Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D5F5A/3AB9187EDAA611ED9B1E00C52F6D8C1D/9BC3F98C6BB811EFBD7EDC40762E951A.roa
File: 9BC3F98C6BB811EFBD7EDC40762E951A.roa (raw, json)
Hash identifier: oM2MhvhIjECKQQKviSvKd0xtECqaKzO3eY40jsGYaaQ=
Subject key identifier: 9F:57:3C:89:3E:61:68:8B:DF:CA:FD:74:B3:A0:80:2F:37:FF:0A:5E
Certificate issuer: /CN=F36D5F5AAR/serialNumber=5EEA5A2FE72F434285F818B682302D9BC2AD44BF
Certificate serial: 0214
Authority key identifier: 5E:EA:5A:2F:E7:2F:43:42:85:F8:18:B6:82:30:2D:9B:C2:AD:44:BF
Authority info access: rsync://rpki.afrinic.net/repository/arin/XupaL-cvQ0KF-Bi2gjAtm8KtRL8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D5F5A/3AB9187EDAA611ED9B1E00C52F6D8C1D/9BC3F98C6BB811EFBD7EDC40762E951A.roa
Signing time: Thu 05 Sep 2024 18:56:51 +0000
ROA not before: Thu 05 Sep 2024 18:56:47 +0000
ROA not after: Fri 05 Sep 2025 18:56:47 +0000
asID: 37276
IP address blocks: 168.253.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D5F5A/3AB9187EDAA611ED9B1E00C52F6D8C1D/XupaL-cvQ0KF-Bi2gjAtm8KtRL8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D5F5A/3AB9187EDAA611ED9B1E00C52F6D8C1D/XupaL-cvQ0KF-Bi2gjAtm8KtRL8.mft
rsync://rpki.afrinic.net/repository/arin/XupaL-cvQ0KF-Bi2gjAtm8KtRL8.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 532 (0x214)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D5F5AAR/serialNumber=5EEA5A2FE72F434285F818B682302D9BC2AD44BF
Validity
Not Before: Sep 5 18:56:47 2024 GMT
Not After : Sep 5 18:56:47 2025 GMT
Subject: CN=66d9fef2-d78c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b3:69:70:54:9f:86:64:f2:7b:b2:3a:75:98:
d1:63:5d:7c:06:3b:22:23:5a:e5:99:b8:69:3f:d3:
76:27:14:d9:f6:95:db:da:35:48:40:ba:7d:31:db:
04:81:cc:57:fd:dd:fa:5f:84:cb:6e:90:5e:b5:69:
b3:76:e4:cb:a4:40:7e:07:5f:e7:60:16:51:7c:4d:
b6:4d:98:b7:ee:7d:bf:10:b9:06:bc:d6:41:cf:cb:
c2:b1:2c:56:6c:1a:39:de:ab:ee:a3:62:64:f1:62:
47:dc:b9:6b:83:25:03:3a:7d:ce:a7:d4:ca:17:48:
65:cc:70:ba:c3:3a:0d:84:cc:85:a9:af:ba:8b:22:
3b:04:6f:f5:43:6f:6b:bb:97:c2:fa:1d:2f:b3:f3:
a2:8e:2c:fe:20:c6:c4:e0:0f:64:8d:22:ef:7a:16:
f5:05:c6:65:9b:66:b7:66:15:a6:fe:f2:12:f6:7b:
d4:32:d2:a4:6e:4f:83:9d:b9:ef:d2:dd:4a:53:9c:
9e:5d:35:ee:b9:d0:40:93:72:69:7c:de:b5:b5:ad:
c4:a3:b5:60:88:d6:fc:1d:d5:88:37:8c:38:52:03:
79:b3:71:40:49:ac:fe:b0:f6:b4:67:b8:46:6a:f8:
6e:06:ff:54:7c:93:ba:72:1a:5c:4c:d1:53:6f:9a:
9f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:57:3C:89:3E:61:68:8B:DF:CA:FD:74:B3:A0:80:2F:37:FF:0A:5E
X509v3 Authority Key Identifier:
keyid:5E:EA:5A:2F:E7:2F:43:42:85:F8:18:B6:82:30:2D:9B:C2:AD:44:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D5F5A/3AB9187EDAA611ED9B1E00C52F6D8C1D/XupaL-cvQ0KF-Bi2gjAtm8KtRL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/XupaL-cvQ0KF-Bi2gjAtm8KtRL8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D5F5A/3AB9187EDAA611ED9B1E00C52F6D8C1D/9BC3F98C6BB811EFBD7EDC40762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.253.192.0/20
Signature Algorithm: sha256WithRSAEncryption
b7:2e:cf:83:63:f6:ad:67:6d:be:6b:a9:7c:06:8e:2f:de:f1:
1c:2a:bb:06:16:a1:c6:87:e6:f5:95:d0:eb:c8:78:e4:59:f8:
d2:ff:82:c7:e3:6e:e6:6a:77:46:3c:ae:72:1b:5e:d2:eb:ca:
c3:f9:bb:31:c2:e7:38:b8:6a:ac:40:16:13:a0:81:e9:b9:5e:
6c:42:2b:c5:09:0d:2b:a3:bb:3a:0d:b4:2d:65:bd:12:34:62:
7f:2f:2c:50:8a:19:8a:34:58:b3:b9:ff:27:15:75:83:6e:6c:
dc:9e:bb:42:18:9e:86:fe:e5:ec:08:8a:91:50:7c:a7:2d:18:
5c:e7:36:21:d3:6b:44:f4:8e:76:ff:44:58:99:53:6e:63:6c:
25:cc:97:39:db:96:2a:c7:23:9e:9b:25:66:18:c9:3b:36:63:
9a:bd:b1:cb:53:78:2f:c4:32:bb:c4:3c:9c:de:13:67:33:fe:
a9:8b:da:3f:80:34:78:bf:4d:1c:0d:19:44:c3:ef:ff:57:e4:
d1:16:ff:ef:44:45:73:37:65:01:ac:5a:60:a0:44:23:23:be:
cb:73:91:0b:e8:05:97:96:30:b5:ca:cd:78:21:18:27:2d:04:
4f:5e:0b:93:d0:18:c2:ef:b8:98:f4:1b:90:cb:2c:5e:70:0a:
3e:0c:99:fc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAhQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDVGNUFBUjExMC8GA1UEBRMoNUVFQTVBMkZFNzJGNDM0Mjg1RjgxOEI2ODIzMDJE
OUJDMkFENDRCRjAeFw0yNDA5MDUxODU2NDdaFw0yNTA5MDUxODU2NDdaMBgxFjAU
BgNVBAMTDTY2ZDlmZWYyLWQ3OGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9s2lwVJ+GZPJ7sjp1mNFjXXwGOyIjWuWZuGk/03YnFNn2ldvaNUhAun0x
2wSBzFf93fpfhMtukF61abN25MukQH4HX+dgFlF8TbZNmLfufb8QuQa81kHPy8Kx
LFZsGjneq+6jYmTxYkfcuWuDJQM6fc6n1MoXSGXMcLrDOg2EzIWpr7qLIjsEb/VD
b2u7l8L6HS+z86KOLP4gxsTgD2SNIu96FvUFxmWbZrdmFab+8hL2e9Qy0qRuT4Od
ue/S3UpTnJ5dNe650ECTcml83rW1rcSjtWCI1vwd1Yg3jDhSA3mzcUBJrP6w9rRn
uEZq+G4G/1R8k7pyGlxM0VNvmp8lAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUn1c8
iT5haIvfyv10s6CALzf/Cl4wHwYDVR0jBBgwFoAUXupaL+cvQ0KF+Bi2gjAtm8Kt
RL8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQ1RjVBLzNBQjkxODdFREFBNjExRUQ5QjFFMDBDNTJGNkQ4QzFEL1h1cGFM
LWN2UTBLRi1CaTJnakF0bThLdFJMOC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1h1cGFMLWN2UTBLRi1CaTJnakF0bThLdFJMOC5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkQ1RjVBLzNBQjkxODdFREFBNjExRUQ5QjFFMDBDNTJGNkQ4
QzFELzlCQzNGOThDNkJCODExRUZCRDdFREM0MDc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASo/cAwDQYJKoZIhvcNAQELBQAD
ggEBALcuz4Nj9q1nbb5rqXwGji/e8RwquwYWocaH5vWV0OvIeORZ+NL/gsfjbuZq
d0Y8rnIbXtLrysP5uzHC5zi4aqxAFhOggem5XmxCK8UJDSujuzoNtC1lvRI0Yn8v
LFCKGYo0WLO5/ycVdYNubNyeu0IYnob+5ewIipFQfKctGFznNiHTa0T0jnb/RFiZ
U25jbCXMlznblirHI56bJWYYyTs2Y5q9sctTeC/EMrvEPJzeE2cz/qmL2j+ANHi/
TRwNGUTD7/9X5NEW/+9ERXM3ZQGsWmCgRCMjvstzkQvoBZeWMLXKzXghGCctBE9e
C5PQGMLvuJj0G5DLLF5wCj4Mmfw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org