Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/2848E24A419F11EE84EBC77E4AD9E6FC.roa
File: 2848E24A419F11EE84EBC77E4AD9E6FC.roa (raw, json)
Hash identifier: 31vEi8mw6ILLVWMlSZQg7FufWrxLwP4Iw+HRKtKDgR0=
Subject key identifier: 9E:2D:B2:D4:6C:9B:3E:7E:E9:04:18:C3:39:09:67:D9:71:55:3C:34
Certificate issuer: /CN=F36AC63AAR/serialNumber=5D517BF0F73919F76D6BC9125269CEEB60DD532C
Certificate serial: 0D
Authority key identifier: 5D:51:7B:F0:F7:39:19:F7:6D:6B:C9:12:52:69:CE:EB:60:DD:53:2C
Authority info access: rsync://rpki.afrinic.net/repository/arin/XVF78Pc5Gfdta8kSUmnO62DdUyw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/2848E24A419F11EE84EBC77E4AD9E6FC.roa
Signing time: Wed 23 Aug 2023 10:23:53 +0000
ROA not before: Wed 23 Aug 2023 10:23:49 +0000
ROA not after: Tue 23 Aug 2033 10:23:49 +0000
asID: 3741
IP address blocks: 192.96.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/XVF78Pc5Gfdta8kSUmnO62DdUyw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/XVF78Pc5Gfdta8kSUmnO62DdUyw.mft
rsync://rpki.afrinic.net/repository/arin/XVF78Pc5Gfdta8kSUmnO62DdUyw.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AC63AAR/serialNumber=5D517BF0F73919F76D6BC9125269CEEB60DD532C
Validity
Not Before: Aug 23 10:23:49 2023 GMT
Not After : Aug 23 10:23:49 2033 GMT
Subject: CN=64e5de39-10ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:16:00:b9:8f:8f:49:63:e9:b0:48:29:4d:fb:
aa:43:27:89:07:24:f2:c4:95:17:51:ff:37:97:b2:
98:d9:fb:29:89:3d:bf:50:02:21:43:f6:26:20:7f:
0a:f6:a5:08:9d:0b:85:95:3a:55:7f:94:49:93:5b:
a8:81:77:fc:7a:af:94:9e:ed:36:be:22:0e:09:aa:
e7:39:41:57:28:16:bf:8f:d1:2f:1e:3b:65:4a:1f:
21:36:6e:8b:c4:2e:80:6a:7f:f3:0d:4c:15:6c:91:
27:4e:9c:e3:2a:98:96:e5:f4:1a:ca:42:50:80:0c:
45:dc:aa:8a:0e:97:81:86:c2:d0:0a:a0:ec:ef:43:
3e:f4:ac:93:33:f0:75:e5:bb:1d:9c:0c:92:56:39:
e2:24:fc:19:ec:cd:e4:86:d0:b5:ca:76:ec:ec:35:
90:43:fd:11:b5:e5:d7:ae:71:0f:9a:59:d6:e4:a8:
60:6b:83:bf:bf:6c:03:55:33:86:90:2f:c0:03:fb:
6e:fc:a7:f9:02:61:b2:67:a1:c0:91:bd:3a:bc:4c:
c5:a3:30:21:f7:df:76:ea:98:9a:2b:ea:c9:bb:51:
eb:b5:50:06:0d:23:12:90:98:a2:c8:19:66:eb:0e:
41:dd:e8:6b:9e:0b:4b:bc:06:ef:fc:15:a0:f4:73:
23:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:2D:B2:D4:6C:9B:3E:7E:E9:04:18:C3:39:09:67:D9:71:55:3C:34
X509v3 Authority Key Identifier:
keyid:5D:51:7B:F0:F7:39:19:F7:6D:6B:C9:12:52:69:CE:EB:60:DD:53:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/XVF78Pc5Gfdta8kSUmnO62DdUyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/XVF78Pc5Gfdta8kSUmnO62DdUyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/2848E24A419F11EE84EBC77E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.96.146.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:49:a7:71:da:5e:2c:a9:aa:03:ed:b0:e0:df:f9:8b:64:aa:
5b:fa:73:ae:80:86:06:4e:34:a4:46:94:89:7b:81:f4:30:ba:
f5:ed:63:62:3b:0d:6a:a6:58:93:df:26:d2:ac:c4:6d:f2:0d:
72:68:d5:62:0c:4b:ca:d7:c0:7c:db:c8:83:b5:61:cb:77:51:
f8:08:59:33:bd:49:76:78:f1:93:50:e2:54:c7:46:45:11:a1:
76:85:1e:56:a5:95:c7:23:3c:b2:f0:a0:b4:f1:b2:d3:23:9a:
a7:0d:d0:9e:b8:0b:a1:83:27:37:45:ef:16:03:52:26:d0:d8:
ff:d3:ef:76:0d:75:82:49:72:eb:92:06:24:5a:39:20:5b:34:
f9:7e:c9:ac:43:70:67:55:fe:ea:51:8c:fc:12:6e:9d:91:b8:
3e:3d:07:3b:f4:63:80:9e:c5:89:92:ba:bf:31:65:14:47:bd:
24:45:ab:72:8c:65:e7:21:25:73:5f:7b:fb:07:00:e0:3a:02:
ef:52:bc:d3:52:5f:b6:4f:8d:b1:48:b7:e8:a4:a5:6b:a0:80:
f3:1d:8a:94:66:ad:fc:dc:fe:56:bc:a2:8b:2f:77:a0:da:95:
32:d2:23:4a:f8:27:ad:51:e9:2e:65:eb:d2:0f:29:74:21:1d:
f6:79:90:1b
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
QzYzQUFSMTEwLwYDVQQFEyg1RDUxN0JGMEY3MzkxOUY3NkQ2QkM5MTI1MjY5Q0VF
QjYwREQ1MzJDMB4XDTIzMDgyMzEwMjM0OVoXDTMzMDgyMzEwMjM0OVowGDEWMBQG
A1UEAxMNNjRlNWRlMzktMTBlZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8WALmPj0lj6bBIKU37qkMniQck8sSVF1H/N5eymNn7KYk9v1ACIUP2JiB/
CvalCJ0LhZU6VX+USZNbqIF3/HqvlJ7tNr4iDgmq5zlBVygWv4/RLx47ZUofITZu
i8QugGp/8w1MFWyRJ06c4yqYluX0GspCUIAMRdyqig6XgYbC0Aqg7O9DPvSskzPw
deW7HZwMklY54iT8GezN5IbQtcp27Ow1kEP9EbXl165xD5pZ1uSoYGuDv79sA1Uz
hpAvwAP7bvyn+QJhsmehwJG9OrxMxaMwIfffduqYmivqybtR67VQBg0jEpCYosgZ
ZusOQd3oa54LS7wG7/wVoPRzI4kCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSeLbLU
bJs+fukEGMM5CWfZcVU8NDAfBgNVHSMEGDAWgBRdUXvw9zkZ921ryRJSac7rYN1T
LDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QUM2M0EvMEE0OEMzRDI0MEMzMTFFRUJGMEU0NzQzNEFEOUU2RkMvWFZGNzhQ
YzVHZmR0YThrU1Vtbk82MkRkVXl3LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
WFZGNzhQYzVHZmR0YThrU1Vtbk82MkRkVXl3LmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QUM2M0EvMEE0OEMzRDI0MEMzMTFFRUJGMEU0NzQzNEFEOUU2
RkMvMjg0OEUyNEE0MTlGMTFFRTg0RUJDNzdFNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBgkjANBgkqhkiG9w0BAQsFAAOC
AQEAnkmncdpeLKmqA+2w4N/5i2SqW/pzroCGBk40pEaUiXuB9DC69e1jYjsNaqZY
k98m0qzEbfINcmjVYgxLytfAfNvIg7Vhy3dR+AhZM71Jdnjxk1DiVMdGRRGhdoUe
VqWVxyM8svCgtPGy0yOapw3QnrgLoYMnN0XvFgNSJtDY/9Pvdg11gkly65IGJFo5
IFs0+X7JrENwZ1X+6lGM/BJunZG4Pj0HO/RjgJ7FiZK6vzFlFEe9JEWrcoxl5yEl
c197+wcA4DoC71K801Jftk+NsUi36KSla6CA8x2KlGat/Nz+Vryiiy93oNqVMtIj
SvgnrVHpLmXr0g8pdCEd9nmQGw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org