Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/1E3F561E8B1A11EBB0DA3D71F8AEA228.roa
File: 1E3F561E8B1A11EBB0DA3D71F8AEA228.roa (raw, json)
Hash identifier: Cpd4zmkYKicudOUgZJe6/OaQ296nySd++X2fdJd/rUU=
Subject key identifier: 6D:A5:C3:6D:E0:52:9C:7F:D8:B9:43:5C:FF:7C:C3:29:F0:7A:69:37
Certificate issuer: /CN=F36FBB68AR/serialNumber=DDEF51C8A0FF85505D9E0E6FFA02276C2A55AEE8
Certificate serial: 38
Authority key identifier: DD:EF:51:C8:A0:FF:85:50:5D:9E:0E:6F:FA:02:27:6C:2A:55:AE:E8
Authority info access: rsync://rpki.afrinic.net/repository/arin/3e9RyKD_hVBdng5v-gInbCpVrug.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/1E3F561E8B1A11EBB0DA3D71F8AEA228.roa
Signing time: Mon 22 Mar 2021 14:23:06 +0000
ROA not before: Mon 22 Mar 2021 14:22:54 +0000
ROA not after: Mon 31 Mar 2031 14:22:54 +0000
asID: 37575
IP address blocks: 169.239.12.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/3e9RyKD_hVBdng5v-gInbCpVrug.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/3e9RyKD_hVBdng5v-gInbCpVrug.mft
rsync://rpki.afrinic.net/repository/arin/3e9RyKD_hVBdng5v-gInbCpVrug.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56 (0x38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FBB68AR/serialNumber=DDEF51C8A0FF85505D9E0E6FFA02276C2A55AEE8
Validity
Not Before: Mar 22 14:22:54 2021 GMT
Not After : Mar 31 14:22:54 2031 GMT
Subject: CN=6058a84a-cbdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cd:19:d1:23:23:cf:99:3d:fb:47:fa:e8:ac:
dc:89:fb:24:e8:22:7f:a8:23:06:0e:6a:d0:3f:c8:
0f:f6:b2:e3:b2:87:e0:dc:17:34:7a:cf:2b:1b:6b:
0a:d7:54:04:2a:7e:66:30:c2:48:a7:8d:95:5f:bb:
a0:e5:30:24:43:25:45:5f:b3:5f:82:fb:e2:fb:60:
41:5b:e6:6e:21:cf:25:c7:a9:fc:60:ae:43:4d:0c:
2a:58:7f:28:f1:e0:9e:5c:e3:6b:63:61:46:95:82:
4a:f3:ec:e9:87:10:27:25:56:8a:b0:3e:e8:14:1c:
59:84:a0:97:80:29:ea:08:16:eb:88:95:76:30:a2:
f6:57:32:e5:27:3d:44:ac:99:ec:8d:b5:13:d6:15:
10:d8:71:e6:71:a2:70:8f:5d:a3:9c:b2:91:39:3c:
ca:9f:3f:56:79:56:b6:6f:3e:54:ed:7d:f6:a1:27:
45:8c:a0:7b:b8:77:aa:72:ce:e9:3f:c2:f3:4f:41:
e7:01:00:06:e3:7a:9c:3b:6a:2d:b4:bc:e7:13:c8:
aa:00:31:fe:6f:f6:e2:cb:b6:26:a9:90:0c:db:a3:
c1:bb:28:78:b5:f4:df:04:ed:84:8b:37:78:0a:64:
54:b2:d7:cc:1f:83:96:00:12:3b:16:34:10:62:3c:
bb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A5:C3:6D:E0:52:9C:7F:D8:B9:43:5C:FF:7C:C3:29:F0:7A:69:37
X509v3 Authority Key Identifier:
keyid:DD:EF:51:C8:A0:FF:85:50:5D:9E:0E:6F:FA:02:27:6C:2A:55:AE:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/3e9RyKD_hVBdng5v-gInbCpVrug.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/3e9RyKD_hVBdng5v-gInbCpVrug.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/1E3F561E8B1A11EBB0DA3D71F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.12.0/22
Signature Algorithm: sha256WithRSAEncryption
08:9c:5d:de:6c:74:9a:d2:2c:26:58:6b:85:f7:2f:2c:51:9b:
50:76:9b:29:2c:d9:ed:11:2e:56:64:5f:b3:b6:84:d0:e1:c1:
11:73:be:db:76:97:6c:b7:28:0c:8e:a1:3b:b2:a0:fd:fb:62:
f3:f0:ba:eb:ce:ab:4c:01:0a:34:e2:53:70:7c:61:88:e7:9d:
ff:49:c9:d2:68:19:a1:0c:d8:df:cd:10:19:93:6b:11:f1:4c:
6a:f4:bb:cd:b4:e8:97:0b:08:90:3f:78:ee:a7:2e:b2:41:0f:
e2:fd:d6:72:5c:bf:93:38:28:d2:3b:87:2c:96:32:79:a9:15:
85:0d:ae:f1:72:21:e9:77:00:b4:97:d3:ef:fe:f6:56:4a:ca:
1a:d9:a9:37:d6:b8:39:e2:8a:41:0b:5a:b8:ec:65:c7:b0:6f:
63:5c:8b:84:31:68:dc:45:90:be:ec:38:49:c9:52:12:91:75:
09:89:de:7c:0e:85:aa:54:74:4e:c1:02:92:b0:76:ef:96:fa:
ae:76:78:b5:af:ee:c6:25:43:4b:b5:4b:f3:9f:6e:68:06:c8:
67:5b:0b:df:8d:6d:09:39:7b:56:20:c5:cc:66:9b:0b:9f:72:
34:4f:40:90:ba:fb:05:1c:dc:14:44:d5:7a:4b:04:fa:d5:df:
84:42:cd:85
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBODANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QkI2OEFSMTEwLwYDVQQFEyhEREVGNTFDOEEwRkY4NTUwNUQ5RTBFNkZGQTAyMjc2
QzJBNTVBRUU4MB4XDTIxMDMyMjE0MjI1NFoXDTMxMDMzMTE0MjI1NFowGDEWMBQG
A1UEAxMNNjA1OGE4NGEtY2JkZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXNGdEjI8+ZPftH+uis3In7JOgif6gjBg5q0D/ID/ay47KH4NwXNHrPKxtr
CtdUBCp+ZjDCSKeNlV+7oOUwJEMlRV+zX4L74vtgQVvmbiHPJcep/GCuQ00MKlh/
KPHgnlzja2NhRpWCSvPs6YcQJyVWirA+6BQcWYSgl4Ap6ggW64iVdjCi9lcy5Sc9
RKyZ7I21E9YVENhx5nGicI9do5yykTk8yp8/VnlWtm8+VO199qEnRYyge7h3qnLO
6T/C809B5wEABuN6nDtqLbS85xPIqgAx/m/24su2JqmQDNujwbsoeLX03wTthIs3
eApkVLLXzB+DlgASOxY0EGI8u48CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRtpcNt
4FKcf9i5Q1z/fMMp8HppNzAfBgNVHSMEGDAWgBTd71HIoP+FUF2eDm/6AidsKlWu
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkJCNjgvRUVCRDExREU3NjczMTFFQjkyNTQ4QTZERjhBRUEyMjgvM2U5UnlL
RF9oVkJkbmc1di1nSW5iQ3BWcnVnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
M2U5UnlLRF9oVkJkbmc1di1nSW5iQ3BWcnVnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2RkJCNjgvRUVCRDExREU3NjczMTFFQjkyNTQ4QTZERjhBRUEy
MjgvMUUzRjU2MUU4QjFBMTFFQkIwREEzRDcxRjhBRUEyMjgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqnvDDANBgkqhkiG9w0BAQsFAAOC
AQEACJxd3mx0mtIsJlhrhfcvLFGbUHabKSzZ7REuVmRfs7aE0OHBEXO+23aXbLco
DI6hO7Kg/fti8/C6686rTAEKNOJTcHxhiOed/0nJ0mgZoQzY380QGZNrEfFMavS7
zbTolwsIkD947qcuskEP4v3Wcly/kzgo0juHLJYyeakVhQ2u8XIh6XcAtJfT7/72
VkrKGtmpN9a4OeKKQQtauOxlx7BvY1yLhDFo3EWQvuw4SclSEpF1CYnefA6FqlR0
TsECkrB275b6rnZ4ta/uxiVDS7VL859uaAbIZ1sL341tCTl7ViDFzGabC59yNE9A
kLr7BRzcFETVeksE+tXfhELNhQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:33 2024 by rpki-client on console-ams.rpki-client.org