Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B1FB2/FBA714029F8311EAB22B3D37F8AEA228/8DD8A63E9F8811EA9E1CD13BF8AEA228.roa
File: 8DD8A63E9F8811EA9E1CD13BF8AEA228.roa (raw, json)
Hash identifier: 4gla00WyKnybWEMMlGQqnQZbh5T6kkOr0Aikoc7oSJA=
Subject key identifier: 62:CF:7B:8B:0D:53:09:4A:69:73:2C:ED:8F:59:C0:D6:60:33:67:87
Certificate issuer: /CN=F36B1FB2AR/serialNumber=5B524E4B3F19E841BC6164E963BFD23D38CD3241
Certificate serial: 06
Authority key identifier: 5B:52:4E:4B:3F:19:E8:41:BC:61:64:E9:63:BF:D2:3D:38:CD:32:41
Authority info access: rsync://rpki.afrinic.net/repository/arin/W1JOSz8Z6EG8YWTpY7_SPTjNMkE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B1FB2/FBA714029F8311EAB22B3D37F8AEA228/8DD8A63E9F8811EA9E1CD13BF8AEA228.roa
Signing time: Tue 26 May 2020 19:39:04 +0000
ROA not before: Tue 26 May 2020 19:38:58 +0000
ROA not after: Tue 31 Dec 2030 19:38:58 +0000
asID: 327981
IP address blocks: 169.239.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B1FB2/FBA714029F8311EAB22B3D37F8AEA228/W1JOSz8Z6EG8YWTpY7_SPTjNMkE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B1FB2/FBA714029F8311EAB22B3D37F8AEA228/W1JOSz8Z6EG8YWTpY7_SPTjNMkE.mft
rsync://rpki.afrinic.net/repository/arin/W1JOSz8Z6EG8YWTpY7_SPTjNMkE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B1FB2AR/serialNumber=5B524E4B3F19E841BC6164E963BFD23D38CD3241
Validity
Not Before: May 26 19:38:58 2020 GMT
Not After : Dec 31 19:38:58 2030 GMT
Subject: CN=5ecd7057-7e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:59:0e:25:25:54:cc:60:69:68:ab:69:6f:de:
3e:bf:6d:8a:69:02:a5:a0:ff:d9:4e:55:77:00:4b:
4c:9a:09:84:4d:2a:57:6a:f5:cd:3f:4c:23:3a:1d:
70:af:a5:26:82:d8:95:9a:80:65:da:a6:4d:78:39:
8e:76:76:77:bd:84:15:1a:e0:99:3a:83:b9:bb:3f:
c6:a4:9a:34:8f:71:6d:e1:86:8a:6e:2b:0d:73:3b:
a4:ae:a7:fa:91:71:66:4d:45:af:92:46:34:77:ed:
72:76:e7:de:70:73:17:d0:af:f3:6d:5d:a4:bf:b2:
f1:56:69:99:f8:44:8f:30:10:f8:b9:24:92:c2:fd:
11:2c:5d:e2:7a:46:80:d2:ba:57:fa:42:50:89:3b:
c6:d4:99:6a:07:37:4b:d1:1e:e7:bb:a3:f7:b1:1c:
be:e1:3d:e4:b6:7f:85:e6:84:df:78:58:cc:c1:1a:
ec:f6:92:f7:18:ab:9a:24:ac:67:1d:bc:aa:4d:11:
8f:d1:fd:14:01:f0:ae:e6:84:0e:9c:b0:29:e5:05:
a9:71:25:b7:25:23:0c:9b:8e:86:ba:b6:75:bf:3c:
6b:f9:7f:5a:b5:06:d7:83:18:7c:99:4f:42:77:5e:
db:fd:dd:cd:88:76:9e:a2:dc:7c:0c:82:c2:07:59:
a0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:CF:7B:8B:0D:53:09:4A:69:73:2C:ED:8F:59:C0:D6:60:33:67:87
X509v3 Authority Key Identifier:
keyid:5B:52:4E:4B:3F:19:E8:41:BC:61:64:E9:63:BF:D2:3D:38:CD:32:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B1FB2/FBA714029F8311EAB22B3D37F8AEA228/W1JOSz8Z6EG8YWTpY7_SPTjNMkE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/W1JOSz8Z6EG8YWTpY7_SPTjNMkE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B1FB2/FBA714029F8311EAB22B3D37F8AEA228/8DD8A63E9F8811EA9E1CD13BF8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.16.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:4c:7e:41:42:ba:09:15:8f:2c:63:b4:ff:ea:7d:69:a8:b8:
98:49:30:34:c2:5a:5d:92:7d:4b:1f:84:67:f1:a5:4d:28:3e:
44:f6:04:32:aa:50:f3:17:c6:9f:bc:f8:32:67:57:ac:55:e2:
89:03:bd:93:bc:eb:1f:80:69:1e:1e:76:a7:c6:f5:cb:d6:1c:
53:00:64:2f:c7:40:74:8d:ff:a0:c0:25:ec:6c:d2:07:ab:f3:
6d:f5:5c:a7:0a:b6:d5:5c:73:84:ba:2e:d4:bf:78:a2:6b:9f:
7c:f1:65:39:70:8b:d8:34:af:e6:97:7e:4f:77:da:01:0f:fe:
e0:2b:f4:75:35:29:2a:8a:45:13:0c:33:8b:7d:c5:85:91:61:
6f:82:b5:53:23:d3:44:63:5e:36:89:28:02:ef:a5:ab:be:01:
5d:ab:d2:b8:0c:7a:54:32:29:5b:47:8c:ec:5b:ca:57:00:26:
2b:dc:e2:17:93:80:67:2e:b8:0b:9b:93:03:33:9a:6a:f4:04:
a3:3b:92:40:94:9e:a2:93:ae:5e:96:8b:11:78:6f:e6:a3:4a:
7e:df:94:43:10:d2:56:58:a7:3f:fc:b0:22:d7:aa:72:58:ac:
15:f7:30:aa:0a:49:74:1e:2a:27:b5:79:b2:f5:1a:ee:96:71:
af:e9:ab:39
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
MUZCMkFSMTEwLwYDVQQFEyg1QjUyNEU0QjNGMTlFODQxQkM2MTY0RTk2M0JGRDIz
RDM4Q0QzMjQxMB4XDTIwMDUyNjE5Mzg1OFoXDTMwMTIzMTE5Mzg1OFowGDEWMBQG
A1UEAxMNNWVjZDcwNTctN2U0ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhZDiUlVMxgaWiraW/ePr9timkCpaD/2U5VdwBLTJoJhE0qV2r1zT9MIzod
cK+lJoLYlZqAZdqmTXg5jnZ2d72EFRrgmTqDubs/xqSaNI9xbeGGim4rDXM7pK6n
+pFxZk1Fr5JGNHftcnbn3nBzF9Cv821dpL+y8VZpmfhEjzAQ+LkkksL9ESxd4npG
gNK6V/pCUIk7xtSZagc3S9Ee57uj97EcvuE95LZ/heaE33hYzMEa7PaS9xirmiSs
Zx28qk0Rj9H9FAHwruaEDpywKeUFqXEltyUjDJuOhrq2db88a/l/WrUG14MYfJlP
Qnde2/3dzYh2nqLcfAyCwgdZoMUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRiz3uL
DVMJSmlzLO2PWcDWYDNnhzAfBgNVHSMEGDAWgBRbUk5LPxnoQbxhZOljv9I9OM0y
QTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjFGQjIvRkJBNzE0MDI5RjgzMTFFQUIyMkIzRDM3RjhBRUEyMjgvVzFKT1N6
OFo2RUc4WVdUcFk3X1NQVGpOTWtFLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
VzFKT1N6OFo2RUc4WVdUcFk3X1NQVGpOTWtFLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QjFGQjIvRkJBNzE0MDI5RjgzMTFFQUIyMkIzRDM3RjhBRUEy
MjgvOEREOEE2M0U5Rjg4MTFFQTlFMUNEMTNCRjhBRUEyMjgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqnvEDANBgkqhkiG9w0BAQsFAAOC
AQEAjEx+QUK6CRWPLGO0/+p9aai4mEkwNMJaXZJ9Sx+EZ/GlTSg+RPYEMqpQ8xfG
n7z4MmdXrFXiiQO9k7zrH4BpHh52p8b1y9YcUwBkL8dAdI3/oMAl7GzSB6vzbfVc
pwq21VxzhLou1L94omuffPFlOXCL2DSv5pd+T3faAQ/+4Cv0dTUpKopFEwwzi33F
hZFhb4K1UyPTRGNeNokoAu+lq74BXavSuAx6VDIpW0eM7FvKVwAmK9ziF5OAZy64
C5uTAzOaavQEozuSQJSeopOuXpaLEXhv5qNKft+UQxDSVlinP/ywIteqclisFfcw
qgpJdB4qJ7V5svUa7pZxr+mrOQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:20 2024 by rpki-client on console-ams.rpki-client.org