Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/DD015D826CC111EE88677D734AD9E6FC.roa
File: DD015D826CC111EE88677D734AD9E6FC.roa (raw, json)
Hash identifier: qWeL/3G03cESkK0lfpuTmBLiPLwBFByixPyVGD+RD2k=
Subject key identifier: 54:26:46:19:46:36:BA:AC:32:DF:4A:04:AE:51:20:CB:FC:D3:42:0B
Certificate issuer: /CN=F365F086AF/serialNumber=02C44CED6B619AB1A404FCED3502B1D96848329E
Certificate serial: 02
Authority key identifier: 02:C4:4C:ED:6B:61:9A:B1:A4:04:FC:ED:35:02:B1:D9:68:48:32:9E
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/AsRM7WthmrGkBPztNQKx2WhIMp4.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/DD015D826CC111EE88677D734AD9E6FC.roa
Signing time: Tue 17 Oct 2023 07:50:39 +0000
ROA not before: Tue 17 Oct 2023 07:50:35 +0000
ROA not after: Tue 17 Oct 2028 07:50:35 +0000
asID: 37678
IP address blocks: 2c0f:f718::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/AsRM7WthmrGkBPztNQKx2WhIMp4.crl
rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/AsRM7WthmrGkBPztNQKx2WhIMp4.mft
rsync://rpki.afrinic.net/repository/afrinic/AsRM7WthmrGkBPztNQKx2WhIMp4.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 28 Jun 2024 00:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F365F086AF/serialNumber=02C44CED6B619AB1A404FCED3502B1D96848329E
Validity
Not Before: Oct 17 07:50:35 2023 GMT
Not After : Oct 17 07:50:35 2028 GMT
Subject: CN=652e3ccf-c6cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:7c:5a:6e:4f:c3:a5:9f:ae:9c:f7:da:1f:
17:b6:5b:a1:dc:42:44:ac:50:44:68:be:a8:06:4e:
61:74:17:ab:22:ae:86:d7:2e:45:42:94:c9:10:cd:
77:21:8e:3d:d7:e1:67:81:64:ce:c9:12:6b:00:65:
7d:f5:ae:3e:d8:64:04:4d:84:13:e6:6e:3f:8f:6d:
81:6f:fa:88:28:ce:cb:4a:df:c0:4d:e6:60:a8:10:
b6:9e:b8:fd:e2:c1:68:94:07:f9:46:79:45:9a:ea:
5d:34:2a:61:6e:b8:55:68:b6:9d:62:e6:34:9d:7e:
64:f6:a5:76:cd:aa:05:95:a2:b0:b9:8b:de:1c:ff:
23:6c:ce:9b:d9:e3:58:78:39:b3:2c:f4:b4:9c:2c:
c9:c2:43:a7:eb:9f:e6:2a:4e:78:ee:70:98:3b:0b:
a3:1a:1c:2c:a3:9e:c9:45:51:96:01:f0:d2:d5:37:
cb:69:7f:0e:30:b1:2c:0a:16:6b:56:cb:30:17:43:
32:54:63:0e:f2:30:d4:63:56:0a:2d:ac:bc:a9:6d:
26:80:36:dc:91:e8:54:5a:13:07:1b:38:07:97:01:
c8:09:4f:6d:9a:ba:f4:6e:47:f2:7d:80:8c:44:2a:
d1:15:a1:0e:36:e3:3a:25:08:02:da:84:45:db:cc:
fa:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:26:46:19:46:36:BA:AC:32:DF:4A:04:AE:51:20:CB:FC:D3:42:0B
X509v3 Authority Key Identifier:
keyid:02:C4:4C:ED:6B:61:9A:B1:A4:04:FC:ED:35:02:B1:D9:68:48:32:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/AsRM7WthmrGkBPztNQKx2WhIMp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/AsRM7WthmrGkBPztNQKx2WhIMp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/DD015D826CC111EE88677D734AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f718::/32
Signature Algorithm: sha256WithRSAEncryption
51:80:45:d5:fe:90:f7:c6:75:56:a4:35:73:fa:73:93:97:48:
63:85:f8:04:a3:20:75:69:6f:63:d8:64:ea:cf:cb:cd:77:6b:
e7:90:2c:2b:5a:14:28:3a:32:71:91:f1:5e:fc:06:ef:e4:2b:
6c:c9:5c:35:9b:0c:88:e2:5f:f7:2b:88:9c:42:4d:20:9e:9d:
a5:e0:b1:fb:f5:15:b9:a5:9e:ff:3a:ac:fd:9c:97:14:91:10:
66:51:de:45:6f:eb:c7:a1:a7:31:6d:35:2f:02:c5:b0:c0:7e:
2d:ae:fa:f5:7a:08:bc:18:ab:9d:e2:3c:b8:1e:71:1b:cc:ea:
98:22:56:44:5a:d6:bf:2c:60:5b:15:8c:b5:bb:f1:33:62:01:
32:71:c7:87:72:08:bf:7b:b9:6d:9f:4a:8c:29:44:77:be:fb:
d8:3e:29:fa:91:57:7a:fb:ae:9c:e3:ef:23:86:58:68:20:70:
0a:06:1b:c5:96:1b:95:0c:00:6f:4a:cc:3d:3e:65:2b:0c:e7:
11:d7:29:e4:f1:c5:90:44:dc:89:21:ba:8e:b9:62:bc:b6:b9:
9f:c7:55:a6:26:a9:46:db:f5:cc:65:57:4d:32:54:ae:37:c6:
d1:7c:a7:cc:74:f6:f0:0c:1c:35:4a:e0:f2:d1:02:13:77:ab:
71:11:da:65
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RjA4NkFGMTEwLwYDVQQFEygwMkM0NENFRDZCNjE5QUIxQTQwNEZDRUQzNTAyQjFE
OTY4NDgzMjlFMB4XDTIzMTAxNzA3NTAzNVoXDTI4MTAxNzA3NTAzNVowGDEWMBQG
A1UEAxMNNjUyZTNjY2YtYzZjZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQ7fFpuT8Oln66c99ofF7ZbodxCRKxQRGi+qAZOYXQXqyKuhtcuRUKUyRDN
dyGOPdfhZ4FkzskSawBlffWuPthkBE2EE+ZuP49tgW/6iCjOy0rfwE3mYKgQtp64
/eLBaJQH+UZ5RZrqXTQqYW64VWi2nWLmNJ1+ZPalds2qBZWisLmL3hz/I2zOm9nj
WHg5syz0tJwsycJDp+uf5ipOeO5wmDsLoxocLKOeyUVRlgHw0tU3y2l/DjCxLAoW
a1bLMBdDMlRjDvIw1GNWCi2svKltJoA23JHoVFoTBxs4B5cByAlPbZq69G5H8n2A
jEQq0RWhDjbjOiUIAtqERdvM+u8CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBRUJkYZ
Rja6rDLfSgSuUSDL/NNCCzAfBgNVHSMEGDAWgBQCxEzta2GasaQE/O01ArHZaEgy
njAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUYwODYvREU3QjE2RUU2Q0JDMTFFRTlBNTlFRTYzNEFEOUU2RkMvQXNSTTdX
dGhtckdrQlB6dE5RS3gyV2hJTXA0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQXNSTTdXdGhtckdrQlB6dE5RS3gyV2hJTXA0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUYwODYvREU3QjE2RUU2Q0JDMTFFRTlBNTlFRTYzNEFE
OUU2RkMvREQwMTVEODI2Q0MxMTFFRTg4Njc3RDczNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP9xgwDQYJKoZIhvcNAQEL
BQADggEBAFGARdX+kPfGdVakNXP6c5OXSGOF+ASjIHVpb2PYZOrPy813a+eQLCta
FCg6MnGR8V78Bu/kK2zJXDWbDIjiX/criJxCTSCenaXgsfv1Fbmlnv86rP2clxSR
EGZR3kVv68ehpzFtNS8CxbDAfi2u+vV6CLwYq53iPLgecRvM6pgiVkRa1r8sYFsV
jLW78TNiATJxx4dyCL97uW2fSowpRHe++9g+KfqRV3r7rpzj7yOGWGggcAoGG8WW
G5UMAG9KzD0+ZSsM5xHXKeTxxZBE3Ikhuo65Yry2uZ/HVaYmqUbb9cxlV00yVK43
xtF8p8x09vAMHDVK4PLRAhN3q3ER2mU=
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:21:09 2024 by rpki-client on console-fra.rpki-client.org