Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/5A3685F85B7D11EEB4B9A0754AD9E6FC.roa
File: 5A3685F85B7D11EEB4B9A0754AD9E6FC.roa (raw, json)
Hash identifier: hua4m2v20w0RdcluLq3SvMVi3aYeRg47OfgA9wTRs3E=
Subject key identifier: 2C:B7:47:0B:FE:CB:77:53:7D:E5:46:E4:20:3F:54:79:7E:10:81:3E
Certificate issuer: /CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Certificate serial: 30
Authority key identifier: A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/5A3685F85B7D11EEB4B9A0754AD9E6FC.roa
Signing time: Mon 25 Sep 2023 08:27:24 +0000
ROA not before: Mon 25 Sep 2023 08:27:20 +0000
ROA not after: Sat 31 Dec 2033 08:27:20 +0000
asID: 327889
IP address blocks: 2c0f:f4b8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.mft
rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48 (0x30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Validity
Not Before: Sep 25 08:27:20 2023 GMT
Not After : Dec 31 08:27:20 2033 GMT
Subject: CN=6511446c-362c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f6:07:9e:78:7d:09:73:f2:57:c8:dc:c6:15:
20:d3:f1:16:00:2c:90:0c:ed:4c:86:42:ca:f4:54:
e8:c3:9a:f7:ab:f6:09:60:3e:46:1e:34:4c:f6:b4:
74:9a:87:65:9c:2e:c1:0d:14:86:0b:87:ed:f5:ff:
29:c3:a1:9f:a3:90:4b:17:51:26:f5:96:9f:16:a5:
45:9d:e3:a6:12:da:81:58:05:4b:34:3c:98:f7:44:
a1:3f:dd:cd:6d:69:e8:c1:fb:ec:c2:f0:45:85:0a:
cb:04:2a:3e:ff:74:48:05:aa:71:41:db:4a:e5:59:
a0:b0:57:24:34:ce:bf:2e:85:7d:f1:bb:ac:42:d4:
f2:a3:6a:2e:a6:4b:d5:79:bb:47:94:fc:21:5e:ef:
1d:32:b2:9b:55:57:3e:06:93:8f:9e:8e:d5:b9:2d:
86:21:74:07:07:85:d5:ef:9e:71:14:aa:79:ba:ee:
03:5d:0a:4d:33:b6:69:69:65:f3:73:0a:95:2c:25:
e8:36:be:da:8e:0d:39:bd:6a:ea:9a:e0:d0:33:af:
b7:d1:55:bc:6b:34:fb:ea:6e:f3:8a:fd:bd:ab:a4:
ca:28:e0:91:dd:04:30:f8:e9:88:76:96:00:cb:a8:
7e:a1:24:b4:0e:8c:59:dd:21:1a:7f:d5:c6:2a:31:
43:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:B7:47:0B:FE:CB:77:53:7D:E5:46:E4:20:3F:54:79:7E:10:81:3E
X509v3 Authority Key Identifier:
keyid:A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/5A3685F85B7D11EEB4B9A0754AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f4b8::/32
Signature Algorithm: sha256WithRSAEncryption
80:fe:58:da:56:e9:5e:f0:67:65:21:a3:3d:3c:65:e6:e8:ec:
9c:5f:30:ba:58:eb:d3:e5:45:c1:95:a7:36:d1:11:a6:fe:57:
e1:ae:68:ca:fb:51:fe:09:16:7b:b0:6b:59:0f:f2:b4:6b:f6:
92:8e:82:00:41:a7:b9:93:76:89:5f:4b:4d:03:03:d8:c1:6c:
91:07:e2:e3:92:55:89:42:d8:40:79:2e:84:03:5a:66:53:81:
14:f9:b4:bc:ad:6b:49:dd:10:8a:d3:3a:f9:b0:6e:b2:10:00:
a5:94:4e:d8:a2:40:c3:05:2a:7d:ad:40:e8:b1:91:50:18:97:
b8:df:30:a9:e9:a7:fe:e8:a1:76:60:af:2d:d0:1c:20:d4:25:
30:d9:cd:9e:e2:c3:6c:70:a1:dc:7f:4c:e8:2a:d8:35:89:59:
e0:85:03:90:76:ad:a9:2b:e5:d6:ec:8a:ce:8d:8c:85:e6:4f:
9c:77:41:7f:78:cb:99:42:2b:01:99:6e:8f:0f:db:bd:4a:20:
16:0f:bb:f7:7c:12:8f:19:16:f1:1f:f0:7d:5b:be:ed:3d:0d:
19:a8:2d:f7:ed:12:24:2f:d9:98:ff:9a:8c:37:f0:a2:30:cd:
75:e5:03:c6:0d:f5:fa:25:77:bf:35:32:2c:74:2c:8c:42:bb:
00:ff:cd:29
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBMDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
OENGRUFGMTEwLwYDVQQFEyhBOEVGOTYwNTE0RTMzNjQ0NEQzQ0RFMzdCMjRCNjZE
QzM5RDQzRDFCMB4XDTIzMDkyNTA4MjcyMFoXDTMzMTIzMTA4MjcyMFowGDEWMBQG
A1UEAxMNNjUxMTQ0NmMtMzYyYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOD2B554fQlz8lfI3MYVINPxFgAskAztTIZCyvRU6MOa96v2CWA+Rh40TPa0
dJqHZZwuwQ0UhguH7fX/KcOhn6OQSxdRJvWWnxalRZ3jphLagVgFSzQ8mPdEoT/d
zW1p6MH77MLwRYUKywQqPv90SAWqcUHbSuVZoLBXJDTOvy6FffG7rELU8qNqLqZL
1Xm7R5T8IV7vHTKym1VXPgaTj56O1bkthiF0BweF1e+ecRSqebruA10KTTO2aWll
83MKlSwl6Da+2o4NOb1q6prg0DOvt9FVvGs0++pu84r9vaukyijgkd0EMPjpiHaW
AMuofqEktA6MWd0hGn/VxioxQykCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQst0cL
/st3U33lRuQgP1R5fhCBPjAfBgNVHSMEGDAWgBSo75YFFOM2RE083jeyS2bcOdQ9
GzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFEOUU2RkMvcU8tV0JS
VGpOa1JOUE40M3NrdG0zRG5VUFJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcU8tV0JSVGpOa1JOUE40M3NrdG0zRG5VUFJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFE
OUU2RkMvNUEzNjg1Rjg1QjdEMTFFRUI0QjlBMDc1NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP9LgwDQYJKoZIhvcNAQEL
BQADggEBAID+WNpW6V7wZ2Uhoz08Zebo7JxfMLpY69PlRcGVpzbREab+V+GuaMr7
Uf4JFnuwa1kP8rRr9pKOggBBp7mTdolfS00DA9jBbJEH4uOSVYlC2EB5LoQDWmZT
gRT5tLyta0ndEIrTOvmwbrIQAKWUTtiiQMMFKn2tQOixkVAYl7jfMKnpp/7ooXZg
ry3QHCDUJTDZzZ7iw2xwodx/TOgq2DWJWeCFA5B2rakr5dbsis6NjIXmT5x3QX94
y5lCKwGZbo8P271KIBYPu/d8Eo8ZFvEf8H1bvu09DRmoLfftEiQv2Zj/mow38KIw
zXXlA8YN9fold781Mix0LIxCuwD/zSk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:55 2024 by rpki-client on console-fra.rpki-client.org