Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/8EB8874C767711EB81CF8371F8AEA228.roa
File: 8EB8874C767711EB81CF8371F8AEA228.roa (raw, json)
Hash identifier: a5Ya8AZMPcr4yo5onV+OXArWF7aJzeoyFelL2j6STfo=
Subject key identifier: 5E:42:17:42:FA:FF:62:E3:02:D6:DC:F2:A9:BF:51:F8:14:3D:52:63
Certificate issuer: /CN=F36FBB68AR/serialNumber=DDEF51C8A0FF85505D9E0E6FFA02276C2A55AEE8
Certificate serial: 06
Authority key identifier: DD:EF:51:C8:A0:FF:85:50:5D:9E:0E:6F:FA:02:27:6C:2A:55:AE:E8
Authority info access: rsync://rpki.afrinic.net/repository/arin/3e9RyKD_hVBdng5v-gInbCpVrug.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/8EB8874C767711EB81CF8371F8AEA228.roa
Signing time: Wed 24 Feb 2021 08:09:04 +0000
ROA not before: Wed 24 Feb 2021 08:08:50 +0000
ROA not after: Mon 24 Feb 2031 08:08:50 +0000
asID: 37575
IP address blocks: 169.239.12.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/3e9RyKD_hVBdng5v-gInbCpVrug.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/3e9RyKD_hVBdng5v-gInbCpVrug.mft
rsync://rpki.afrinic.net/repository/arin/3e9RyKD_hVBdng5v-gInbCpVrug.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FBB68AR/serialNumber=DDEF51C8A0FF85505D9E0E6FFA02276C2A55AEE8
Validity
Not Before: Feb 24 08:08:50 2021 GMT
Not After : Feb 24 08:08:50 2031 GMT
Subject: CN=6036099f-7722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:29:65:32:77:f9:2f:19:67:01:88:aa:c3:96:
27:0b:f7:30:1b:a5:42:5b:dc:8a:7f:5c:3e:d8:57:
1b:f5:30:a0:ba:8b:5c:25:07:de:39:b8:63:1b:b8:
34:a2:c3:eb:ff:67:bb:71:ad:ef:55:c0:cf:fb:f7:
00:6c:d1:2e:a3:7f:fd:29:3f:d6:bb:ba:86:0c:24:
4c:b2:54:4f:97:92:b4:d2:4d:3b:be:45:00:26:6f:
ba:0c:71:d4:85:d6:95:94:d1:02:de:77:c0:5e:48:
54:db:eb:0d:73:92:28:8b:32:e6:cf:c5:05:2f:f9:
96:e9:e7:0a:92:5e:03:9e:1f:c1:54:b8:c0:14:73:
11:f7:e8:39:ed:45:90:1e:7b:6f:46:0d:8e:3b:6d:
a0:3f:c7:8f:83:c0:cf:e9:b2:ff:87:7a:7e:b3:42:
5d:a5:ad:a9:01:9c:ae:ab:0c:bc:ed:ea:8d:dd:07:
b5:9d:a7:e5:0e:22:8b:96:d4:3c:b4:32:fb:3b:00:
14:fa:8d:e4:9c:86:e8:be:12:3f:9f:bc:1e:35:2c:
ba:70:67:02:4a:f7:e4:62:e1:95:14:75:e8:38:1e:
25:1a:0e:4a:92:ad:e0:0d:e5:e5:ff:d8:f2:6d:b2:
a4:9c:14:11:79:df:fd:c7:7a:c0:4f:bd:68:ea:cb:
b8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:42:17:42:FA:FF:62:E3:02:D6:DC:F2:A9:BF:51:F8:14:3D:52:63
X509v3 Authority Key Identifier:
keyid:DD:EF:51:C8:A0:FF:85:50:5D:9E:0E:6F:FA:02:27:6C:2A:55:AE:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/3e9RyKD_hVBdng5v-gInbCpVrug.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/3e9RyKD_hVBdng5v-gInbCpVrug.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FBB68/EEBD11DE767311EB92548A6DF8AEA228/8EB8874C767711EB81CF8371F8AEA228.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.12.0/22
Signature Algorithm: sha256WithRSAEncryption
27:b3:f0:4b:fc:29:89:85:31:52:44:de:99:59:3f:c5:5e:ab:
57:c0:40:0a:92:74:7b:c2:0b:9b:a8:d0:15:b4:29:59:59:64:
12:0c:59:22:fd:c2:19:f8:83:fe:3c:e9:5d:3f:4e:09:11:db:
3a:78:b8:13:df:89:ef:7f:58:b3:b3:86:71:5a:82:55:df:d1:
bc:c5:b0:8c:eb:9f:87:ac:16:15:07:f9:da:65:22:7a:5f:b7:
40:19:62:a8:9c:83:4c:7c:4b:3d:02:a1:b9:3e:b3:46:04:fe:
8b:cb:c6:77:da:af:99:89:fd:63:6d:d8:1e:1e:4a:47:46:12:
35:58:3b:45:0b:9a:64:95:71:9a:44:b3:98:41:3c:a9:c4:67:
16:21:5b:e1:0e:42:2b:12:06:1a:13:37:8b:24:e3:1b:2f:dc:
70:f5:c5:e9:ce:69:dc:30:0f:aa:3e:60:72:16:46:6f:34:b7:
52:91:8c:dd:18:07:66:25:b4:e8:45:64:3f:c7:6b:aa:05:45:
4b:fa:5b:60:a8:28:e3:8c:a7:fb:79:63:6a:5d:50:48:1c:01:
57:be:b4:03:d3:ab:e2:ab:1c:64:0c:a4:4d:53:2a:63:ce:85:
7d:56:7a:75:f5:af:8f:ca:57:03:ef:f3:e4:0f:41:a8:37:ac:
82:6f:c7:5e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QkI2OEFSMTEwLwYDVQQFEyhEREVGNTFDOEEwRkY4NTUwNUQ5RTBFNkZGQTAyMjc2
QzJBNTVBRUU4MB4XDTIxMDIyNDA4MDg1MFoXDTMxMDIyNDA4MDg1MFowGDEWMBQG
A1UEAxMNNjAzNjA5OWYtNzcyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwpZTJ3+S8ZZwGIqsOWJwv3MBulQlvcin9cPthXG/UwoLqLXCUH3jm4Yxu4
NKLD6/9nu3Gt71XAz/v3AGzRLqN//Sk/1ru6hgwkTLJUT5eStNJNO75FACZvugxx
1IXWlZTRAt53wF5IVNvrDXOSKIsy5s/FBS/5lunnCpJeA54fwVS4wBRzEffoOe1F
kB57b0YNjjttoD/Hj4PAz+my/4d6frNCXaWtqQGcrqsMvO3qjd0HtZ2n5Q4ii5bU
PLQy+zsAFPqN5JyG6L4SP5+8HjUsunBnAkr35GLhlRR16DgeJRoOSpKt4A3l5f/Y
8m2ypJwUEXnf/cd6wE+9aOrLuD8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBReQhdC
+v9i4wLW3PKpv1H4FD1SYzAfBgNVHSMEGDAWgBTd71HIoP+FUF2eDm/6AidsKlWu
6DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkJCNjgvRUVCRDExREU3NjczMTFFQjkyNTQ4QTZERjhBRUEyMjgvM2U5UnlL
RF9oVkJkbmc1di1nSW5iQ3BWcnVnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
M2U5UnlLRF9oVkJkbmc1di1nSW5iQ3BWcnVnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2RkJCNjgvRUVCRDExREU3NjczMTFFQjkyNTQ4QTZERjhBRUEy
MjgvOEVCODg3NEM3Njc3MTFFQjgxQ0Y4MzcxRjhBRUEyMjgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqnvDDANBgkqhkiG9w0BAQsFAAOC
AQEAJ7PwS/wpiYUxUkTemVk/xV6rV8BACpJ0e8ILm6jQFbQpWVlkEgxZIv3CGfiD
/jzpXT9OCRHbOni4E9+J739Ys7OGcVqCVd/RvMWwjOufh6wWFQf52mUiel+3QBli
qJyDTHxLPQKhuT6zRgT+i8vGd9qvmYn9Y23YHh5KR0YSNVg7RQuaZJVxmkSzmEE8
qcRnFiFb4Q5CKxIGGhM3iyTjGy/ccPXF6c5p3DAPqj5gchZGbzS3UpGM3RgHZiW0
6EVkP8drqgVFS/pbYKgo44yn+3ljal1QSBwBV760A9Or4qscZAykTVMqY86FfVZ6
dfWvj8pXA+/z5A9BqDesgm/HXg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:20 2024 by rpki-client on console-fra.rpki-client.org