Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/3ECF1FD6C4BF11EE8B2737C5775412E6.roa
File: 3ECF1FD6C4BF11EE8B2737C5775412E6.roa (raw, json)
Hash identifier: 3Te+eK/mIojMdAzwZB8nPJY3HNmC7bWhD0CTw4iHG3c=
Subject key identifier: 28:53:2D:D7:B4:3E:F6:96:15:9D:3C:81:29:07:3B:02:FA:13:2A:8D
Certificate issuer: /CN=F36F9BF2AR/serialNumber=AD33560A35FDC24E32B7E1A479E21B0E896A2B0F
Certificate serial: 031C
Authority key identifier: AD:33:56:0A:35:FD:C2:4E:32:B7:E1:A4:79:E2:1B:0E:89:6A:2B:0F
Authority info access: rsync://rpki.afrinic.net/repository/arin/rTNWCjX9wk4yt-GkeeIbDolqKw8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/3ECF1FD6C4BF11EE8B2737C5775412E6.roa
Signing time: Tue 06 Feb 2024 07:13:37 +0000
ROA not before: Tue 06 Feb 2024 07:13:33 +0000
ROA not after: Thu 31 Dec 2026 07:13:33 +0000
asID: 37154
IP address blocks: 165.56.5.0/24 maxlen: 24
165.56.6.0/24 maxlen: 24
165.56.7.0/24 maxlen: 24
165.56.8.0/24 maxlen: 24
165.56.32.0/24 maxlen: 24
165.56.33.0/24 maxlen: 24
165.56.36.0/24 maxlen: 24
165.56.44.0/24 maxlen: 24
165.56.52.0/24 maxlen: 24
165.56.53.0/24 maxlen: 24
165.56.55.0/24 maxlen: 24
165.56.56.0/24 maxlen: 24
165.56.57.0/24 maxlen: 24
165.56.62.0/24 maxlen: 24
165.56.63.0/24 maxlen: 24
165.56.65.0/24 maxlen: 24
165.57.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/rTNWCjX9wk4yt-GkeeIbDolqKw8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/rTNWCjX9wk4yt-GkeeIbDolqKw8.mft
rsync://rpki.afrinic.net/repository/arin/rTNWCjX9wk4yt-GkeeIbDolqKw8.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 796 (0x31c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F9BF2AR/serialNumber=AD33560A35FDC24E32B7E1A479E21B0E896A2B0F
Validity
Not Before: Feb 6 07:13:33 2024 GMT
Not After : Dec 31 07:13:33 2026 GMT
Subject: CN=65c1dc21-60fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:99:71:9a:ae:4d:60:1c:a0:6b:9d:92:72:4c:
6e:ee:04:c6:34:ad:57:01:b1:ce:33:9d:06:a3:c7:
a4:9f:e7:05:b3:cf:a0:b1:a9:34:2b:73:d0:3e:d4:
ce:a5:b5:b0:f6:b2:33:41:f6:6b:29:97:54:10:4b:
af:c0:53:95:c8:2c:b7:aa:58:ca:a8:2b:6a:58:03:
fc:95:84:7b:30:47:03:67:ad:82:09:c7:e8:fd:02:
f5:aa:54:92:19:3f:cb:90:44:f8:49:fd:64:0d:62:
ad:c2:1a:a8:c0:f5:70:93:f3:12:66:ab:e1:d5:e4:
42:d0:53:a1:56:4f:00:87:cf:4f:1c:5e:5f:83:92:
c0:bc:0c:45:7e:2a:7e:7a:9d:5a:d6:9e:a6:fd:0a:
6d:48:51:46:ca:54:6e:02:ce:21:9e:ab:15:cc:3f:
e7:0a:57:2e:e1:04:df:b0:8f:a8:e0:35:b7:ae:b2:
f3:b4:a7:ac:11:cd:20:75:1b:2a:f5:05:49:3b:32:
a8:ae:68:ef:2e:b8:5c:07:29:07:c0:fe:de:f9:b2:
4d:fe:09:61:fc:90:37:eb:a9:02:8f:54:e0:c6:d2:
c5:c5:84:34:d3:ab:7f:fa:e7:ea:8f:93:c8:40:7f:
0c:11:b4:d0:a6:2f:9e:c4:57:ac:20:2d:47:f9:fd:
ed:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:53:2D:D7:B4:3E:F6:96:15:9D:3C:81:29:07:3B:02:FA:13:2A:8D
X509v3 Authority Key Identifier:
keyid:AD:33:56:0A:35:FD:C2:4E:32:B7:E1:A4:79:E2:1B:0E:89:6A:2B:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/rTNWCjX9wk4yt-GkeeIbDolqKw8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rTNWCjX9wk4yt-GkeeIbDolqKw8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/3ECF1FD6C4BF11EE8B2737C5775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.56.5.0-165.56.8.255
165.56.32.0/23
165.56.36.0/24
165.56.44.0/24
165.56.52.0/23
165.56.55.0-165.56.57.255
165.56.62.0/23
165.56.65.0/24
165.57.81.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:89:26:77:49:b8:a6:6e:01:53:ec:0f:f4:9d:bc:36:6b:5a:
c3:a4:b8:6c:e4:7c:7b:46:c3:a9:a9:42:9b:05:55:ea:22:ea:
e8:9d:51:37:2c:b7:c8:c8:75:f7:a5:5a:f6:6f:5c:6d:ad:60:
1b:b0:75:8d:68:d8:80:e9:2b:fe:31:dd:9b:c9:45:2a:7a:47:
fc:2f:1c:10:f6:14:d5:a4:19:7d:3b:d2:b6:ea:4e:e8:33:a3:
0d:f2:2b:0c:c0:a5:ad:ce:3d:f3:4f:6a:5d:53:48:a1:9a:0a:
07:fe:7d:df:9c:8d:fa:82:a4:8a:0a:8a:2a:73:82:87:71:f1:
c1:3e:f6:be:2d:ee:d2:4d:ba:68:1a:55:4b:a7:be:93:84:ee:
07:85:22:ce:71:36:c5:59:64:de:0f:a7:8f:b2:a9:d5:01:17:
02:fc:a0:e0:59:6c:a1:74:aa:b0:84:19:91:2e:35:70:49:08:
dd:17:f8:af:79:53:94:d5:16:cf:25:c3:10:da:33:20:b6:b0:
45:d9:2c:bf:88:1c:cd:83:84:ab:53:57:26:e3:07:37:44:5a:
e8:a7:bb:36:f7:ed:c9:7f:0a:fc:66:68:79:77:86:81:1f:b8:
3e:57:fa:f2:eb:86:7e:dc:ee:f1:6c:8c:3e:6e:50:57:ce:8a:
3f:8d:0c:39
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgICAxwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjlCRjJBUjExMC8GA1UEBRMoQUQzMzU2MEEzNUZEQzI0RTMyQjdFMUE0NzlFMjFC
MEU4OTZBMkIwRjAeFw0yNDAyMDYwNzEzMzNaFw0yNjEyMzEwNzEzMzNaMBgxFjAU
BgNVBAMTDTY1YzFkYzIxLTYwZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGmXGark1gHKBrnZJyTG7uBMY0rVcBsc4znQajx6Sf5wWzz6CxqTQrc9A+
1M6ltbD2sjNB9mspl1QQS6/AU5XILLeqWMqoK2pYA/yVhHswRwNnrYIJx+j9AvWq
VJIZP8uQRPhJ/WQNYq3CGqjA9XCT8xJmq+HV5ELQU6FWTwCHz08cXl+DksC8DEV+
Kn56nVrWnqb9Cm1IUUbKVG4CziGeqxXMP+cKVy7hBN+wj6jgNbeusvO0p6wRzSB1
Gyr1BUk7MqiuaO8uuFwHKQfA/t75sk3+CWH8kDfrqQKPVODG0sXFhDTTq3/65+qP
k8hAfwwRtNCmL57EV6wgLUf5/e1bAgMBAAGjggLiMIIC3jAdBgNVHQ4EFgQUKFMt
17Q+9pYVnTyBKQc7AvoTKo0wHwYDVR0jBBgwFoAUrTNWCjX9wk4yt+GkeeIbDolq
Kw8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY5QkYyLzVBNjA3MTFBNkZGNzExRUM5NTRCMDdDQTVBNDBENTc3L3JUTldD
alg5d2s0eXQtR2tlZUliRG9scUt3OC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3JUTldDalg5d2s0eXQtR2tlZUliRG9scUt3OC5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkY5QkYyLzVBNjA3MTFBNkZGNzExRUM5NTRCMDdDQTVBNDBE
NTc3LzNFQ0YxRkQ2QzRCRjExRUU4QjI3MzdDNTc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
XwYIKwYBBQUHAQcBAf8EUDBOMEwEAgABMEYwDAMEAKU4BQMEAKU4CAMEAaU4IAME
AKU4JAMEAKU4LAMEAaU4NDAMAwQApTg3AwQBpTg4AwQBpTg+AwQApThBAwQApTlR
MA0GCSqGSIb3DQEBCwUAA4IBAQCfiSZ3SbimbgFT7A/0nbw2a1rDpLhs5Hx7RsOp
qUKbBVXqIuronVE3LLfIyHX3pVr2b1xtrWAbsHWNaNiA6Sv+Md2byUUqekf8LxwQ
9hTVpBl9O9K26k7oM6MN8isMwKWtzj3zT2pdU0ihmgoH/n3fnI36gqSKCooqc4KH
cfHBPva+Le7STbpoGlVLp76ThO4HhSLOcTbFWWTeD6ePsqnVARcC/KDgWWyhdKqw
hBmRLjVwSQjdF/iveVOU1RbPJcMQ2jMgtrBF2Sy/iBzNg4SrU1cm4wc3RFrop7s2
9+3Jfwr8Zmh5d4aBH7g+V/ry64Z+3O7xbIw+blBXzoo/jQw5
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:01 2024 by rpki-client on console-fra.rpki-client.org