=2C671F4259707027237540BF62265A2D97EB95CB
Validity
Not Before: Mar 7 15:06:07 2024 GMT
Not After : Mar 7 15:06:07 2025 GMT
Subject: CN=65e9d7e2-7bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d9:b0:04:0b:74:65:3c:00:3a:94:3f:85:b7:
57:95:8d:07:dd:80:45:d1:e1:b8:ba:ac:10:80:40:
35:e3:13:95:dc:9c:fb:07:52:fc:bb:b0:50:8a:b5:
1d:c5:5f:f9:58:c5:e7:47:1e:05:c2:37:f7:a8:d5:
3b:bf:c0:a0:63:d9:c4:79:59:e2:73:02:88:6e:d0:
d6:9f:63:7a:9b:be:6c:56:f7:dc:15:81:c6:a9:2d:
c1:db:ad:db:86:56:3c:ab:e5:a7:48:9d:3e:0d:02:
54:07:27:8f:fc:d2:c6:23:0f:89:3e:f6:68:a2:d8:
08:3e:11:fb:1c:e3:80:d1:f4:4d:2c:79:00:43:d3:
26:45:93:4b:40:ff:c5:c0:d8:ac:62:76:d1:e8:90:
4d:91:08:99:05:3c:14:f6:00:00:a2:4c:dc:1e:70:
f0:c0:ba:20:29:b8:5c:30:e3:44:e9:ea:c8:e9:70:
7b:d4:2b:bf:73:b7:da:8b:72:1c:04:da:44:d6:39:
2e:ee:10:1c:f0:05:6d:ae:a0:39:63:2c:ef:fa:69:
ad:1c:50:e3:24:73:54:41:8c:ac:a1:e2:c1:be:97:
e0:be:d3:69:a1:97:53:1d:14:a0:7d:51:4e:e9:f9:
b4:68:cc:3a:a0:84:51:64:d9:1f:6f:b1:31:ee:cb:
4a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:1C:D9:00:3D:48:C1:66:C3:1B:BE:6F:6F:41:7C:42:75:45:ED:0D
X509v3 Authority Key Identifier:
keyid:2C:67:1F:42:59:70:70:27:23:75:40:BF:62:26:5A:2D:97:EB:95:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/LGcfQllwcCcjdUC_YiZaLZfrlcs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/LGcfQllwcCcjdUC_YiZaLZfrlcs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/3AFCF8AADC9411EE96652BA1775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.188.0/22
Signature Algorithm: sha256WithRSAEncryption
98:e8:4a:a2:93:11:dd:e0:14:e2:37:21:96:26:2a:56:79:d4:
ca:04:cf:95:42:d2:c0:4f:e3:d8:9d:c2:3e:9e:03:d1:e2:bd:
8f:1c:fc:64:d2:cf:71:10:2f:12:c2:92:b4:6b:d1:e6:2a:7a:
e3:e4:92:8f:90:37:3c:fa:f5:a8:4b:e3:8e:12:93:ca:d4:4b:
a3:67:d5:d8:07:b2:db:1c:ec:6a:1a:f8:48:4c:89:4c:a2:24:
3a:ff:2d:04:0e:3c:e0:0c:58:c0:7d:eb:d1:a4:32:f8:f3:ad:
77:25:a4:3f:28:2a:6f:f2:d6:d3:59:f4:35:e5:30:4a:f4:a1:
08:34:83:89:02:23:56:11:f6:c6:de:5f:d5:4c:5c:47:4c:27:
47:15:f3:a3:63:fb:cb:27:40:0f:1c:52:cd:56:38:0f:a3:44:
0a:90:58:f3:15:f7:cc:43:0f:3a:dd:38:55:20:d4:e3:82:40:
86:0e:7b:2f:70:0d:c1:0b:37:95:06:26:39:96:7f:f5:2c:c9:
d7:73:4f:0c:35:aa:dc:94:e4:e9:2d:12:e3:1a:b9:fe:0a:79:
4d:a2:1f:20:fa:a4:06:c0:e9:d7:af:f9:6d:8f:d3:f5:76:f3:
56:21:bc:3d:7f:17:28:fe:73:7b:13:85:8c:96:67:8c:85:a7:
88:6d:ad:a5
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
MzRFNEFSMTEwLwYDVQQFEygyQzY3MUY0MjU5NzA3MDI3MjM3NTQwQkY2MjI2NUEy
RDk3RUI5NUNCMB4XDTI0MDMwNzE1MDYwN1oXDTI1MDMwNzE1MDYwN1owGDEWMBQG
A1UEAxMNNjVlOWQ3ZTItN2JkMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPZsAQLdGU8ADqUP4W3V5WNB92ARdHhuLqsEIBANeMTldyc+wdS/LuwUIq1
HcVf+VjF50ceBcI396jVO7/AoGPZxHlZ4nMCiG7Q1p9jepu+bFb33BWBxqktwdut
24ZWPKvlp0idPg0CVAcnj/zSxiMPiT72aKLYCD4R+xzjgNH0TSx5AEPTJkWTS0D/
xcDYrGJ20eiQTZEImQU8FPYAAKJM3B5w8MC6ICm4XDDjROnqyOlwe9Qrv3O32oty
HATaRNY5Lu4QHPAFba6gOWMs7/pprRxQ4yRzVEGMrKHiwb6X4L7TaaGXUx0UoH1R
Tun5tGjMOqCEUWTZH2+xMe7LSikCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRSHNkA
PUjBZsMbvm9vQXxCdUXtDTAfBgNVHSMEGDAWgBQsZx9CWXBwJyN1QL9iJlotl+uV
yzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTM0RTQvQ0M4RkMzNkNEQTMwMTFFRTlFNkM5OEFBNzc1NDEyRTYvTEdjZlFs
bHdjQ2NqZFVDX1lpWmFMWmZybGNzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
TEdjZlFsbHdjQ2NqZFVDX1lpWmFMWmZybGNzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QTM0RTQvQ0M4RkMzNkNEQTMwMTFFRTlFNkM5OEFBNzc1NDEy
RTYvM0FGQ0Y4QUFEQzk0MTFFRTk2NjUyQkExNzc1NDEyRTYucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqnvvDANBgkqhkiG9w0BAQsFAAOC
AQEAmOhKopMR3eAU4jchliYqVnnUygTPlULSwE/j2J3CPp4D0eK9jxz8ZNLPcRAv
EsKStGvR5ip64+SSj5A3PPr1qEvjjhKTytRLo2fV2Aey2xzsahr4SEyJTKIkOv8t
BA484AxYwH3r0aQy+POtdyWkPygqb/LW01n0NeUwSvShCDSDiQIjVhH2xt5f1Uxc
R0wnRxXzo2P7yydADxxSzVY4D6NECpBY8xX3zEMPOt04VSDU44JAhg57L3ANwQs3
lQYmOZZ/9SzJ13NPDDWq3JTk6S0S4xq5/gp5TaIfIPqkBsDp16/5bY/T9XbzViG8
PX8XKP5zexOFjJZnjIWniG2tpQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:58:59 2024 by rpki-client on console-fra.rpki-client.org