Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C11E4/27C53A0883AD11EE98E566324AD9E6FC/DCA06BE083AE11EE861B88374AD9E6FC.roa
File: DCA06BE083AE11EE861B88374AD9E6FC.roa (raw, json)
Hash identifier: 9vkj+XPNGesFwVW815jiX1HMcnZSf46ECccXSGVK764=
Subject key identifier: 87:63:48:2F:44:17:CA:6A:BF:78:1E:FB:76:94:DB:FF:0D:3A:D1:16
Certificate issuer: /CN=F36C11E4AR/serialNumber=1D272E7593565ACA3DB486EFBDD01F197454C983
Certificate serial: 02
Authority key identifier: 1D:27:2E:75:93:56:5A:CA:3D:B4:86:EF:BD:D0:1F:19:74:54:C9:83
Authority info access: rsync://rpki.afrinic.net/repository/arin/HScudZNWWso9tIbvvdAfGXRUyYM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/27C53A0883AD11EE98E566324AD9E6FC/DCA06BE083AE11EE861B88374AD9E6FC.roa
Signing time: Wed 15 Nov 2023 12:02:35 +0000
ROA not before: Wed 15 Nov 2023 12:02:30 +0000
ROA not after: Mon 17 Nov 2025 12:02:30 +0000
asID: 328169
IP address blocks: 165.73.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/27C53A0883AD11EE98E566324AD9E6FC/HScudZNWWso9tIbvvdAfGXRUyYM.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/27C53A0883AD11EE98E566324AD9E6FC/HScudZNWWso9tIbvvdAfGXRUyYM.mft
rsync://rpki.afrinic.net/repository/arin/HScudZNWWso9tIbvvdAfGXRUyYM.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C11E4AR/serialNumber=1D272E7593565ACA3DB486EFBDD01F197454C983
Validity
Not Before: Nov 15 12:02:30 2023 GMT
Not After : Nov 17 12:02:30 2025 GMT
Subject: CN=6554b35a-6a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:df:d7:df:8c:fd:21:bd:7b:01:08:ae:23:ba:
c1:4f:2d:38:0c:c3:55:55:3a:48:55:aa:a1:7d:e4:
0e:ba:63:af:a0:72:8a:a4:68:b3:14:cc:5f:38:4c:
0b:41:85:73:34:b4:c4:d7:c6:7e:2d:7a:eb:de:ba:
d6:b8:d7:be:5b:44:50:d2:7c:5e:35:f9:df:3a:18:
72:34:80:68:7f:30:5a:0a:b4:c2:86:d6:da:37:79:
1e:04:d9:15:61:e1:22:0f:75:23:87:1c:ad:78:ff:
c9:bb:7d:9c:03:e2:24:71:ee:f0:30:1f:f5:39:fe:
bc:f1:35:e6:4d:b9:65:5a:74:6f:90:a6:b0:ee:08:
35:ea:bb:ba:84:43:d1:17:d1:44:ad:52:16:22:88:
13:00:21:8e:ef:44:66:99:15:a4:3e:9c:e7:86:4f:
00:01:36:e1:2b:83:44:ef:35:65:9d:e2:6c:ef:40:
bf:29:89:87:97:71:ec:22:d6:ce:ee:e9:5c:3c:d8:
81:ec:93:83:50:ba:c6:9a:3f:2d:bc:68:65:77:9e:
91:c9:3a:72:38:fd:75:f2:10:04:a6:2e:40:12:71:
62:70:01:d9:4f:10:f8:57:07:16:a9:30:d5:f7:92:
fb:73:5d:e9:db:8f:8e:0a:45:21:dc:cf:bb:1d:81:
2f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:63:48:2F:44:17:CA:6A:BF:78:1E:FB:76:94:DB:FF:0D:3A:D1:16
X509v3 Authority Key Identifier:
keyid:1D:27:2E:75:93:56:5A:CA:3D:B4:86:EF:BD:D0:1F:19:74:54:C9:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/27C53A0883AD11EE98E566324AD9E6FC/HScudZNWWso9tIbvvdAfGXRUyYM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/HScudZNWWso9tIbvvdAfGXRUyYM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C11E4/27C53A0883AD11EE98E566324AD9E6FC/DCA06BE083AE11EE861B88374AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.73.132.0/22
Signature Algorithm: sha256WithRSAEncryption
10:e6:22:07:9d:1d:ea:ec:49:32:d3:58:b5:99:c3:a0:39:1a:
88:5f:3f:2c:18:00:20:a1:10:4d:3f:04:5b:e6:be:3f:f9:1b:
5a:2f:5c:a4:fa:b4:84:18:e2:8d:a0:a7:78:3c:77:b1:95:9e:
c8:27:37:50:71:6d:d2:70:10:66:77:e8:31:87:e6:8c:f8:3d:
e0:52:6b:3b:15:84:d2:36:38:a9:c9:a1:36:b8:ac:04:d8:bf:
6c:0b:5a:a5:55:82:64:f0:4a:db:a7:54:a1:8f:85:92:37:bd:
39:bf:79:4e:e8:ac:78:76:7e:8b:aa:0e:bd:3f:58:88:3f:19:
c4:8d:4e:33:9b:fd:a3:8a:78:95:23:e8:78:26:d4:67:b5:94:
07:c2:1b:14:cc:b4:99:e6:ae:a0:f4:62:cd:ea:c9:09:9a:a5:
da:f0:6d:3c:4f:bb:0b:cb:5d:35:c5:8a:a1:5d:dd:5e:3c:f3:
be:b8:cc:a4:03:4a:25:56:01:a4:0a:49:89:62:78:d9:83:7f:
ce:c7:50:15:c2:2f:d0:d6:38:b7:f2:6c:94:8c:fe:2e:42:3f:
05:0b:7f:17:83:d8:5f:e4:f8:dd:7b:25:2d:ff:0c:3f:07:2a:
51:ec:59:73:f2:e7:18:79:8b:bc:8e:eb:a3:81:a2:e1:59:15:
f2:d7:9d:ac
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MTFFNEFSMTEwLwYDVQQFEygxRDI3MkU3NTkzNTY1QUNBM0RCNDg2RUZCREQwMUYx
OTc0NTRDOTgzMB4XDTIzMTExNTEyMDIzMFoXDTI1MTExNzEyMDIzMFowGDEWMBQG
A1UEAxMNNjU1NGIzNWEtNmEzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzf19+M/SG9ewEIriO6wU8tOAzDVVU6SFWqoX3kDrpjr6ByiqRosxTMXzhM
C0GFczS0xNfGfi1669661rjXvltEUNJ8XjX53zoYcjSAaH8wWgq0wobW2jd5HgTZ
FWHhIg91I4ccrXj/ybt9nAPiJHHu8DAf9Tn+vPE15k25ZVp0b5CmsO4INeq7uoRD
0RfRRK1SFiKIEwAhju9EZpkVpD6c54ZPAAE24SuDRO81ZZ3ibO9AvymJh5dx7CLW
zu7pXDzYgeyTg1C6xpo/LbxoZXeekck6cjj9dfIQBKYuQBJxYnAB2U8Q+FcHFqkw
1feS+3Nd6duPjgpFIdzPux2BLykCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSHY0gv
RBfKar94Hvt2lNv/DTrRFjAfBgNVHSMEGDAWgBQdJy51k1Zayj20hu+90B8ZdFTJ
gzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzExRTQvMjdDNTNBMDg4M0FEMTFFRTk4RTU2NjMyNEFEOUU2RkMvSFNjdWRa
TldXc285dElidnZkQWZHWFJVeVlNLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SFNjdWRaTldXc285dElidnZkQWZHWFJVeVlNLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QzExRTQvMjdDNTNBMDg4M0FEMTFFRTk4RTU2NjMyNEFEOUU2
RkMvRENBMDZCRTA4M0FFMTFFRTg2MUI4ODM3NEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqVJhDANBgkqhkiG9w0BAQsFAAOC
AQEAEOYiB50d6uxJMtNYtZnDoDkaiF8/LBgAIKEQTT8EW+a+P/kbWi9cpPq0hBji
jaCneDx3sZWeyCc3UHFt0nAQZnfoMYfmjPg94FJrOxWE0jY4qcmhNrisBNi/bAta
pVWCZPBK26dUoY+Fkje9Ob95TuiseHZ+i6oOvT9YiD8ZxI1OM5v9o4p4lSPoeCbU
Z7WUB8IbFMy0meauoPRizerJCZql2vBtPE+7C8tdNcWKoV3dXjzzvrjMpANKJVYB
pApJiWJ42YN/zsdQFcIv0NY4t/JslIz+LkI/BQt/F4PYX+T43XslLf8MPwcqUexZ
c/LnGHmLvI7ro4Gi4VkV8tedrA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:23 2024 by rpki-client on console-ams.rpki-client.org