Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/39E85D245B7F11EE90195D7C4AD9E6FC.roa
File: 39E85D245B7F11EE90195D7C4AD9E6FC.roa (raw, json)
Hash identifier: eHbXQ/7kild+PjHeBFmSGxlAnlG3pi2uyC9o63m5Mio=
Subject key identifier: A0:57:7B:EF:34:C9:DE:92:10:D3:86:66:6C:60:D0:2C:1E:83:AF:BC
Certificate issuer: /CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Certificate serial: 46
Authority key identifier: A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/39E85D245B7F11EE90195D7C4AD9E6FC.roa
Signing time: Mon 25 Sep 2023 08:40:49 +0000
ROA not before: Mon 25 Sep 2023 08:40:45 +0000
ROA not after: Sat 31 Dec 2033 08:40:45 +0000
asID: 61266
IP address blocks: 2c0f:eb00:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.mft
rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Jun 2024 00:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70 (0x46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Validity
Not Before: Sep 25 08:40:45 2023 GMT
Not After : Dec 31 08:40:45 2033 GMT
Subject: CN=65114790-bfe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:4c:01:ad:90:ca:fc:45:97:65:e7:5c:7d:
db:e4:c4:cd:9b:06:af:d4:c4:f8:ef:f6:5f:03:85:
fd:68:6e:83:12:1a:32:7a:a9:d7:1b:6c:ee:0b:86:
fe:92:e6:73:52:6f:14:7d:b6:b2:d8:1a:39:8f:7a:
a9:d1:42:07:80:68:e5:27:2b:7e:c9:3c:ee:63:ff:
fc:24:b3:8a:01:82:d5:be:7f:52:6c:ec:a2:68:c8:
88:7f:d8:ee:23:cc:d6:df:65:82:d5:18:80:6f:98:
47:c5:a3:22:3c:10:2c:99:b9:cb:eb:19:aa:77:49:
5e:8e:e1:d8:26:29:1e:86:3f:2d:8d:76:20:39:3e:
a8:2b:db:d4:7e:6a:57:15:22:07:c9:60:d3:aa:cc:
26:da:7d:20:77:8e:57:22:3a:b5:5f:db:02:f6:5f:
53:44:7c:76:1b:c1:15:c9:85:a0:cf:e2:ef:32:ea:
7d:c1:d4:cc:9f:69:de:48:51:94:79:36:32:18:99:
bc:79:85:09:2f:f2:ea:9c:b7:a7:3c:7f:ca:c9:01:
64:05:59:41:22:9e:e9:92:bc:be:e9:55:b4:db:c1:
4d:e2:e1:20:d6:ed:c5:03:bb:c0:82:ed:ef:b9:f0:
af:82:4c:50:8f:7c:84:84:60:d8:09:14:bb:fb:fc:
45:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:57:7B:EF:34:C9:DE:92:10:D3:86:66:6C:60:D0:2C:1E:83:AF:BC
X509v3 Authority Key Identifier:
keyid:A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/39E85D245B7F11EE90195D7C4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:eb00:100::/40
Signature Algorithm: sha256WithRSAEncryption
99:ce:ff:0d:33:e2:3a:9a:3f:13:9b:b8:29:d2:9c:62:e4:98:
f3:ec:d5:93:fa:9c:20:89:17:83:9a:5b:5e:bb:f7:91:27:97:
05:d6:4a:c7:14:6b:d7:3d:1a:d2:38:e6:30:85:aa:38:60:e3:
1c:46:72:ff:77:f3:7e:17:10:d6:7a:41:af:c0:e7:32:96:0a:
ad:0c:21:4f:c1:fe:cd:db:6e:e4:74:5d:f0:b0:86:48:1d:5c:
a9:10:75:ca:88:7a:17:30:47:34:83:65:10:c4:f2:a4:fd:36:
95:1a:9e:2e:6a:52:f2:a6:22:8e:53:af:73:f3:59:f7:b3:71:
ed:ab:62:6c:69:7b:08:9d:f5:9b:8c:d9:71:df:f4:56:34:66:
49:e3:d9:8b:96:22:7d:0d:32:d9:c9:4b:59:35:d3:5e:d2:38:
a6:16:55:b1:a9:e2:57:ed:74:cb:ad:e2:6c:b2:62:7b:17:5d:
06:e9:c6:87:7c:05:35:ef:ae:95:7b:7f:9f:bb:e4:1f:a0:70:
87:df:c8:e7:69:b0:84:45:32:02:b0:7e:8e:3e:52:4e:1b:6d:
ba:5b:53:46:9f:30:53:62:f5:53:45:d3:04:b9:17:5d:17:0c:
f6:2b:6d:62:37:69:c0:16:9a:96:10:32:75:a7:ad:ad:70:c0:
ce:ad:2b:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBRjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
OENGRUFGMTEwLwYDVQQFEyhBOEVGOTYwNTE0RTMzNjQ0NEQzQ0RFMzdCMjRCNjZE
QzM5RDQzRDFCMB4XDTIzMDkyNTA4NDA0NVoXDTMzMTIzMTA4NDA0NVowGDEWMBQG
A1UEAxMNNjUxMTQ3OTAtYmZlODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALf7TAGtkMr8RZdl51x92+TEzZsGr9TE+O/2XwOF/WhugxIaMnqp1xts7guG
/pLmc1JvFH22stgaOY96qdFCB4Bo5Scrfsk87mP//CSzigGC1b5/UmzsomjIiH/Y
7iPM1t9lgtUYgG+YR8WjIjwQLJm5y+sZqndJXo7h2CYpHoY/LY12IDk+qCvb1H5q
VxUiB8lg06rMJtp9IHeOVyI6tV/bAvZfU0R8dhvBFcmFoM/i7zLqfcHUzJ9p3khR
lHk2MhiZvHmFCS/y6py3pzx/yskBZAVZQSKe6ZK8vulVtNvBTeLhINbtxQO7wILt
77nwr4JMUI98hIRg2AkUu/v8ReUCAwEAAaOCAqcwggKjMB0GA1UdDgQWBBSgV3vv
NMnekhDThmZsYNAsHoOvvDAfBgNVHSMEGDAWgBSo75YFFOM2RE083jeyS2bcOdQ9
GzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFEOUU2RkMvcU8tV0JS
VGpOa1JOUE40M3NrdG0zRG5VUFJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcU8tV0JSVGpOa1JOUE40M3NrdG0zRG5VUFJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFE
OUU2RkMvMzlFODVEMjQ1QjdGMTFFRTkwMTk1RDdDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACwP6wABMA0GCSqGSIb3DQEB
CwUAA4IBAQCZzv8NM+I6mj8Tm7gp0pxi5Jjz7NWT+pwgiReDmlteu/eRJ5cF1krH
FGvXPRrSOOYwhao4YOMcRnL/d/N+FxDWekGvwOcylgqtDCFPwf7N227kdF3wsIZI
HVypEHXKiHoXMEc0g2UQxPKk/TaVGp4ualLypiKOU69z81n3s3Htq2JsaXsInfWb
jNlx3/RWNGZJ49mLliJ9DTLZyUtZNdNe0jimFlWxqeJX7XTLreJssmJ7F10G6caH
fAU1766Ve3+fu+QfoHCH38jnabCERTICsH6OPlJOG226W1NGnzBTYvVTRdMEuRdd
Fwz2K21iN2nAFpqWEDJ1p62tcMDOrSt5
-----END CERTIFICATE-----
Generated at Sun Jun 2 03:35:34 2024 by rpki-client on console-fra.rpki-client.org