Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A42DF/B36A9AF64D6311EE9B779F814AD9E6FC/676C625A4D6411EEBB83C7834AD9E6FC.roa
File: 676C625A4D6411EEBB83C7834AD9E6FC.roa (raw, json)
Hash identifier: iiE25Dzd3pzLzhX8ubXQvlCirPYfptGG+RIQQE+HLD4=
Subject key identifier: E7:24:17:6F:01:74:F2:51:F0:59:83:84:98:CD:B0:DC:56:55:F5:17
Certificate issuer: /CN=F36A42DFAR/serialNumber=6189BF938C94C534D7843A7A034C5B6A8237D596
Certificate serial: 02
Authority key identifier: 61:89:BF:93:8C:94:C5:34:D7:84:3A:7A:03:4C:5B:6A:82:37:D5:96
Authority info access: rsync://rpki.afrinic.net/repository/arin/YYm_k4yUxTTXhDp6A0xbaoI31ZY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/B36A9AF64D6311EE9B779F814AD9E6FC/676C625A4D6411EEBB83C7834AD9E6FC.roa
Signing time: Thu 07 Sep 2023 09:53:32 +0000
ROA not before: Thu 07 Sep 2023 09:53:22 +0000
ROA not after: Mon 30 Sep 2030 09:53:22 +0000
asID: 328170
IP address blocks: 160.119.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/B36A9AF64D6311EE9B779F814AD9E6FC/YYm_k4yUxTTXhDp6A0xbaoI31ZY.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/B36A9AF64D6311EE9B779F814AD9E6FC/YYm_k4yUxTTXhDp6A0xbaoI31ZY.mft
rsync://rpki.afrinic.net/repository/arin/YYm_k4yUxTTXhDp6A0xbaoI31ZY.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 22 Sep 2024 00:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A42DFAR/serialNumber=6189BF938C94C534D7843A7A034C5B6A8237D596
Validity
Not Before: Sep 7 09:53:22 2023 GMT
Not After : Sep 30 09:53:22 2030 GMT
Subject: CN=64f99d9c-f58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:17:70:bb:5d:08:35:7d:e9:ad:19:fe:eb:40:
73:3e:37:f7:56:3b:e7:b3:0e:ec:79:13:0d:7c:14:
d6:21:a5:b4:ee:e8:0e:5c:02:55:fd:6e:93:b4:07:
b6:78:39:b4:7e:84:d0:9d:49:33:b1:63:f6:7e:19:
57:b5:86:08:fb:7e:ea:73:04:ad:64:f2:37:f5:89:
b5:9f:3a:26:62:e3:03:75:b9:4d:1d:66:b3:40:a2:
24:9b:7d:43:81:79:a2:24:42:61:ec:9e:df:d4:3e:
c7:e4:1f:c9:84:4f:c3:01:87:1f:0b:39:62:d3:fe:
0e:d5:9d:16:e8:a5:c5:52:e5:22:66:3a:5f:e1:1e:
b8:6a:44:2c:ac:ff:d3:4f:9e:87:89:83:6f:6b:50:
3a:58:c8:ad:99:89:d3:cd:3b:6e:47:c8:a9:93:a9:
72:aa:b5:6a:37:b1:1c:c0:8d:bf:a7:a5:66:3c:38:
c6:20:88:b9:7b:97:65:10:78:75:eb:05:fc:95:7e:
90:cf:79:17:af:cd:ee:40:e7:37:e3:0c:6e:ed:bb:
2d:ce:76:97:13:ca:6d:c8:45:54:8a:c5:9c:c7:fa:
55:8b:87:80:02:f2:58:aa:c6:e4:ed:26:40:3c:73:
65:ba:c0:0f:31:9a:24:86:17:38:dd:b9:1d:4c:88:
7e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:24:17:6F:01:74:F2:51:F0:59:83:84:98:CD:B0:DC:56:55:F5:17
X509v3 Authority Key Identifier:
keyid:61:89:BF:93:8C:94:C5:34:D7:84:3A:7A:03:4C:5B:6A:82:37:D5:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/B36A9AF64D6311EE9B779F814AD9E6FC/YYm_k4yUxTTXhDp6A0xbaoI31ZY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/YYm_k4yUxTTXhDp6A0xbaoI31ZY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A42DF/B36A9AF64D6311EE9B779F814AD9E6FC/676C625A4D6411EEBB83C7834AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.119.100.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:ff:07:24:ea:d7:d8:a5:33:7b:18:b7:e2:45:80:17:51:da:
26:69:d3:81:b6:c4:66:17:5e:bd:25:c1:54:4b:9d:e7:ae:62:
ce:bd:8d:90:25:a0:cf:3a:7a:93:c3:6f:b6:3e:77:68:f5:2f:
4f:82:c8:c1:de:74:a2:68:b8:a4:f8:3c:a0:24:f5:f0:75:81:
ed:41:4b:12:34:9e:c6:3f:4c:af:04:26:c4:4c:7a:cc:78:05:
c9:7e:82:bc:13:fc:c0:ee:6d:03:a6:66:d8:f8:8b:74:52:46:
e4:92:c1:10:a4:aa:c6:3b:bb:66:6d:d1:f9:51:20:ee:e5:3d:
13:1b:a7:cc:0b:f1:04:80:57:19:dd:b2:12:ab:e9:e7:c6:e1:
e7:3f:9a:e0:c0:6b:bb:74:6b:2f:4a:52:3e:a7:50:42:a8:fe:
79:9a:7f:51:53:d1:dc:a1:3b:d7:8f:90:83:70:0a:e0:1c:38:
fc:f3:a6:2f:65:b7:af:5d:4c:7b:7b:e3:af:96:b7:98:3d:2d:
6d:6b:f9:95:c6:76:56:61:24:46:60:4e:61:f1:9d:a2:70:d2:
e0:12:98:09:a5:f9:48:ba:98:9c:38:65:d3:c0:5b:fc:c6:3a:
10:c4:1e:bb:3e:dc:0d:ca:0a:db:27:46:5b:1b:9c:b6:f3:f4:
11:a9:17:f7
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
NDJERkFSMTEwLwYDVQQFEyg2MTg5QkY5MzhDOTRDNTM0RDc4NDNBN0EwMzRDNUI2
QTgyMzdENTk2MB4XDTIzMDkwNzA5NTMyMloXDTMwMDkzMDA5NTMyMlowGDEWMBQG
A1UEAxMNNjRmOTlkOWMtZjU4ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0XcLtdCDV96a0Z/utAcz4391Y757MO7HkTDXwU1iGltO7oDlwCVf1uk7QH
tng5tH6E0J1JM7Fj9n4ZV7WGCPt+6nMErWTyN/WJtZ86JmLjA3W5TR1ms0CiJJt9
Q4F5oiRCYeye39Q+x+QfyYRPwwGHHws5YtP+DtWdFuilxVLlImY6X+EeuGpELKz/
00+eh4mDb2tQOljIrZmJ0807bkfIqZOpcqq1ajexHMCNv6elZjw4xiCIuXuXZRB4
desF/JV+kM95F6/N7kDnN+MMbu27Lc52lxPKbchFVIrFnMf6VYuHgALyWKrG5O0m
QDxzZbrADzGaJIYXON25HUyIfsECAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTnJBdv
AXTyUfBZg4SYzbDcVlX1FzAfBgNVHSMEGDAWgBRhib+TjJTFNNeEOnoDTFtqgjfV
ljAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTQyREYvQjM2QTlBRjY0RDYzMTFFRTlCNzc5RjgxNEFEOUU2RkMvWVltX2s0
eVV4VFRYaERwNkEweGJhb0kzMVpZLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
WVltX2s0eVV4VFRYaERwNkEweGJhb0kzMVpZLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QTQyREYvQjM2QTlBRjY0RDYzMTFFRTlCNzc5RjgxNEFEOUU2
RkMvNjc2QzYyNUE0RDY0MTFFRUJCODNDNzgzNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqB3ZDANBgkqhkiG9w0BAQsFAAOC
AQEAKv8HJOrX2KUzexi34kWAF1HaJmnTgbbEZhdevSXBVEud565izr2NkCWgzzp6
k8Nvtj53aPUvT4LIwd50omi4pPg8oCT18HWB7UFLEjSexj9MrwQmxEx6zHgFyX6C
vBP8wO5tA6Zm2PiLdFJG5JLBEKSqxju7Zm3R+VEg7uU9ExunzAvxBIBXGd2yEqvp
58bh5z+a4MBru3RrL0pSPqdQQqj+eZp/UVPR3KE714+Qg3AK4Bw4/POmL2W3r11M
e3vjr5a3mD0tbWv5lcZ2VmEkRmBOYfGdonDS4BKYCaX5SLqYnDhl08Bb/MY6EMQe
uz7cDcoK2ydGWxuctvP0EakX9w==
-----END CERTIFICATE-----
Generated at Fri Sep 20 04:26:05 2024 by rpki-client on console-fra.rpki-client.org