Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/B47043E640C611EE86E5AE4E4AD9E6FC.roa
File: B47043E640C611EE86E5AE4E4AD9E6FC.roa (raw, json)
Hash identifier: UWusm55Cxzo56WDe90pWaCjCCJ7TZM8kcbllrJbesr4=
Subject key identifier: 5E:BA:14:BE:F2:EC:91:43:21:D5:24:9F:FD:F0:DF:F9:D3:CE:AD:B1
Certificate issuer: /CN=F36AC63AAR/serialNumber=5D517BF0F73919F76D6BC9125269CEEB60DD532C
Certificate serial: 02
Authority key identifier: 5D:51:7B:F0:F7:39:19:F7:6D:6B:C9:12:52:69:CE:EB:60:DD:53:2C
Authority info access: rsync://rpki.afrinic.net/repository/arin/XVF78Pc5Gfdta8kSUmnO62DdUyw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/B47043E640C611EE86E5AE4E4AD9E6FC.roa
Signing time: Tue 22 Aug 2023 08:34:27 +0000
ROA not before: Tue 22 Aug 2023 08:34:24 +0000
ROA not after: Sat 22 Aug 2043 08:34:24 +0000
asID: 16800
IP address blocks: 192.96.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/XVF78Pc5Gfdta8kSUmnO62DdUyw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/XVF78Pc5Gfdta8kSUmnO62DdUyw.mft
rsync://rpki.afrinic.net/repository/arin/XVF78Pc5Gfdta8kSUmnO62DdUyw.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36AC63AAR/serialNumber=5D517BF0F73919F76D6BC9125269CEEB60DD532C
Validity
Not Before: Aug 22 08:34:24 2023 GMT
Not After : Aug 22 08:34:24 2043 GMT
Subject: CN=64e47313-bf00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3b:42:ad:7c:02:cf:25:93:39:c6:11:45:23:
fe:42:9a:02:b9:16:ce:07:3c:73:d3:a3:44:62:e3:
99:d3:36:d9:71:41:43:43:9b:ed:e6:ad:0d:ce:6c:
2a:9c:10:ce:4e:df:b4:b6:eb:5f:40:f0:7e:0f:7b:
ca:6a:c3:09:90:2c:a9:87:6a:01:a8:d7:c0:ef:79:
82:bb:0d:75:bf:b7:2d:66:cd:f6:e0:95:5f:07:33:
90:b9:f3:1d:fd:ab:d8:03:16:37:2c:38:bf:d5:a9:
c5:bc:f8:cf:6a:47:19:5c:e3:d3:78:b9:5b:2e:c3:
f2:00:43:f2:7b:ba:cf:76:b5:7b:17:2e:ae:03:84:
1a:d0:fc:c8:3d:9a:ee:cc:03:08:14:68:15:84:41:
78:8c:f7:20:da:e2:f5:d4:d4:ca:df:ca:29:9e:1e:
64:ca:08:52:09:cb:0b:60:2a:02:b1:f6:75:c3:c4:
8e:42:09:7b:37:65:1e:8b:74:8f:44:cf:64:73:c0:
bd:f7:cd:cb:2d:eb:b0:34:7a:99:1b:a0:5e:6e:c1:
39:fc:5f:46:e7:ea:d1:7c:e4:9c:50:66:e6:d5:3c:
fb:f7:7e:ca:b0:86:9b:0f:3a:bb:e9:e9:d9:52:69:
ab:df:67:cc:58:59:55:4e:07:91:6a:be:e2:ac:cd:
ef:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BA:14:BE:F2:EC:91:43:21:D5:24:9F:FD:F0:DF:F9:D3:CE:AD:B1
X509v3 Authority Key Identifier:
keyid:5D:51:7B:F0:F7:39:19:F7:6D:6B:C9:12:52:69:CE:EB:60:DD:53:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/XVF78Pc5Gfdta8kSUmnO62DdUyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/XVF78Pc5Gfdta8kSUmnO62DdUyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AC63A/0A48C3D240C311EEBF0E47434AD9E6FC/B47043E640C611EE86E5AE4E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.96.146.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:b6:54:d5:22:20:68:0a:7d:43:ea:ff:6d:1c:12:0a:a1:4b:
68:fc:e1:0b:d3:8d:96:e9:91:96:b3:1d:d2:ef:13:4e:17:dc:
eb:a6:59:23:7c:be:ab:38:c2:d6:79:2c:6e:a6:f4:e9:1b:99:
cc:2d:ed:26:33:a0:08:8d:5e:b4:ef:dc:c5:5e:0a:4b:7a:0f:
15:bd:0b:40:66:f1:53:52:d2:08:f1:43:d2:db:31:90:82:d3:
9e:05:90:73:86:4f:49:92:e5:e7:d2:ce:94:10:ce:d5:17:c6:
47:20:2c:8f:96:b4:ec:41:fe:1c:06:7e:ff:c1:11:d2:d8:d7:
06:1a:9f:4c:66:fa:48:ae:46:10:80:36:0d:01:0a:c5:26:4a:
26:f6:f3:ce:01:57:50:a2:5b:21:88:40:9e:57:03:19:c0:59:
c6:36:2b:e8:3e:36:d6:ba:79:6e:bd:ba:9c:70:95:f3:52:86:
95:da:f0:7e:a0:e9:47:af:d1:f3:f1:c3:a2:3c:1c:0d:1b:fb:
8e:c6:d2:c9:2b:75:66:b5:b6:9f:40:68:7c:00:3d:17:c0:db:
e5:26:82:dd:c8:75:09:ea:01:a5:44:fb:0e:08:df:47:d7:12:
57:11:a3:77:b0:86:20:79:f8:5c:64:0c:7b:84:44:b9:45:c0:
a0:b7:0d:4d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
QzYzQUFSMTEwLwYDVQQFEyg1RDUxN0JGMEY3MzkxOUY3NkQ2QkM5MTI1MjY5Q0VF
QjYwREQ1MzJDMB4XDTIzMDgyMjA4MzQyNFoXDTQzMDgyMjA4MzQyNFowGDEWMBQG
A1UEAxMNNjRlNDczMTMtYmYwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALw7Qq18As8lkznGEUUj/kKaArkWzgc8c9OjRGLjmdM22XFBQ0Ob7eatDc5s
KpwQzk7ftLbrX0Dwfg97ymrDCZAsqYdqAajXwO95grsNdb+3LWbN9uCVXwczkLnz
Hf2r2AMWNyw4v9Wpxbz4z2pHGVzj03i5Wy7D8gBD8nu6z3a1excurgOEGtD8yD2a
7swDCBRoFYRBeIz3INri9dTUyt/KKZ4eZMoIUgnLC2AqArH2dcPEjkIJezdlHot0
j0TPZHPAvffNyy3rsDR6mRugXm7BOfxfRufq0XzknFBm5tU8+/d+yrCGmw86u+np
2VJpq99nzFhZVU4HkWq+4qzN7w0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBReuhS+
8uyRQyHVJJ/98N/5086tsTAfBgNVHSMEGDAWgBRdUXvw9zkZ921ryRJSac7rYN1T
LDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QUM2M0EvMEE0OEMzRDI0MEMzMTFFRUJGMEU0NzQzNEFEOUU2RkMvWFZGNzhQ
YzVHZmR0YThrU1Vtbk82MkRkVXl3LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
WFZGNzhQYzVHZmR0YThrU1Vtbk82MkRkVXl3LmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QUM2M0EvMEE0OEMzRDI0MEMzMTFFRUJGMEU0NzQzNEFEOUU2
RkMvQjQ3MDQzRTY0MEM2MTFFRTg2RTVBRTRFNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBgkjANBgkqhkiG9w0BAQsFAAOC
AQEAOrZU1SIgaAp9Q+r/bRwSCqFLaPzhC9ONlumRlrMd0u8TThfc66ZZI3y+qzjC
1nksbqb06RuZzC3tJjOgCI1etO/cxV4KS3oPFb0LQGbxU1LSCPFD0tsxkILTngWQ
c4ZPSZLl59LOlBDO1RfGRyAsj5a07EH+HAZ+/8ER0tjXBhqfTGb6SK5GEIA2DQEK
xSZKJvbzzgFXUKJbIYhAnlcDGcBZxjYr6D421rp5br26nHCV81KGldrwfqDpR6/R
8/HDojwcDRv7jsbSySt1ZrW2n0BofAA9F8Db5SaC3ch1CeoBpUT7DgjfR9cSVxGj
d7CGIHn4XGQMe4REuUXAoLcNTQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:20 2024 by rpki-client on console-ams.rpki-client.org