Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A39CE/621AB4EE0B5311EE9B4D135D4AD9E6FC/9D1F1EF4403611EF977FF944762E951A.roa
File: 9D1F1EF4403611EF977FF944762E951A.roa (raw, json)
Hash identifier: hLeObmsi90Fg8VBqFqxqwLqUBn1VTFF0SZa65WhAxQ4=
Subject key identifier: E1:5C:A4:3C:36:EC:D5:C0:26:A9:C5:A0:3E:92:94:50:4C:0D:AB:43
Certificate issuer: /CN=F36A39CEAR/serialNumber=745DD77100E5BAA5755D3B93C0F4274C279B6DD7
Certificate serial: 0197
Authority key identifier: 74:5D:D7:71:00:E5:BA:A5:75:5D:3B:93:C0:F4:27:4C:27:9B:6D:D7
Authority info access: rsync://rpki.afrinic.net/repository/arin/dF3XcQDluqV1XTuTwPQnTCebbdc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A39CE/621AB4EE0B5311EE9B4D135D4AD9E6FC/9D1F1EF4403611EF977FF944762E951A.roa
Signing time: Fri 12 Jul 2024 10:07:58 +0000
ROA not before: Fri 12 Jul 2024 10:07:54 +0000
ROA not after: Fri 12 Jul 2030 10:07:54 +0000
asID: 327786
IP address blocks: 169.255.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A39CE/621AB4EE0B5311EE9B4D135D4AD9E6FC/dF3XcQDluqV1XTuTwPQnTCebbdc.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A39CE/621AB4EE0B5311EE9B4D135D4AD9E6FC/dF3XcQDluqV1XTuTwPQnTCebbdc.mft
rsync://rpki.afrinic.net/repository/arin/dF3XcQDluqV1XTuTwPQnTCebbdc.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 407 (0x197)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A39CEAR/serialNumber=745DD77100E5BAA5755D3B93C0F4274C279B6DD7
Validity
Not Before: Jul 12 10:07:54 2024 GMT
Not After : Jul 12 10:07:54 2030 GMT
Subject: CN=6691007e-4905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9c:37:24:b3:7b:f9:18:ca:cf:35:6f:5a:cc:
93:21:d5:d1:6a:43:e7:39:17:00:3b:82:51:32:87:
95:bd:b7:ee:8c:c8:4e:77:8c:90:52:38:1a:ea:28:
be:5c:77:10:33:9d:d6:90:01:e3:02:3a:53:de:d4:
50:0c:22:39:1c:ff:4c:ab:35:da:e4:d3:be:b0:5a:
56:9d:b9:c6:6c:84:b9:11:02:18:33:a6:b4:7f:b7:
7c:1d:d1:43:c8:66:39:1c:10:a6:ef:35:09:1e:56:
f8:7d:ac:a0:53:1e:1d:ac:53:65:1e:a5:f3:03:c8:
f4:6c:f8:57:b9:a1:02:3a:7c:34:2d:7e:ac:6b:11:
21:6a:b7:bf:98:22:fb:99:b8:bb:c5:86:16:48:02:
0e:1e:e5:67:cc:43:66:24:ef:f4:f9:0b:85:f6:b4:
da:b9:d6:4b:2d:9d:bf:a1:87:9f:a2:46:0b:70:9b:
61:6b:59:0f:5b:70:a4:0e:b9:bf:38:f1:8f:42:51:
0b:de:68:d2:c7:ae:f9:6d:b9:43:74:6f:92:44:2d:
f9:a1:c2:af:eb:91:0a:78:a2:c0:5a:70:1a:14:93:
d5:f7:52:7c:c7:06:1c:d1:06:eb:35:db:94:fd:19:
98:b5:76:4e:76:b3:b1:fa:34:b4:d0:c0:6b:35:b1:
5f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:5C:A4:3C:36:EC:D5:C0:26:A9:C5:A0:3E:92:94:50:4C:0D:AB:43
X509v3 Authority Key Identifier:
keyid:74:5D:D7:71:00:E5:BA:A5:75:5D:3B:93:C0:F4:27:4C:27:9B:6D:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A39CE/621AB4EE0B5311EE9B4D135D4AD9E6FC/dF3XcQDluqV1XTuTwPQnTCebbdc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/dF3XcQDluqV1XTuTwPQnTCebbdc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A39CE/621AB4EE0B5311EE9B4D135D4AD9E6FC/9D1F1EF4403611EF977FF944762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.255.24.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:cb:be:d6:09:5f:60:21:ee:a4:a8:e4:46:82:0c:f1:5e:52:
e4:13:31:40:65:c9:75:c2:5b:f3:92:66:29:d9:f1:42:f2:99:
52:bc:e1:47:6e:f0:2b:12:a2:74:4f:f6:c2:2c:1f:bd:a7:c8:
3f:32:e4:a0:5e:14:09:43:e9:29:53:07:f4:96:35:d1:6d:5f:
b9:a9:74:d1:8a:82:81:20:21:1a:3a:d1:18:4f:29:6f:6f:23:
6a:89:3b:d5:61:70:37:19:4c:ad:dd:69:9a:e7:25:4b:ed:cd:
80:2e:9a:56:3a:3f:a8:96:0b:1d:c1:b9:2d:eb:bb:42:d9:44:
b4:83:f9:f4:01:30:68:64:c8:b6:b0:ed:31:eb:12:8f:a4:3f:
23:14:c0:fe:9c:e4:61:38:98:a5:b9:62:c6:8b:9c:0a:f2:1a:
fe:0f:48:84:94:53:1e:11:9a:ca:de:4e:d2:35:6f:f6:58:e1:
df:49:0d:7d:02:84:81:ca:fe:bf:07:21:96:f9:24:3f:3d:12:
67:34:0d:e4:10:f6:fd:53:b2:63:50:a6:23:72:6a:e8:f2:a8:
d1:70:3d:e1:b7:88:c1:43:81:bc:2e:99:0a:69:3f:f4:b9:42:
74:14:60:cf:69:7f:e5:22:7f:f8:d2:bf:02:f3:59:3f:24:a2:
00:c6:ea:43
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTM5Q0VBUjExMC8GA1UEBRMoNzQ1REQ3NzEwMEU1QkFBNTc1NUQzQjkzQzBGNDI3
NEMyNzlCNkRENzAeFw0yNDA3MTIxMDA3NTRaFw0zMDA3MTIxMDA3NTRaMBgxFjAU
BgNVBAMTDTY2OTEwMDdlLTQ5MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCenDcks3v5GMrPNW9azJMh1dFqQ+c5FwA7glEyh5W9t+6MyE53jJBSOBrq
KL5cdxAzndaQAeMCOlPe1FAMIjkc/0yrNdrk076wWladucZshLkRAhgzprR/t3wd
0UPIZjkcEKbvNQkeVvh9rKBTHh2sU2UepfMDyPRs+Fe5oQI6fDQtfqxrESFqt7+Y
IvuZuLvFhhZIAg4e5WfMQ2Yk7/T5C4X2tNq51kstnb+hh5+iRgtwm2FrWQ9bcKQO
ub848Y9CUQveaNLHrvltuUN0b5JELfmhwq/rkQp4osBacBoUk9X3UnzHBhzRBus1
25T9GZi1dk52s7H6NLTQwGs1sV+pAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU4Vyk
PDbs1cAmqcWgPpKUUEwNq0MwHwYDVR0jBBgwFoAUdF3XcQDluqV1XTuTwPQnTCeb
bdcwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkEzOUNFLzYyMUFCNEVFMEI1MzExRUU5QjREMTM1RDRBRDlFNkZDL2RGM1hj
UURsdXFWMVhUdVR3UFFuVENlYmJkYy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2RGM1hjUURsdXFWMVhUdVR3UFFuVENlYmJkYy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkEzOUNFLzYyMUFCNEVFMEI1MzExRUU5QjREMTM1RDRBRDlF
NkZDLzlEMUYxRUY0NDAzNjExRUY5NzdGRjk0NDc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKp/xgwDQYJKoZIhvcNAQELBQAD
ggEBAL/LvtYJX2Ah7qSo5EaCDPFeUuQTMUBlyXXCW/OSZinZ8ULymVK84Udu8CsS
onRP9sIsH72nyD8y5KBeFAlD6SlTB/SWNdFtX7mpdNGKgoEgIRo60RhPKW9vI2qJ
O9VhcDcZTK3daZrnJUvtzYAumlY6P6iWCx3BuS3ru0LZRLSD+fQBMGhkyLaw7THr
Eo+kPyMUwP6c5GE4mKW5YsaLnAryGv4PSISUUx4RmsreTtI1b/ZY4d9JDX0ChIHK
/r8HIZb5JD89Emc0DeQQ9v1TsmNQpiNyaujyqNFwPeG3iMFDgbwumQppP/S5QnQU
YM9pf+Uif/jSvwLzWT8kogDG6kM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:19 2024 by rpki-client on console-ams.rpki-client.org