Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FC6C8/BCADBE8C70E311EFB4AB1745762E951A/6A9EBB1C8D4611EF884F3475762E951A.roa
File: 6A9EBB1C8D4611EF884F3475762E951A.roa (raw, json)
Hash identifier: 5vOP0Ui230xbdrZQI6/7YklcE+oK9/VNTnmgzviqoBU=
Subject key identifier: 39:33:87:FB:86:A2:C6:66:EA:A7:9C:97:5B:86:0E:1B:94:F3:AC:84
Certificate issuer: /CN=F36FC6C8AR/serialNumber=1A8185FCF63D079B206A34A8B99487A59D818E5D
Certificate serial: 35
Authority key identifier: 1A:81:85:FC:F6:3D:07:9B:20:6A:34:A8:B9:94:87:A5:9D:81:8E:5D
Authority info access: rsync://rpki.afrinic.net/repository/arin/GoGF_PY9B5sgajSouZSHpZ2Bjl0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/BCADBE8C70E311EFB4AB1745762E951A/6A9EBB1C8D4611EF884F3475762E951A.roa
Signing time: Fri 18 Oct 2024 11:45:05 +0000
ROA not before: Fri 18 Oct 2024 11:45:01 +0000
ROA not after: Wed 18 Oct 2034 11:45:01 +0000
asID: 37680
IP address blocks: 155.93.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/BCADBE8C70E311EFB4AB1745762E951A/GoGF_PY9B5sgajSouZSHpZ2Bjl0.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/BCADBE8C70E311EFB4AB1745762E951A/GoGF_PY9B5sgajSouZSHpZ2Bjl0.mft
rsync://rpki.afrinic.net/repository/arin/GoGF_PY9B5sgajSouZSHpZ2Bjl0.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 27 Nov 2024 00:21:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53 (0x35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FC6C8AR/serialNumber=1A8185FCF63D079B206A34A8B99487A59D818E5D
Validity
Not Before: Oct 18 11:45:01 2024 GMT
Not After : Oct 18 11:45:01 2034 GMT
Subject: CN=67124a41-884a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:59:c1:56:5e:d3:7f:94:3b:0c:e9:fe:2f:f2:
a9:c3:ec:8f:2c:1d:b3:a4:30:1f:08:f5:1d:00:f3:
2f:73:64:f9:d1:db:90:ac:df:29:eb:0a:97:61:13:
6c:66:a5:d2:f4:d2:ef:cb:d3:4d:3b:95:36:bc:7b:
dc:b9:dc:3b:0b:87:50:01:79:1c:83:5a:d3:94:4a:
a9:ed:7a:8f:ee:4d:00:e0:f5:a2:f9:9d:0b:40:96:
97:aa:b4:e2:c5:ee:0e:13:af:33:0e:38:e5:fc:2a:
1b:1a:eb:65:2c:51:6d:22:1a:df:ad:52:58:52:e0:
d3:be:8a:df:90:b9:4e:1b:0f:ad:ff:2a:ba:85:cb:
31:13:33:d5:0f:52:cf:d1:1d:12:ab:43:22:d3:35:
f0:d6:a3:c6:38:fe:88:8e:f0:82:56:15:72:3e:3a:
6a:4f:56:5e:f0:37:a8:52:6e:f7:5b:fe:f2:2a:c7:
3c:4e:05:9e:d2:c5:ff:19:9e:c3:3d:2c:9b:59:2d:
db:b3:45:45:54:f2:a3:d3:f7:55:1b:ba:bb:c8:dd:
87:ca:5c:35:4d:3d:41:f3:ba:f9:a9:1c:90:a3:6d:
c2:df:5c:2b:9a:4d:fc:61:28:6b:fa:6e:9f:12:54:
9a:58:41:17:21:6b:83:ff:3a:dc:69:80:ca:90:3b:
91:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:33:87:FB:86:A2:C6:66:EA:A7:9C:97:5B:86:0E:1B:94:F3:AC:84
X509v3 Authority Key Identifier:
keyid:1A:81:85:FC:F6:3D:07:9B:20:6A:34:A8:B9:94:87:A5:9D:81:8E:5D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/BCADBE8C70E311EFB4AB1745762E951A/GoGF_PY9B5sgajSouZSHpZ2Bjl0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/GoGF_PY9B5sgajSouZSHpZ2Bjl0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FC6C8/BCADBE8C70E311EFB4AB1745762E951A/6A9EBB1C8D4611EF884F3475762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
155.93.192.0/20
Signature Algorithm: sha256WithRSAEncryption
b5:95:27:fb:5b:54:9b:c4:72:64:c3:80:cb:27:df:7e:4b:e5:
ad:c9:7c:e9:71:ae:0a:0b:e3:a0:e6:be:61:88:3a:09:45:af:
3a:e0:98:3c:0c:4f:26:15:e4:e7:59:52:38:dd:c6:5b:8b:d8:
a5:0e:3a:7e:fe:53:21:a6:3c:1e:1e:23:77:28:b9:e7:0c:80:
87:56:f4:86:7d:31:1d:ff:94:76:be:da:3f:69:99:53:a9:41:
09:57:a3:f8:c1:7a:8b:99:35:26:93:7a:e8:4d:f0:fb:51:01:
7d:f0:47:b3:33:71:42:13:db:03:22:fc:c5:0c:1f:e7:d7:b4:
6d:a4:78:11:1b:9e:17:d7:17:a5:86:52:a3:c0:9f:68:bf:7f:
74:ee:ee:cd:70:f4:ef:5a:9a:bb:b1:fa:bb:92:d4:2d:11:94:
02:9a:55:79:63:5b:57:70:f0:7c:46:f2:56:89:e4:65:57:0e:
dc:7d:68:5b:cb:2a:83:90:2e:b2:ff:be:60:5a:14:64:ae:8f:
92:71:78:6a:f8:5d:21:9e:00:f3:36:41:72:6b:50:96:7a:c3:
1c:74:52:35:c2:a0:e9:12:90:87:9f:6b:21:1d:a3:59:c8:a6:
7f:cf:8e:e6:f1:4a:ec:94:65:1f:00:f7:5f:4b:15:77:e4:c5:
91:60:7a:6b
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBNTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
QzZDOEFSMTEwLwYDVQQFEygxQTgxODVGQ0Y2M0QwNzlCMjA2QTM0QThCOTk0ODdB
NTlEODE4RTVEMB4XDTI0MTAxODExNDUwMVoXDTM0MTAxODExNDUwMVowGDEWMBQG
A1UEAxMNNjcxMjRhNDEtODg0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOxZwVZe03+UOwzp/i/yqcPsjywds6QwHwj1HQDzL3Nk+dHbkKzfKesKl2ET
bGal0vTS78vTTTuVNrx73LncOwuHUAF5HINa05RKqe16j+5NAOD1ovmdC0CWl6q0
4sXuDhOvMw445fwqGxrrZSxRbSIa361SWFLg076K35C5ThsPrf8quoXLMRMz1Q9S
z9EdEqtDItM18Najxjj+iI7wglYVcj46ak9WXvA3qFJu91v+8irHPE4FntLF/xme
wz0sm1kt27NFRVTyo9P3VRu6u8jdh8pcNU09QfO6+akckKNtwt9cK5pN/GEoa/pu
nxJUmlhBFyFrg/863GmAypA7kZUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQ5M4f7
hqLGZuqnnJdbhg4blPOshDAfBgNVHSMEGDAWgBQagYX89j0HmyBqNKi5lIelnYGO
XTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkM2QzgvQkNBREJFOEM3MEUzMTFFRkI0QUIxNzQ1NzYyRTk1MUEvR29HRl9Q
WTlCNXNnYWpTb3VaU0hwWjJCamwwLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
R29HRl9QWTlCNXNnYWpTb3VaU0hwWjJCamwwLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2RkM2QzgvQkNBREJFOEM3MEUzMTFFRkI0QUIxNzQ1NzYyRTk1
MUEvNkE5RUJCMUM4RDQ2MTFFRjg4NEYzNDc1NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJtdwDANBgkqhkiG9w0BAQsFAAOC
AQEAtZUn+1tUm8RyZMOAyyfffkvlrcl86XGuCgvjoOa+YYg6CUWvOuCYPAxPJhXk
51lSON3GW4vYpQ46fv5TIaY8Hh4jdyi55wyAh1b0hn0xHf+Udr7aP2mZU6lBCVej
+MF6i5k1JpN66E3w+1EBffBHszNxQhPbAyL8xQwf59e0baR4ERueF9cXpYZSo8Cf
aL9/dO7uzXD071qau7H6u5LULRGUAppVeWNbV3DwfEbyVonkZVcO3H1oW8sqg5Au
sv++YFoUZK6PknF4avhdIZ4A8zZBcmtQlnrDHHRSNcKg6RKQh59rIR2jWcimf8+O
5vFK7JRlHwD3X0sVd+TFkWB6aw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:54:27 2024 by rpki-client on console-fra.rpki-client.org