Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BE2ED/19A7824C97DF11EDB95645F3F1222468/B4A262BA97E111EDBE23EF7CF1222468.roa
File: B4A262BA97E111EDBE23EF7CF1222468.roa (raw, json)
Hash identifier: oz3acEqmAFW6Q64G1pO2mcOXINAlKbbqHe9mAvDeW6I=
Subject key identifier: 6F:C6:BA:FD:0E:35:DF:BF:3B:67:18:BB:ED:C5:FD:D4:52:C5:FE:CA
Certificate issuer: /CN=F36BE2EDAR/serialNumber=65D295CF54478DF85AD64AEA90668BC4114FD33E
Certificate serial: 02
Authority key identifier: 65:D2:95:CF:54:47:8D:F8:5A:D6:4A:EA:90:66:8B:C4:11:4F:D3:3E
Authority info access: rsync://rpki.afrinic.net/repository/arin/ZdKVz1RHjfha1krqkGaLxBFP0z4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/19A7824C97DF11EDB95645F3F1222468/B4A262BA97E111EDBE23EF7CF1222468.roa
Signing time: Thu 19 Jan 2023 10:11:57 +0000
ROA not before: Thu 19 Jan 2023 10:11:46 +0000
ROA not after: Sat 31 Dec 2033 10:11:46 +0000
asID: 33779
IP address blocks: 168.253.96.0/20 maxlen: 27
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/19A7824C97DF11EDB95645F3F1222468/ZdKVz1RHjfha1krqkGaLxBFP0z4.crl
rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/19A7824C97DF11EDB95645F3F1222468/ZdKVz1RHjfha1krqkGaLxBFP0z4.mft
rsync://rpki.afrinic.net/repository/arin/ZdKVz1RHjfha1krqkGaLxBFP0z4.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 27 May 2024 00:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36BE2EDAR/serialNumber=65D295CF54478DF85AD64AEA90668BC4114FD33E
Validity
Not Before: Jan 19 10:11:46 2023 GMT
Not After : Dec 31 10:11:46 2033 GMT
Subject: CN=63c9176d-7c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1f:7b:b4:42:d5:21:79:03:fd:77:d6:66:f4:
3e:b9:6a:18:18:eb:0d:c1:a1:59:57:08:90:df:57:
9a:5d:e4:e6:33:dc:b1:83:9a:83:6a:ad:70:86:ab:
6e:3d:2b:11:d9:b5:cb:34:90:a5:b2:df:2d:4d:01:
1a:73:a2:3d:49:be:32:97:41:bb:21:d8:20:43:9e:
6c:27:78:f3:64:43:e1:7d:fe:77:ab:40:d6:dc:0f:
5b:de:a1:60:09:d5:ce:5c:da:6c:63:46:f1:77:48:
bf:65:bf:5b:0b:e9:d6:b9:18:e5:29:57:1f:e6:67:
dc:e2:7c:49:1e:50:6e:9a:ac:21:09:53:a3:eb:0b:
44:e3:b4:7d:5a:27:04:1b:39:78:ba:c0:ea:98:d0:
35:44:62:08:4a:8f:cb:6d:a9:f9:56:a1:46:bf:84:
31:41:46:ff:4e:09:db:19:37:88:3d:82:80:8e:8a:
91:44:c6:6b:1f:90:47:a7:c1:25:63:95:8d:0a:31:
68:a6:52:66:0c:47:b3:22:9e:e9:44:02:91:27:7e:
f1:11:04:25:02:66:70:01:cd:5b:d2:68:7f:56:2c:
84:5f:78:cf:35:37:26:86:f9:4d:ef:2d:d9:1d:d0:
29:26:52:b4:82:7f:72:63:77:48:07:0b:44:cc:8e:
6a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C6:BA:FD:0E:35:DF:BF:3B:67:18:BB:ED:C5:FD:D4:52:C5:FE:CA
X509v3 Authority Key Identifier:
keyid:65:D2:95:CF:54:47:8D:F8:5A:D6:4A:EA:90:66:8B:C4:11:4F:D3:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/19A7824C97DF11EDB95645F3F1222468/ZdKVz1RHjfha1krqkGaLxBFP0z4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/ZdKVz1RHjfha1krqkGaLxBFP0z4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BE2ED/19A7824C97DF11EDB95645F3F1222468/B4A262BA97E111EDBE23EF7CF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.253.96.0/20
Signature Algorithm: sha256WithRSAEncryption
41:5a:93:67:c6:5e:36:35:8b:9f:96:6b:a4:18:6a:84:b3:94:
f5:a8:86:3f:a8:c4:7d:58:37:47:d0:f1:32:b7:91:e1:12:2d:
58:c6:e5:ee:ce:29:04:9c:6e:10:65:32:ab:c2:70:5a:b3:1e:
59:3d:78:75:c2:30:b4:d3:5f:d4:31:9f:7c:97:11:8e:0d:6f:
14:ed:f7:0f:5f:31:15:5d:62:06:c2:91:53:ef:84:be:90:5d:
29:ad:6d:5c:fb:0f:83:ba:b7:20:a2:c9:68:81:83:88:d2:fa:
96:74:3d:62:e7:a8:e3:8d:61:a6:76:a9:5e:11:36:c6:86:e4:
c9:69:1e:05:d9:59:0d:64:e2:64:2e:ca:76:89:bb:21:39:6c:
9a:0a:19:43:13:a4:8d:4a:99:32:75:0c:fe:71:8c:3b:b2:24:
6f:bb:4c:48:69:b4:1b:7c:bc:54:1b:65:7f:ca:2e:68:47:ee:
50:40:76:5c:ec:15:6a:a9:5d:88:ce:7c:94:92:a8:ec:1d:a7:
be:77:59:f0:35:7f:fc:49:4a:32:cb:bf:65:8f:88:ab:c8:0e:
90:ce:87:89:29:c8:b7:c7:37:9f:1a:68:dd:81:c3:d1:cc:b4:
5b:e3:be:cc:87:7f:bd:1e:8f:55:be:03:4d:4a:cf:8d:80:17:
8f:6c:71:ae
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZC
RTJFREFSMTEwLwYDVQQFEyg2NUQyOTVDRjU0NDc4REY4NUFENjRBRUE5MDY2OEJD
NDExNEZEMzNFMB4XDTIzMDExOTEwMTE0NloXDTMzMTIzMTEwMTE0NlowGDEWMBQG
A1UEAwwNNjNjOTE3NmQtN2MzZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkfe7RC1SF5A/131mb0PrlqGBjrDcGhWVcIkN9Xml3k5jPcsYOag2qtcIar
bj0rEdm1yzSQpbLfLU0BGnOiPUm+MpdBuyHYIEOebCd482RD4X3+d6tA1twPW96h
YAnVzlzabGNG8XdIv2W/Wwvp1rkY5SlXH+Zn3OJ8SR5QbpqsIQlTo+sLROO0fVon
BBs5eLrA6pjQNURiCEqPy22p+VahRr+EMUFG/04J2xk3iD2CgI6KkUTGax+QR6fB
JWOVjQoxaKZSZgxHsyKe6UQCkSd+8REEJQJmcAHNW9Jof1YshF94zzU3Job5Te8t
2R3QKSZStIJ/cmN3SAcLRMyOal0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRvxrr9
DjXfvztnGLvtxf3UUsX+yjAfBgNVHSMEGDAWgBRl0pXPVEeN+FrWSuqQZovEEU/T
PjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkUyRUQvMTlBNzgyNEM5N0RGMTFFREI5NTY0NUYzRjEyMjI0NjgvWmRLVnox
UkhqZmhhMWtycWtHYUx4QkZQMHo0LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
WmRLVnoxUkhqZmhhMWtycWtHYUx4QkZQMHo0LmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QkUyRUQvMTlBNzgyNEM5N0RGMTFFREI5NTY0NUYzRjEyMjI0
NjgvQjRBMjYyQkE5N0UxMTFFREJFMjNFRjdDRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBKj9YDANBgkqhkiG9w0BAQsFAAOC
AQEAQVqTZ8ZeNjWLn5ZrpBhqhLOU9aiGP6jEfVg3R9DxMreR4RItWMbl7s4pBJxu
EGUyq8JwWrMeWT14dcIwtNNf1DGffJcRjg1vFO33D18xFV1iBsKRU++EvpBdKa1t
XPsPg7q3IKLJaIGDiNL6lnQ9Yueo441hpnapXhE2xobkyWkeBdlZDWTiZC7Kdom7
ITlsmgoZQxOkjUqZMnUM/nGMO7Ikb7tMSGm0G3y8VBtlf8ouaEfuUEB2XOwVaqld
iM58lJKo7B2nvndZ8DV//ElKMsu/ZY+Iq8gOkM6HiSnIt8c3nxpo3YHD0cy0W+O+
zId/vR6PVb4DTUrPjYAXj2xxrg==
-----END CERTIFICATE-----
Generated at Sat May 25 03:05:55 2024 by rpki-client on console-fra.rpki-client.org