Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/9389DEB25B7E11EE85FB5A794AD9E6FC.roa
File: 9389DEB25B7E11EE85FB5A794AD9E6FC.roa (raw, json)
Hash identifier: saW9gDDU1fU/ss5E5QByOp+7T1wbc1vVgpJ7XS+gk+s=
Subject key identifier: EF:5E:45:C2:DE:71:01:4B:E8:82:4B:C8:18:A8:6A:50:BC:92:FE:4E
Certificate issuer: /CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Certificate serial: 3C
Authority key identifier: A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/9389DEB25B7E11EE85FB5A794AD9E6FC.roa
Signing time: Mon 25 Sep 2023 08:36:10 +0000
ROA not before: Mon 25 Sep 2023 08:36:06 +0000
ROA not after: Sat 31 Dec 2033 08:36:06 +0000
asID: 61266
IP address blocks: 2c0f:eb00:900::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.mft
rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60 (0x3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Validity
Not Before: Sep 25 08:36:06 2023 GMT
Not After : Dec 31 08:36:06 2033 GMT
Subject: CN=65114679-c1d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:d7:1d:ac:d3:21:ea:a7:82:ba:90:82:92:
b6:76:52:45:49:8b:a8:8b:ff:ab:f5:8a:3d:3c:d1:
1c:d7:c6:80:21:5a:3a:6e:f1:29:27:47:aa:ba:52:
d1:64:75:a1:cc:a4:03:f5:4a:36:bb:62:c2:77:01:
5b:13:6d:c4:35:fd:32:46:9b:b1:79:10:41:b3:74:
df:c3:c1:72:91:f6:c9:50:ac:1f:a8:6a:7a:cc:7c:
bb:0d:ce:2d:98:21:26:b4:b7:33:b8:b3:42:3d:18:
89:85:ac:24:94:f4:b3:6c:34:db:2f:9a:46:67:94:
ea:d1:38:3b:76:57:2a:c4:58:1c:08:ea:89:d1:c1:
c5:b9:9b:fa:4a:5c:16:2b:ac:f8:c7:5d:d8:ee:af:
f1:10:c2:25:c8:ed:25:9e:6d:2d:28:ad:fd:5b:7c:
1d:5f:9d:8a:b3:62:a4:67:8a:28:e8:6b:e0:65:7f:
f7:61:96:95:92:46:51:dd:57:5b:52:64:c9:08:a9:
af:a3:5c:9f:86:23:78:3b:26:36:61:43:72:4a:b7:
28:21:85:41:f4:4e:23:1e:93:73:64:68:e4:6d:49:
08:8e:5d:2c:d1:6f:c3:a8:5c:8c:1b:e3:08:4d:b4:
89:ee:e8:ed:e9:5c:6f:ec:6c:1e:dd:c2:26:e4:0e:
05:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:5E:45:C2:DE:71:01:4B:E8:82:4B:C8:18:A8:6A:50:BC:92:FE:4E
X509v3 Authority Key Identifier:
keyid:A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/9389DEB25B7E11EE85FB5A794AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:eb00:900::/40
Signature Algorithm: sha256WithRSAEncryption
44:db:58:d6:d2:6e:64:79:54:7f:03:65:93:c1:53:0e:c5:99:
b8:03:2d:41:42:62:eb:ed:96:d0:06:8e:90:90:98:98:49:ad:
cd:17:e7:68:63:79:d2:6a:e0:55:3a:89:31:fe:ce:05:04:4e:
1c:e3:8c:c1:0e:9e:5e:2d:b5:ff:db:f0:67:c1:af:1d:0b:1d:
ed:77:90:5a:ac:5f:6f:40:31:8f:74:2f:52:63:4a:cc:77:75:
05:0b:53:70:ce:90:ba:62:ad:af:9e:19:1b:09:e7:eb:62:c3:
fd:c1:33:e0:01:cd:0b:cd:74:0e:33:b2:bb:df:39:d7:a1:6e:
92:69:9d:2c:ce:a0:a3:60:4e:5a:16:66:b1:ad:89:36:6c:9b:
82:a1:80:0c:51:28:6d:4d:89:42:36:db:d5:87:57:54:80:9e:
3a:2a:52:f1:57:82:98:a3:47:c0:9d:b0:34:c1:f5:6f:3a:1a:
ae:3b:ea:4a:08:e8:f1:00:00:08:c3:f0:e0:08:a9:c5:a5:27:
88:28:07:d8:f4:ec:17:88:88:3e:30:11:8e:ec:6a:25:74:df:
65:b1:cf:ff:85:84:f9:9d:d5:02:a0:04:fc:aa:29:2c:cc:f7:
61:4c:27:80:65:e2:93:2f:ba:5f:f6:b9:75:94:20:1e:20:40:
ed:ed:5a:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBPDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
OENGRUFGMTEwLwYDVQQFEyhBOEVGOTYwNTE0RTMzNjQ0NEQzQ0RFMzdCMjRCNjZE
QzM5RDQzRDFCMB4XDTIzMDkyNTA4MzYwNloXDTMzMTIzMTA4MzYwNlowGDEWMBQG
A1UEAxMNNjUxMTQ2NzktYzFkMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRR1x2s0yHqp4K6kIKStnZSRUmLqIv/q/WKPTzRHNfGgCFaOm7xKSdHqrpS
0WR1ocykA/VKNrtiwncBWxNtxDX9MkabsXkQQbN038PBcpH2yVCsH6hqesx8uw3O
LZghJrS3M7izQj0YiYWsJJT0s2w02y+aRmeU6tE4O3ZXKsRYHAjqidHBxbmb+kpc
Fius+Mdd2O6v8RDCJcjtJZ5tLSit/Vt8HV+dirNipGeKKOhr4GV/92GWlZJGUd1X
W1JkyQipr6Ncn4YjeDsmNmFDckq3KCGFQfROIx6Tc2Ro5G1JCI5dLNFvw6hcjBvj
CE20ie7o7elcb+xsHt3CJuQOBQ0CAwEAAaOCAqcwggKjMB0GA1UdDgQWBBTvXkXC
3nEBS+iCS8gYqGpQvJL+TjAfBgNVHSMEGDAWgBSo75YFFOM2RE083jeyS2bcOdQ9
GzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFEOUU2RkMvcU8tV0JS
VGpOa1JOUE40M3NrdG0zRG5VUFJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcU8tV0JSVGpOa1JOUE40M3NrdG0zRG5VUFJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFE
OUU2RkMvOTM4OURFQjI1QjdFMTFFRTg1RkI1QTc5NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACwP6wAJMA0GCSqGSIb3DQEB
CwUAA4IBAQBE21jW0m5keVR/A2WTwVMOxZm4Ay1BQmLr7ZbQBo6QkJiYSa3NF+do
Y3nSauBVOokx/s4FBE4c44zBDp5eLbX/2/Bnwa8dCx3td5BarF9vQDGPdC9SY0rM
d3UFC1NwzpC6Yq2vnhkbCefrYsP9wTPgAc0LzXQOM7K73znXoW6SaZ0szqCjYE5a
FmaxrYk2bJuCoYAMUShtTYlCNtvVh1dUgJ46KlLxV4KYo0fAnbA0wfVvOhquO+pK
COjxAAAIw/DgCKnFpSeIKAfY9OwXiIg+MBGO7GoldN9lsc//hYT5ndUCoAT8qiks
zPdhTCeAZeKTL7pf9rl1lCAeIEDt7Vpo
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:55 2024 by rpki-client on console-fra.rpki-client.org