Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/567F89D6DC8911EEBB78BD90775412E6.roa
File: 567F89D6DC8911EEBB78BD90775412E6.roa (raw, json)
Hash identifier: pBig2owUfZyIkr3uW9+APtz3PdsIrgpES5Xh8kFsNWg=
Subject key identifier: 77:12:A5:6F:81:9D:D1:CA:83:1C:C8:5B:85:4A:97:C4:B0:F4:B0:BD
Certificate issuer: /CN=F36A34E4AR/serialNumber=2C671F4259707027237540BF62265A2D97EB95CB
Certificate serial: 08
Authority key identifier: 2C:67:1F:42:59:70:70:27:23:75:40:BF:62:26:5A:2D:97:EB:95:CB
Authority info access: rsync://rpki.afrinic.net/repository/arin/LGcfQllwcCcjdUC_YiZaLZfrlcs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/567F89D6DC8911EEBB78BD90775412E6.roa
Signing time: Thu 07 Mar 2024 13:48:12 +0000
ROA not before: Thu 07 Mar 2024 13:48:08 +0000
ROA not after: Fri 07 Mar 2025 13:48:08 +0000
asID: 37613
IP address blocks: 169.239.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/LGcfQllwcCcjdUC_YiZaLZfrlcs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/LGcfQllwcCcjdUC_YiZaLZfrlcs.mft
rsync://rpki.afrinic.net/repository/arin/LGcfQllwcCcjdUC_YiZaLZfrlcs.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 03 Jun 2024 00:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A34E4AR/serialNumber=2C671F4259707027237540BF62265A2D97EB95CB
Validity
Not Before: Mar 7 13:48:08 2024 GMT
Not After : Mar 7 13:48:08 2025 GMT
Subject: CN=65e9c59b-6be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2f:07:eb:42:2a:ad:a7:63:e0:c8:ad:45:b4:
02:18:87:93:18:54:58:3d:c3:98:5c:70:ab:09:d6:
b7:c4:75:06:6a:12:ec:e3:b0:4f:4a:63:6f:10:6c:
30:4f:c3:e1:28:37:72:0d:c6:ac:16:80:d5:df:3d:
27:28:4b:2b:a6:5c:b3:53:21:38:1a:53:8f:59:bf:
7f:9a:2e:c5:64:4e:24:cf:ef:ad:1b:91:8b:81:65:
53:d8:80:6f:39:8f:5b:fa:b3:c5:87:e7:c9:4a:8a:
9a:fb:af:02:dc:a3:1b:19:a5:01:c4:ce:75:08:7e:
34:2a:1e:e5:5e:c6:4e:25:e6:b0:e2:b2:13:d6:4f:
32:48:52:f5:ea:ab:9e:16:29:fe:ca:fa:6a:75:8e:
dd:42:52:4c:8a:5a:d6:de:d1:fe:89:37:74:84:e1:
c6:a1:d0:ce:f5:03:11:fc:f8:44:b0:37:5e:02:c1:
3b:fc:c0:c2:1b:ab:9a:ce:a6:f9:a0:2a:cf:56:e0:
c8:8d:41:06:5d:8b:4c:11:17:49:34:65:8a:76:64:
8e:49:17:70:9d:77:77:50:cb:24:73:97:17:9f:cd:
0b:0f:b9:54:a2:78:23:c6:69:7a:46:a7:b2:d6:e8:
e0:3a:e9:ec:95:21:f0:ec:69:ed:9c:e3:a4:b1:96:
40:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:12:A5:6F:81:9D:D1:CA:83:1C:C8:5B:85:4A:97:C4:B0:F4:B0:BD
X509v3 Authority Key Identifier:
keyid:2C:67:1F:42:59:70:70:27:23:75:40:BF:62:26:5A:2D:97:EB:95:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/LGcfQllwcCcjdUC_YiZaLZfrlcs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/LGcfQllwcCcjdUC_YiZaLZfrlcs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/567F89D6DC8911EEBB78BD90775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.189.0/24
Signature Algorithm: sha256WithRSAEncryption
34:97:96:25:a9:2e:a6:55:1f:7c:f5:32:76:66:cd:ae:43:8a:
1f:7c:62:44:25:bf:14:d8:11:57:f5:3a:0c:a4:b0:0e:26:59:
c0:12:02:7c:4a:a9:7c:96:72:e0:3a:60:f0:c9:f7:6b:bf:e8:
e6:cc:0d:1c:8d:05:e1:aa:3c:4e:ce:98:a9:48:19:f1:6b:df:
18:13:dd:f3:ba:94:33:59:e6:8e:bf:0b:cd:ec:06:a7:67:c2:
64:c6:fb:06:5d:ac:f2:ce:78:38:14:8f:df:b5:6f:67:ed:e9:
59:04:65:99:45:68:f4:be:12:ad:0e:9e:4c:aa:5a:6a:a6:64:
48:2f:2f:d1:cf:99:34:f9:42:98:fd:4f:e8:ca:65:b8:51:77:
6f:3b:85:6e:86:f2:b8:5c:41:30:63:56:99:84:bc:0b:aa:8d:
39:81:cb:b6:8a:5d:c0:dd:9a:2c:f1:5e:58:f6:45:d5:61:12:
57:85:e7:17:2c:82:b1:79:f6:65:31:c6:bf:92:fe:c2:9e:1d:
a8:12:44:31:7e:cd:b1:0c:ae:b9:a1:19:68:5d:d8:23:7b:5e:
1f:d0:eb:03:f4:e3:b6:99:ad:d2:ad:15:db:a7:9b:27:dc:c2:
e3:a6:d3:db:07:64:a4:47:53:e2:89:be:96:42:61:a5:38:ff:
3b:5c:5c:73
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
MzRFNEFSMTEwLwYDVQQFEygyQzY3MUY0MjU5NzA3MDI3MjM3NTQwQkY2MjI2NUEy
RDk3RUI5NUNCMB4XDTI0MDMwNzEzNDgwOFoXDTI1MDMwNzEzNDgwOFowGDEWMBQG
A1UEAxMNNjVlOWM1OWItNmJlNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAvB+tCKq2nY+DIrUW0AhiHkxhUWD3DmFxwqwnWt8R1BmoS7OOwT0pjbxBs
ME/D4Sg3cg3GrBaA1d89JyhLK6Zcs1MhOBpTj1m/f5ouxWROJM/vrRuRi4FlU9iA
bzmPW/qzxYfnyUqKmvuvAtyjGxmlAcTOdQh+NCoe5V7GTiXmsOKyE9ZPMkhS9eqr
nhYp/sr6anWO3UJSTIpa1t7R/ok3dIThxqHQzvUDEfz4RLA3XgLBO/zAwhurms6m
+aAqz1bgyI1BBl2LTBEXSTRlinZkjkkXcJ13d1DLJHOXF5/NCw+5VKJ4I8Zpekan
stbo4Drp7JUh8Oxp7ZzjpLGWQI8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBR3EqVv
gZ3RyoMcyFuFSpfEsPSwvTAfBgNVHSMEGDAWgBQsZx9CWXBwJyN1QL9iJlotl+uV
yzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTM0RTQvQ0M4RkMzNkNEQTMwMTFFRTlFNkM5OEFBNzc1NDEyRTYvTEdjZlFs
bHdjQ2NqZFVDX1lpWmFMWmZybGNzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
TEdjZlFsbHdjQ2NqZFVDX1lpWmFMWmZybGNzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QTM0RTQvQ0M4RkMzNkNEQTMwMTFFRTlFNkM5OEFBNzc1NDEy
RTYvNTY3Rjg5RDZEQzg5MTFFRUJCNzhCRDkwNzc1NDEyRTYucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKnvvTANBgkqhkiG9w0BAQsFAAOC
AQEANJeWJakuplUffPUydmbNrkOKH3xiRCW/FNgRV/U6DKSwDiZZwBICfEqpfJZy
4Dpg8Mn3a7/o5swNHI0F4ao8Ts6YqUgZ8WvfGBPd87qUM1nmjr8LzewGp2fCZMb7
Bl2s8s54OBSP37VvZ+3pWQRlmUVo9L4SrQ6eTKpaaqZkSC8v0c+ZNPlCmP1P6Mpl
uFF3bzuFbobyuFxBMGNWmYS8C6qNOYHLtopdwN2aLPFeWPZF1WESV4XnFyyCsXn2
ZTHGv5L+wp4dqBJEMX7NsQyuuaEZaF3YI3teH9DrA/Tjtpmt0q0V26ebJ9zC46bT
2wdkpEdT4om+lkJhpTj/O1xccw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:07:17 2024 by rpki-client on console-ams.rpki-client.org