Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/40CDEE54A32411EFBEA2AA76762E951A.roa
File: 40CDEE54A32411EFBEA2AA76762E951A.roa (raw, json)
Hash identifier: ygTC9DuKVJ/n7JrTrzQh7m9cfirLf1U+TjLI8piQ1Js=
Subject key identifier: 68:21:BF:C5:26:A0:AA:5D:27:EC:E0:6E:B9:FF:B3:5E:0E:78:4C:B0
Certificate issuer: /CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Certificate serial: 0EF8
Authority key identifier: 8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/40CDEE54A32411EFBEA2AA76762E951A.roa
Signing time: Fri 15 Nov 2024 07:35:57 +0000
ROA not before: Fri 15 Nov 2024 07:35:54 +0000
ROA not after: Fri 15 Nov 2030 07:35:54 +0000
asID: 37708
IP address blocks: 2001:43f8:92::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl
rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.mft
rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3832 (0xef8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3634D22AF/serialNumber=8D01D808E89774543DE22D0DA844378ECEA8BB9B
Validity
Not Before: Nov 15 07:35:54 2024 GMT
Not After : Nov 15 07:35:54 2030 GMT
Subject: CN=6736f9dd-d6d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0f:11:87:1e:cf:c7:9a:7d:65:f0:51:f3:57:
3a:7c:04:9c:01:9f:c0:e1:bc:93:d6:d0:04:eb:94:
db:25:af:37:e5:27:61:19:f2:cd:14:a5:88:24:8a:
cf:b6:2c:c6:61:85:eb:f9:25:cb:86:e0:49:fe:b1:
e8:db:23:11:cc:1e:2d:c4:82:29:6a:a1:cf:59:d3:
72:b5:cc:c5:06:b7:f5:ee:07:95:f6:00:71:3d:df:
40:fa:4a:27:1a:28:4d:c9:80:34:8c:5d:8c:93:fc:
84:8c:f5:e5:16:d5:3e:bf:01:58:81:e7:0a:d2:07:
02:08:3a:1e:e5:a1:e7:be:75:52:df:fe:b8:88:cf:
6a:f9:85:3d:eb:f6:98:f7:2a:b0:1f:a1:1e:9a:e0:
a3:df:88:26:23:49:89:6d:ff:ab:12:75:b1:09:fa:
ca:81:68:b2:92:1d:51:92:62:9a:28:52:62:d0:fb:
21:37:de:fa:19:aa:cb:17:46:d7:61:f2:db:27:53:
bb:9c:6c:1e:05:fe:ac:68:6c:16:b7:85:53:f4:f3:
21:ae:52:ea:27:64:f9:40:27:31:a0:59:69:99:e4:
4b:9f:bd:66:d8:9a:a3:20:4e:2d:ff:1c:d6:a8:16:
53:b5:c1:de:9c:be:64:71:4f:d0:7f:f8:c7:7e:49:
05:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:21:BF:C5:26:A0:AA:5D:27:EC:E0:6E:B9:FF:B3:5E:0E:78:4C:B0
X509v3 Authority Key Identifier:
keyid:8D:01:D8:08:E8:97:74:54:3D:E2:2D:0D:A8:44:37:8E:CE:A8:BB:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/jQHYCOiXdFQ94i0NqEQ3js6ou5s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jQHYCOiXdFQ94i0NqEQ3js6ou5s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634D22/1D5F7C26047311E580C18A06F8AEA228/40CDEE54A32411EFBEA2AA76762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:43f8:92::/48
Signature Algorithm: sha256WithRSAEncryption
4d:ad:98:6b:64:f8:a3:bd:57:74:04:42:33:a0:43:bb:1b:69:
79:ed:cf:4e:1c:bc:2c:cf:aa:23:7f:07:04:f9:fc:cc:5b:b9:
13:3d:db:d2:63:a9:8c:63:2d:d2:c9:91:d5:e5:0c:f6:11:9a:
86:db:34:c9:5b:6f:2e:35:a7:d3:3d:73:bf:91:e9:bf:22:3f:
69:61:d2:62:7e:dc:31:0c:b6:30:28:66:a2:40:82:17:27:68:
98:2e:cb:86:cf:03:96:02:12:99:70:d6:42:85:ef:ad:47:33:
55:8c:c9:99:18:aa:a9:f7:52:c3:04:e7:cc:de:11:5f:8d:bd:
68:47:46:14:42:16:f5:c2:97:98:f3:4a:98:64:0f:cd:e8:2c:
bd:e3:8d:59:8d:29:36:d3:b6:bf:d1:6b:34:73:ca:7e:20:2e:
40:fc:4d:48:24:86:83:cd:2d:05:a0:94:42:f3:4d:ff:51:6e:
b0:7e:a6:a4:27:78:1e:fb:87:b3:42:48:f8:ac:fd:fb:ab:58:
4c:e7:09:66:95:6f:1e:f6:f7:08:29:57:b2:28:b6:d6:95:e8:
4c:79:c8:66:0b:81:ae:99:86:d0:34:d0:71:b1:bc:b5:59:76:
2b:74:7f:dc:85:61:0b:3d:43:bb:fe:cb:ab:4d:7b:9d:d0:e8:
5d:a9:04:b9
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDvgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzREMjJBRjExMC8GA1UEBRMoOEQwMUQ4MDhFODk3NzQ1NDNERTIyRDBEQTg0NDM3
OEVDRUE4QkI5QjAeFw0yNDExMTUwNzM1NTRaFw0zMDExMTUwNzM1NTRaMBgxFjAU
BgNVBAMTDTY3MzZmOWRkLWQ2ZDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEDxGHHs/Hmn1l8FHzVzp8BJwBn8DhvJPW0ATrlNslrzflJ2EZ8s0UpYgk
is+2LMZhhev5JcuG4En+sejbIxHMHi3Egilqoc9Z03K1zMUGt/XuB5X2AHE930D6
SicaKE3JgDSMXYyT/ISM9eUW1T6/AViB5wrSBwIIOh7loee+dVLf/riIz2r5hT3r
9pj3KrAfoR6a4KPfiCYjSYlt/6sSdbEJ+sqBaLKSHVGSYpooUmLQ+yE33voZqssX
Rtdh8tsnU7ucbB4F/qxobBa3hVP08yGuUuonZPlAJzGgWWmZ5EufvWbYmqMgTi3/
HNaoFlO1wd6cvmRxT9B/+Md+SQUjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUaCG/
xSagql0n7OBuuf+zXg54TLAwHwYDVR0jBBgwFoAUjQHYCOiXdFQ94i0NqEQ3js6o
u5swDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4QUVBMjI4L2pRSFlD
T2lYZEZROTRpME5xRVEzanM2b3U1cy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2pRSFlDT2lYZEZROTRpME5xRVEzanM2b3U1cy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RDIyLzFENUY3QzI2MDQ3MzExRTU4MEMxOEEwNkY4
QUVBMjI4LzQwQ0RFRTU0QTMyNDExRUZCRUEyQUE3Njc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAUP4AJIwDQYJKoZIhvcN
AQELBQADggEBAE2tmGtk+KO9V3QEQjOgQ7sbaXntz04cvCzPqiN/BwT5/MxbuRM9
29JjqYxjLdLJkdXlDPYRmobbNMlbby41p9M9c7+R6b8iP2lh0mJ+3DEMtjAoZqJA
ghcnaJguy4bPA5YCEplw1kKF761HM1WMyZkYqqn3UsME58zeEV+NvWhHRhRCFvXC
l5jzSphkD83oLL3jjVmNKTbTtr/RazRzyn4gLkD8TUgkhoPNLQWglELzTf9RbrB+
pqQneB77h7NCSPis/furWEznCWaVbx729wgpV7IottaV6Ex5yGYLga6ZhtA00HGx
vLVZdit0f9yFYQs9Q7v+y6tNe53Q6F2pBLk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org