Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA5EA/2098930C38B211ED90DB2EDCF1222468/8FD98C2038B311EDAAA5E7DFF1222468.roa
File: 8FD98C2038B311EDAAA5E7DFF1222468.roa (raw, json)
Hash identifier: UXAWeOCC1criU7XL7P2zWbiZAhjMbu4dS0oFzWgmmoM=
Subject key identifier: 53:FA:DD:73:F8:4E:92:C7:3B:CB:03:55:02:31:C9:2A:B5:C2:29:23
Certificate issuer: /CN=F36FA5EAAR/serialNumber=9477F0E475A747F96C56162167F0C16F99C483BB
Certificate serial: 02
Authority key identifier: 94:77:F0:E4:75:A7:47:F9:6C:56:16:21:67:F0:C1:6F:99:C4:83:BB
Authority info access: rsync://rpki.afrinic.net/repository/arin/lHfw5HWnR_lsVhYhZ_DBb5nEg7s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/2098930C38B211ED90DB2EDCF1222468/8FD98C2038B311EDAAA5E7DFF1222468.roa
Signing time: Tue 20 Sep 2022 07:12:18 +0000
ROA not before: Tue 20 Sep 2022 07:12:07 +0000
ROA not after: Sat 20 Sep 2025 07:12:07 +0000
asID: 36909
IP address blocks: 45.221.192.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/2098930C38B211ED90DB2EDCF1222468/lHfw5HWnR_lsVhYhZ_DBb5nEg7s.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/2098930C38B211ED90DB2EDCF1222468/lHfw5HWnR_lsVhYhZ_DBb5nEg7s.mft
rsync://rpki.afrinic.net/repository/arin/lHfw5HWnR_lsVhYhZ_DBb5nEg7s.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 29 May 2024 00:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FA5EAAR/serialNumber=9477F0E475A747F96C56162167F0C16F99C483BB
Validity
Not Before: Sep 20 07:12:07 2022 GMT
Not After : Sep 20 07:12:07 2025 GMT
Subject: CN=632967d2-0954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:75:a6:4e:3a:d9:48:50:a7:8a:0d:21:cd:fd:
10:68:ee:90:ef:dd:e7:33:94:56:19:d2:58:a6:de:
0b:f6:7b:de:7d:7e:ac:64:04:2a:4b:ef:7a:42:52:
78:dd:d4:53:4d:83:66:36:46:26:34:2b:69:f9:b6:
f2:e2:78:8c:06:b5:f9:1d:b7:ec:95:1e:51:80:7e:
0d:a0:18:57:1a:cd:a5:f4:ef:f1:9b:47:3e:61:b5:
a7:eb:c9:62:03:2c:83:83:d2:8c:59:da:8e:98:f2:
eb:0b:ce:0f:f0:f6:89:ff:04:e3:64:6a:31:bb:e0:
ee:14:c3:37:0b:f9:7f:a3:ce:c9:29:bd:54:13:dc:
4d:6d:07:6b:fc:25:9f:45:df:dd:d4:d6:f9:a5:9c:
95:4a:9c:e4:a2:53:5f:90:38:bf:91:7c:a5:1c:d4:
fb:8c:f6:df:54:ef:4e:37:e0:fa:99:aa:9b:12:06:
05:d3:f2:7e:d8:9f:93:30:8c:e6:5c:36:9b:82:4b:
e0:68:cd:68:15:a3:7c:9d:e4:6d:0c:4f:61:7e:12:
c1:56:f0:9c:fc:d0:b0:2e:6f:0c:2b:37:70:5c:5c:
8c:63:56:21:12:8f:d8:4b:88:25:c4:fe:d5:3f:72:
4b:28:b9:1e:8a:8a:d6:63:03:e4:40:3e:b7:e9:fc:
b8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FA:DD:73:F8:4E:92:C7:3B:CB:03:55:02:31:C9:2A:B5:C2:29:23
X509v3 Authority Key Identifier:
keyid:94:77:F0:E4:75:A7:47:F9:6C:56:16:21:67:F0:C1:6F:99:C4:83:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/2098930C38B211ED90DB2EDCF1222468/lHfw5HWnR_lsVhYhZ_DBb5nEg7s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/lHfw5HWnR_lsVhYhZ_DBb5nEg7s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA5EA/2098930C38B211ED90DB2EDCF1222468/8FD98C2038B311EDAAA5E7DFF1222468.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.221.192.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:b1:f7:58:3c:46:1f:73:3b:c6:9c:0c:de:63:7f:fd:a1:0c:
c5:e9:06:ad:b5:62:36:8e:2b:bd:e7:5c:da:d2:ae:c4:00:4b:
f8:b5:88:95:0b:2e:33:95:95:77:f6:cc:6a:d9:a0:57:01:74:
01:7c:e8:95:19:f5:74:48:a3:27:a7:7a:99:86:1d:f7:45:88:
43:5d:6a:f9:bf:6a:88:e3:99:04:b1:b9:64:7b:30:35:39:f7:
e9:a2:ac:41:99:9a:c1:6d:86:ce:52:c8:31:bb:7f:a0:86:e9:
df:f7:1e:2f:28:53:99:a8:73:5d:2b:59:96:b6:83:1a:0d:d1:
e1:5a:d0:32:b3:92:4f:c2:63:ab:4f:00:ea:83:7d:c0:f2:9e:
29:be:b7:50:db:bc:e5:15:b8:33:27:01:7b:b0:c6:3f:2d:73:
25:c1:cf:cc:3a:38:21:4d:d6:6f:13:27:bb:30:9f:21:a5:c7:
0d:7e:68:29:86:bc:58:38:94:fa:49:cd:c2:c9:5a:ed:7d:7e:
74:79:78:08:64:2f:1e:df:b1:62:b0:66:ed:09:f8:b2:8b:a1:
ee:f9:82:8f:84:ef:c9:a7:72:0c:f0:32:d4:38:da:97:2e:fb:
78:c2:52:03:3e:80:b5:fd:17:0c:de:58:ef:a4:73:f5:53:63:
3b:89:f7:73
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZG
QTVFQUFSMTEwLwYDVQQFEyg5NDc3RjBFNDc1QTc0N0Y5NkM1NjE2MjE2N0YwQzE2
Rjk5QzQ4M0JCMB4XDTIyMDkyMDA3MTIwN1oXDTI1MDkyMDA3MTIwN1owGDEWMBQG
A1UEAwwNNjMyOTY3ZDItMDk1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN91pk462UhQp4oNIc39EGjukO/d5zOUVhnSWKbeC/Z73n1+rGQEKkvvekJS
eN3UU02DZjZGJjQrafm28uJ4jAa1+R237JUeUYB+DaAYVxrNpfTv8ZtHPmG1p+vJ
YgMsg4PSjFnajpjy6wvOD/D2if8E42RqMbvg7hTDNwv5f6POySm9VBPcTW0Ha/wl
n0Xf3dTW+aWclUqc5KJTX5A4v5F8pRzU+4z231TvTjfg+pmqmxIGBdPyftifkzCM
5lw2m4JL4GjNaBWjfJ3kbQxPYX4SwVbwnPzQsC5vDCs3cFxcjGNWIRKP2EuIJcT+
1T9ySyi5HoqK1mMD5EA+t+n8uL0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRT+t1z
+E6SxzvLA1UCMckqtcIpIzAfBgNVHSMEGDAWgBSUd/DkdadH+WxWFiFn8MFvmcSD
uzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkE1RUEvMjA5ODkzMEMzOEIyMTFFRDkwREIyRURDRjEyMjI0NjgvbEhmdzVI
V25SX2xzVmhZaFpfREJiNW5FZzdzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
bEhmdzVIV25SX2xzVmhZaFpfREJiNW5FZzdzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2RkE1RUEvMjA5ODkzMEMzOEIyMTFFRDkwREIyRURDRjEyMjI0
NjgvOEZEOThDMjAzOEIzMTFFREFBQTVFN0RGRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy3dwDANBgkqhkiG9w0BAQsFAAOC
AQEAobH3WDxGH3M7xpwM3mN//aEMxekGrbViNo4rvedc2tKuxABL+LWIlQsuM5WV
d/bMatmgVwF0AXzolRn1dEijJ6d6mYYd90WIQ11q+b9qiOOZBLG5ZHswNTn36aKs
QZmawW2GzlLIMbt/oIbp3/ceLyhTmahzXStZlraDGg3R4VrQMrOST8Jjq08A6oN9
wPKeKb63UNu85RW4MycBe7DGPy1zJcHPzDo4IU3WbxMnuzCfIaXHDX5oKYa8WDiU
+knNwsla7X1+dHl4CGQvHt+xYrBm7Qn4souh7vmCj4TvyadyDPAy1Djaly77eMJS
Az6Atf0XDN5Y76Rz9VNjO4n3cw==
-----END CERTIFICATE-----
Generated at Mon May 27 05:03:44 2024 by rpki-client on console-ams.rpki-client.org