Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A413F/D8EC92AED33911EFA750A6B3762E951A/485660E2D33B11EFB36E4BBC762E951A.roa
File: 485660E2D33B11EFB36E4BBC762E951A.roa (raw, json)
Hash identifier: miJkwutQdLFlKKXwBXo4jomSNflYIN5M9tkEV2QPIO0=
Subject key identifier: 14:06:D1:AB:CB:13:A1:9A:83:6D:5C:05:57:4B:E4:36:05:9A:B6:75
Certificate issuer: /CN=F36A413FAR/serialNumber=27D65104B852001AC1D5650B2C0C3748FC5D6950
Certificate serial: 04
Authority key identifier: 27:D6:51:04:B8:52:00:1A:C1:D5:65:0B:2C:0C:37:48:FC:5D:69:50
Authority info access: rsync://rpki.afrinic.net/repository/arin/J9ZRBLhSABrB1WULLAw3SPxdaVA.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A413F/D8EC92AED33911EFA750A6B3762E951A/485660E2D33B11EFB36E4BBC762E951A.roa
Signing time: Wed 15 Jan 2025 12:21:44 +0000
ROA not before: Wed 15 Jan 2025 12:21:41 +0000
ROA not after: Tue 26 Jan 2027 12:21:41 +0000
asID: 37740
IP address blocks: 169.239.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A413F/D8EC92AED33911EFA750A6B3762E951A/J9ZRBLhSABrB1WULLAw3SPxdaVA.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A413F/D8EC92AED33911EFA750A6B3762E951A/J9ZRBLhSABrB1WULLAw3SPxdaVA.mft
rsync://rpki.afrinic.net/repository/arin/J9ZRBLhSABrB1WULLAw3SPxdaVA.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A413FAR
Validity
Not Before: Jan 15 12:21:41 2025 GMT
Not After : Jan 26 12:21:41 2027 GMT
Subject: CN=6787a858-ddb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d7:b4:e4:9b:d9:3f:ea:51:aa:ca:1a:1b:36:
2f:de:d9:c6:e5:c9:73:f7:83:10:6c:e7:6e:de:a9:
a4:e4:c3:1f:99:32:08:f9:9d:f0:54:d3:54:a2:65:
95:7b:ee:14:a1:1b:d7:df:84:1f:f5:b7:8d:ec:52:
6b:99:24:c5:cb:10:9a:28:1e:68:f4:33:60:e7:1d:
7d:82:ea:35:89:ba:2d:66:6e:e5:77:3c:2d:21:95:
b2:75:d0:63:b4:a5:a1:be:35:4f:f6:75:1f:7a:3a:
72:51:ed:2f:ed:84:95:12:d1:79:2f:3e:51:f1:ba:
2b:50:66:19:2d:d7:c2:cc:36:6d:45:21:d1:86:2f:
06:9e:c9:23:6c:2b:1b:1c:1f:b0:18:7f:44:32:74:
06:fb:47:ad:2d:6e:6d:af:de:06:7c:91:f8:20:f4:
72:a6:ad:d1:84:b2:fb:8e:51:c8:b6:89:df:a4:fa:
89:9a:84:86:1a:7f:1b:ed:2b:de:cd:b4:84:30:6b:
5c:0f:49:8d:f6:7c:54:3a:2e:80:a3:55:76:d9:35:
1a:3b:5c:83:9e:e7:b7:29:29:37:df:7b:02:44:cb:
c4:e9:34:9c:b8:8c:de:a5:5d:ff:44:08:7e:a6:2e:
4a:59:bc:15:70:c2:f6:a0:6e:64:83:87:a9:2e:24:
6f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:06:D1:AB:CB:13:A1:9A:83:6D:5C:05:57:4B:E4:36:05:9A:B6:75
X509v3 Authority Key Identifier:
keyid:27:D6:51:04:B8:52:00:1A:C1:D5:65:0B:2C:0C:37:48:FC:5D:69:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A413F/D8EC92AED33911EFA750A6B3762E951A/J9ZRBLhSABrB1WULLAw3SPxdaVA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/J9ZRBLhSABrB1WULLAw3SPxdaVA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A413F/D8EC92AED33911EFA750A6B3762E951A/485660E2D33B11EFB36E4BBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.20.0/22
Signature Algorithm: sha256WithRSAEncryption
09:83:25:ba:a2:08:58:cf:e6:87:8a:87:d5:66:28:a3:ed:2e:
d4:6f:fe:90:6a:16:d5:ff:72:5f:52:9e:58:86:d3:5a:a8:7c:
51:c3:21:b6:cb:ba:7c:79:09:5a:ff:87:03:17:84:ff:a2:bb:
bf:08:1d:90:e0:1d:b6:5f:e5:ca:41:21:17:a8:47:0a:17:cf:
ac:2d:24:5e:70:62:23:ac:20:17:bc:c5:fb:c6:fa:f4:6c:2f:
c1:3b:b6:be:c2:45:76:44:a2:1d:d3:a3:83:5b:98:7e:db:6f:
cd:30:9a:ca:ce:06:7d:9f:dc:3f:25:27:6f:ea:b2:ef:4b:3f:
78:56:49:e6:20:06:89:5e:4d:f4:94:f9:78:04:7f:7a:43:87:
2e:d3:40:6c:5b:21:1a:b9:f8:2b:1a:5f:3c:49:c6:64:35:1e:
78:b8:1e:13:a8:90:05:83:af:77:ed:b7:6f:12:4b:a3:f3:9c:
d6:d7:ed:c8:a4:c6:68:7b:90:a1:e2:5a:62:cd:a8:57:1a:e4:
27:82:ff:21:fd:43:16:89:7a:09:e5:71:e9:4e:b7:be:46:af:
bb:79:4e:a7:1d:fe:b0:ce:ee:7b:5e:3e:92:39:8e:a4:1a:4b:
74:a8:bc:13:6e:c7:54:66:66:99:09:fb:b9:c6:84:d3:85:5b:
fc:9c:e8:36
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NDEzRkFSMTEwLwYDVQQFEygyN0Q2NTEwNEI4NTIwMDFBQzFENTY1MEIyQzBDMzc0
OEZDNUQ2OTUwMB4XDTI1MDExNTEyMjE0MVoXDTI3MDEyNjEyMjE0MVowGDEWMBQG
A1UEAxMNNjc4N2E4NTgtZGRiNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLXtOSb2T/qUarKGhs2L97ZxuXJc/eDEGznbt6ppOTDH5kyCPmd8FTTVKJl
lXvuFKEb19+EH/W3jexSa5kkxcsQmigeaPQzYOcdfYLqNYm6LWZu5Xc8LSGVsnXQ
Y7Slob41T/Z1H3o6clHtL+2ElRLReS8+UfG6K1BmGS3Xwsw2bUUh0YYvBp7JI2wr
GxwfsBh/RDJ0BvtHrS1uba/eBnyR+CD0cqat0YSy+45RyLaJ36T6iZqEhhp/G+0r
3s20hDBrXA9JjfZ8VDougKNVdtk1Gjtcg57ntykpN997AkTLxOk0nLiM3qVd/0QI
fqYuSlm8FXDC9qBuZIOHqS4kb5sCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQUBtGr
yxOhmoNtXAVXS+Q2BZq2dTAfBgNVHSMEGDAWgBQn1lEEuFIAGsHVZQssDDdI/F1p
UDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTQxM0YvRDhFQzkyQUVEMzM5MTFFRkE3NTBBNkIzNzYyRTk1MUEvSjlaUkJM
aFNBQnJCMVdVTExBdzNTUHhkYVZBLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SjlaUkJMaFNBQnJCMVdVTExBdzNTUHhkYVZBLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QTQxM0YvRDhFQzkyQUVEMzM5MTFFRkE3NTBBNkIzNzYyRTk1
MUEvNDg1NjYwRTJEMzNCMTFFRkIzNkU0QkJDNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqnvFDANBgkqhkiG9w0BAQsFAAOC
AQEACYMluqIIWM/mh4qH1WYoo+0u1G/+kGoW1f9yX1KeWIbTWqh8UcMhtsu6fHkJ
Wv+HAxeE/6K7vwgdkOAdtl/lykEhF6hHChfPrC0kXnBiI6wgF7zF+8b69GwvwTu2
vsJFdkSiHdOjg1uYfttvzTCays4GfZ/cPyUnb+qy70s/eFZJ5iAGiV5N9JT5eAR/
ekOHLtNAbFshGrn4KxpfPEnGZDUeeLgeE6iQBYOvd+23bxJLo/Oc1tftyKTGaHuQ
oeJaYs2oVxrkJ4L/If1DFol6CeVx6U63vkavu3lOpx3+sM7ue14+kjmOpBpLdKi8
E27HVGZmmQn7ucaE04Vb/JzoNg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 20:28:23 2025 by rpki-client