Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363FEF1/38E9720A799D11EEA7E476804AD9E6FC/FA87AD5A799D11EE927FAF824AD9E6FC.roa
File: FA87AD5A799D11EE927FAF824AD9E6FC.roa (raw, json)
Hash identifier: w3PUKAmzr0cKU0yWoHF3R0NzFnNrAi3OPe5Is4QZlH4=
Subject key identifier: E9:55:14:27:95:16:0B:45:05:D7:30:8C:BB:CB:D2:D3:D0:05:D9:9D
Certificate issuer: /CN=F363FEF1AF/serialNumber=5152D4929CA85ED77223A26AF81459A9020F10A5
Certificate serial: 02
Authority key identifier: 51:52:D4:92:9C:A8:5E:D7:72:23:A2:6A:F8:14:59:A9:02:0F:10:A5
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/UVLUkpyoXtdyI6Jq-BRZqQIPEKU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F363FEF1/38E9720A799D11EEA7E476804AD9E6FC/FA87AD5A799D11EE927FAF824AD9E6FC.roa
Signing time: Thu 02 Nov 2023 16:36:31 +0000
ROA not before: Thu 02 Nov 2023 16:36:28 +0000
ROA not after: Tue 01 Nov 2033 16:36:28 +0000
asID: 14593
IP address blocks: 2c0f:2a80::/32 maxlen: 42
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F363FEF1/38E9720A799D11EEA7E476804AD9E6FC/UVLUkpyoXtdyI6Jq-BRZqQIPEKU.crl
rsync://rpki.afrinic.net/repository/member_repository/F363FEF1/38E9720A799D11EEA7E476804AD9E6FC/UVLUkpyoXtdyI6Jq-BRZqQIPEKU.mft
rsync://rpki.afrinic.net/repository/afrinic/UVLUkpyoXtdyI6Jq-BRZqQIPEKU.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F363FEF1AF/serialNumber=5152D4929CA85ED77223A26AF81459A9020F10A5
Validity
Not Before: Nov 2 16:36:28 2023 GMT
Not After : Nov 1 16:36:28 2033 GMT
Subject: CN=6543d00f-2031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:41:27:f5:1e:f0:6d:f0:9c:78:f7:b2:2f:69:
81:32:d6:bb:90:80:cf:33:bc:b0:bd:a6:0e:d7:c2:
24:1b:bb:5b:28:63:92:c6:f2:66:0c:9a:3d:88:91:
bd:22:f8:2e:6c:97:9c:1e:24:8e:2f:ce:0e:ab:ee:
db:97:37:44:a3:90:72:d6:39:83:b5:32:ce:41:a5:
4b:53:7b:15:01:9d:b2:8d:3f:72:77:e9:fd:3f:0a:
b4:41:f1:7a:f6:05:bf:38:8a:10:1e:4d:74:aa:27:
b3:3f:46:fc:c0:c6:85:bf:82:89:10:48:6f:a7:30:
12:ae:56:1a:89:4f:68:a6:d5:33:c4:b8:8a:74:da:
75:5f:cb:6a:11:1a:91:72:3d:76:70:94:f6:38:a7:
3e:4f:36:e0:7f:f9:a7:94:0b:8f:9c:43:16:0f:73:
9f:b6:93:17:f2:07:d2:ab:dc:3e:00:10:2d:e0:65:
8d:59:67:ca:a1:87:f9:9f:7d:0c:d7:0a:08:34:8a:
b4:18:83:6f:fe:1b:df:40:d2:15:98:9a:f0:31:81:
33:b7:8b:1a:42:2d:81:52:17:1e:c3:b0:ea:0c:01:
7d:76:a5:39:03:2e:52:e2:7c:ff:89:94:8c:a8:d1:
e2:c2:cf:5e:26:1a:8e:8c:d8:44:ea:b2:7c:29:db:
af:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:55:14:27:95:16:0B:45:05:D7:30:8C:BB:CB:D2:D3:D0:05:D9:9D
X509v3 Authority Key Identifier:
keyid:51:52:D4:92:9C:A8:5E:D7:72:23:A2:6A:F8:14:59:A9:02:0F:10:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F363FEF1/38E9720A799D11EEA7E476804AD9E6FC/UVLUkpyoXtdyI6Jq-BRZqQIPEKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/UVLUkpyoXtdyI6Jq-BRZqQIPEKU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363FEF1/38E9720A799D11EEA7E476804AD9E6FC/FA87AD5A799D11EE927FAF824AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:2a80::/32
Signature Algorithm: sha256WithRSAEncryption
31:e5:c7:76:95:71:0b:ea:fb:55:9e:e8:d8:ba:aa:7b:87:76:
d0:8e:40:90:2c:4e:96:57:08:e2:14:3c:de:26:62:db:b7:af:
ba:0a:d2:a1:81:1b:3e:19:f0:32:7b:f9:7f:c3:d9:a5:26:5f:
6f:eb:39:65:e3:60:65:1a:7c:f9:06:3c:b2:e0:bd:75:3f:be:
72:da:18:db:22:3c:69:f0:17:22:35:d4:5b:28:bc:5c:32:ce:
50:0d:0e:2b:3a:a7:1b:33:51:91:68:47:80:20:d3:29:cb:c1:
5f:8b:16:b8:dc:42:8b:a0:87:cd:e0:cf:4c:3b:b5:ee:01:a4:
3c:2b:0f:39:da:3b:86:3a:18:23:d6:db:31:fc:36:f2:b9:c0:
40:6f:74:42:3e:4a:13:7f:85:01:f4:be:fc:bc:48:7c:8c:72:
7e:15:52:88:c3:85:72:af:a2:c9:7d:e5:be:04:f4:4e:91:58:
8a:52:ec:79:66:7d:aa:b8:ed:a8:47:0d:a0:e2:a7:db:6a:27:
0d:6a:43:ce:ff:49:4f:59:bf:dc:81:1c:dc:8e:6d:cf:10:e9:
ac:1f:cc:88:d0:9e:bc:12:4f:0a:cc:27:1b:8e:fe:f9:6a:ee:
5f:05:3a:60:a3:2b:2c:dc:72:b4:1e:a0:6e:c4:81:2b:58:24:
eb:ed:f4:9e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYz
RkVGMUFGMTEwLwYDVQQFEyg1MTUyRDQ5MjlDQTg1RUQ3NzIyM0EyNkFGODE0NTlB
OTAyMEYxMEE1MB4XDTIzMTEwMjE2MzYyOFoXDTMzMTEwMTE2MzYyOFowGDEWMBQG
A1UEAxMNNjU0M2QwMGYtMjAzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVBJ/Ue8G3wnHj3si9pgTLWu5CAzzO8sL2mDtfCJBu7WyhjksbyZgyaPYiR
vSL4LmyXnB4kji/ODqvu25c3RKOQctY5g7UyzkGlS1N7FQGdso0/cnfp/T8KtEHx
evYFvziKEB5NdKonsz9G/MDGhb+CiRBIb6cwEq5WGolPaKbVM8S4inTadV/LahEa
kXI9dnCU9jinPk824H/5p5QLj5xDFg9zn7aTF/IH0qvcPgAQLeBljVlnyqGH+Z99
DNcKCDSKtBiDb/4b30DSFZia8DGBM7eLGkItgVIXHsOw6gwBfXalOQMuUuJ8/4mU
jKjR4sLPXiYajozYROqyfCnbrxsCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTpVRQn
lRYLRQXXMIy7y9LT0AXZnTAfBgNVHSMEGDAWgBRRUtSSnKhe13Ijomr4FFmpAg8Q
pTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0ZFRjEvMzhFOTcyMEE3OTlEMTFFRUE3RTQ3NjgwNEFEOUU2RkMvVVZMVWtw
eW9YdGR5STZKcS1CUlpxUUlQRUtVLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVVZMVWtweW9YdGR5STZKcS1CUlpxUUlQRUtVLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0ZFRjEvMzhFOTcyMEE3OTlEMTFFRUE3RTQ3NjgwNEFE
OUU2RkMvRkE4N0FENUE3OTlEMTFFRTkyN0ZBRjgyNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPKoAwDQYJKoZIhvcNAQEL
BQADggEBADHlx3aVcQvq+1We6Ni6qnuHdtCOQJAsTpZXCOIUPN4mYtu3r7oK0qGB
Gz4Z8DJ7+X/D2aUmX2/rOWXjYGUafPkGPLLgvXU/vnLaGNsiPGnwFyI11FsovFwy
zlANDis6pxszUZFoR4Ag0ynLwV+LFrjcQough83gz0w7te4BpDwrDznaO4Y6GCPW
2zH8NvK5wEBvdEI+ShN/hQH0vvy8SHyMcn4VUojDhXKvosl95b4E9E6RWIpS7Hlm
faq47ahHDaDip9tqJw1qQ87/SU9Zv9yBHNyObc8Q6awfzIjQnrwSTwrMJxuO/vlq
7l8FOmCjKyzccrQeoG7EgStYJOvt9J4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:19:39 2024 by rpki-client on console-ams.rpki-client.org