Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/221DE36C5B7F11EEBAA0307C4AD9E6FC.roa
File: 221DE36C5B7F11EEBAA0307C4AD9E6FC.roa (raw, json)
Hash identifier: akgSyzvUhBZdD/Jo/1snS9zDQnQhIY/z4b5eUssk1L4=
Subject key identifier: 6D:39:F4:B4:8A:AB:03:FF:43:1C:4D:05:CB:D6:DE:BF:BF:92:C1:E2
Certificate issuer: /CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Certificate serial: 44
Authority key identifier: A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/221DE36C5B7F11EEBAA0307C4AD9E6FC.roa
Signing time: Mon 25 Sep 2023 08:40:09 +0000
ROA not before: Mon 25 Sep 2023 08:40:05 +0000
ROA not after: Sat 31 Dec 2033 08:40:05 +0000
asID: 61266
IP address blocks: 2c0f:eb00:200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.mft
rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68 (0x44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Validity
Not Before: Sep 25 08:40:05 2023 GMT
Not After : Dec 31 08:40:05 2033 GMT
Subject: CN=65114769-a367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a6:78:b5:22:9e:8c:9c:90:08:e3:dd:bb:0e:
b5:56:49:e8:8e:a7:bd:45:3c:9b:f9:f8:e4:8d:dd:
e0:6a:4b:c7:12:9c:52:85:6e:a7:5a:ac:ac:7c:58:
ef:ba:98:07:3f:b7:bd:c4:74:2c:aa:ad:ea:2a:e9:
eb:df:c3:b5:94:ce:4b:81:1b:d6:01:78:31:47:ea:
58:04:4b:8d:a8:7a:a7:e9:59:28:4a:42:66:2f:90:
d2:55:d4:4b:fd:f4:ae:d0:b3:af:62:e5:1e:d6:a4:
b4:d2:cc:51:59:fd:75:ba:d9:1f:7e:00:07:6d:03:
b1:40:77:64:ad:cc:81:a7:46:00:88:96:9a:d7:e6:
4e:f4:68:56:17:75:27:54:62:6c:4a:04:13:21:db:
5d:a5:6e:d8:3d:bb:a0:a5:89:2c:ff:c2:f0:66:c0:
3c:48:cf:8a:24:93:57:10:6a:b7:33:e2:ad:b1:8d:
d4:71:c7:cd:f5:07:f1:56:09:27:73:d1:ee:85:c1:
9e:18:0d:54:e5:20:df:5c:fa:28:7e:25:57:93:90:
f2:84:2f:39:09:eb:f4:e1:3f:7c:c9:57:d7:7b:da:
4f:2e:e9:6a:52:61:35:a9:48:a3:e2:ef:2a:c5:75:
14:85:8e:08:27:fa:30:7e:d6:27:34:c5:b5:8d:9d:
83:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:39:F4:B4:8A:AB:03:FF:43:1C:4D:05:CB:D6:DE:BF:BF:92:C1:E2
X509v3 Authority Key Identifier:
keyid:A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/221DE36C5B7F11EEBAA0307C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:eb00:200::/40
Signature Algorithm: sha256WithRSAEncryption
7b:56:a5:b8:26:3e:16:1e:05:af:b6:67:1b:aa:47:87:80:05:
0a:42:23:54:b2:8f:2d:50:56:67:a1:98:bd:7c:0b:d9:a2:f5:
3e:d5:d2:5f:21:20:19:31:48:c7:14:82:8c:77:68:76:55:fe:
b5:b8:ff:06:fc:c6:8b:03:5c:07:f4:56:c3:34:96:57:85:e0:
b9:77:0a:8c:50:78:a8:14:b9:c4:fe:46:4e:4f:ac:cd:8d:e8:
2c:2d:e9:ac:16:ee:a7:69:a9:cf:f3:10:47:eb:eb:eb:5d:6d:
45:bf:94:44:77:a5:1f:c8:5d:99:91:fd:17:10:66:50:60:5b:
ec:cc:87:e5:1e:9c:b9:95:9c:08:34:99:02:d8:2a:6c:d4:4a:
66:bb:9f:eb:c1:cb:fc:13:58:08:f1:44:ec:a7:1f:cf:5a:b6:
b4:38:0c:8c:da:fc:24:5e:9e:13:a4:1d:8d:8b:3c:7a:d5:e8:
1d:2a:38:b6:57:bf:90:59:1d:3b:ac:c4:bc:d3:9e:af:f8:d4:
20:46:85:22:39:ed:70:50:e8:06:d0:92:20:6d:45:4e:01:2a:
c2:74:45:22:30:4a:9f:d0:b2:b0:e6:06:44:19:0e:9b:4c:1b:
6f:bb:69:fc:29:88:48:b5:c7:d6:d0:53:3a:3c:e8:4e:1d:e1:
64:9f:50:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBRDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
OENGRUFGMTEwLwYDVQQFEyhBOEVGOTYwNTE0RTMzNjQ0NEQzQ0RFMzdCMjRCNjZE
QzM5RDQzRDFCMB4XDTIzMDkyNTA4NDAwNVoXDTMzMTIzMTA4NDAwNVowGDEWMBQG
A1UEAxMNNjUxMTQ3NjktYTM2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+meLUinoyckAjj3bsOtVZJ6I6nvUU8m/n45I3d4GpLxxKcUoVup1qsrHxY
77qYBz+3vcR0LKqt6irp69/DtZTOS4Eb1gF4MUfqWARLjah6p+lZKEpCZi+Q0lXU
S/30rtCzr2LlHtaktNLMUVn9dbrZH34AB20DsUB3ZK3MgadGAIiWmtfmTvRoVhd1
J1RibEoEEyHbXaVu2D27oKWJLP/C8GbAPEjPiiSTVxBqtzPirbGN1HHHzfUH8VYJ
J3PR7oXBnhgNVOUg31z6KH4lV5OQ8oQvOQnr9OE/fMlX13vaTy7palJhNalIo+Lv
KsV1FIWOCCf6MH7WJzTFtY2dgzcCAwEAAaOCAqcwggKjMB0GA1UdDgQWBBRtOfS0
iqsD/0McTQXL1t6/v5LB4jAfBgNVHSMEGDAWgBSo75YFFOM2RE083jeyS2bcOdQ9
GzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFEOUU2RkMvcU8tV0JS
VGpOa1JOUE40M3NrdG0zRG5VUFJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcU8tV0JSVGpOa1JOUE40M3NrdG0zRG5VUFJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFE
OUU2RkMvMjIxREUzNkM1QjdGMTFFRUJBQTAzMDdDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACwP6wACMA0GCSqGSIb3DQEB
CwUAA4IBAQB7VqW4Jj4WHgWvtmcbqkeHgAUKQiNUso8tUFZnoZi9fAvZovU+1dJf
ISAZMUjHFIKMd2h2Vf61uP8G/MaLA1wH9FbDNJZXheC5dwqMUHioFLnE/kZOT6zN
jegsLemsFu6naanP8xBH6+vrXW1Fv5REd6UfyF2Zkf0XEGZQYFvszIflHpy5lZwI
NJkC2Cps1Epmu5/rwcv8E1gI8UTspx/PWra0OAyM2vwkXp4TpB2Nizx61egdKji2
V7+QWR07rMS8056v+NQgRoUiOe1wUOgG0JIgbUVOASrCdEUiMEqf0LKw5gZEGQ6b
TBtvu2n8KYhItcfW0FM6POhOHeFkn1DE
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:55 2024 by rpki-client on console-fra.rpki-client.org