Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/D6AA10E05B7E11EE9B32467A4AD9E6FC.roa
File: D6AA10E05B7E11EE9B32467A4AD9E6FC.roa (raw, json)
Hash identifier: RAafA0ML5VlgZ60Y1uxp4EowWyBnwvs0LOD/pOddd5E=
Subject key identifier: ED:4D:E2:82:0C:CB:BE:3F:A2:F3:CE:5C:7A:82:2E:82:C9:73:58:CE
Certificate issuer: /CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Certificate serial: 40
Authority key identifier: A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/D6AA10E05B7E11EE9B32467A4AD9E6FC.roa
Signing time: Mon 25 Sep 2023 08:38:02 +0000
ROA not before: Mon 25 Sep 2023 08:37:59 +0000
ROA not after: Sat 31 Dec 2033 08:37:59 +0000
asID: 61266
IP address blocks: 2c0f:eb00:600::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.mft
rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Validity
Not Before: Sep 25 08:37:59 2023 GMT
Not After : Dec 31 08:37:59 2033 GMT
Subject: CN=651146ea-61c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:10:96:9f:af:dc:cb:80:dd:cf:20:8c:bb:6e:
42:fd:a5:9d:ea:fb:c9:b3:b6:af:19:3f:20:7c:de:
ae:c7:7d:e3:ac:4c:28:3d:58:c7:b7:cc:e2:50:56:
97:5a:53:f7:d9:9f:c2:45:b0:9b:13:72:be:8d:73:
2c:9e:87:7c:0e:57:d9:42:f4:da:ed:ef:09:ce:46:
ce:13:62:ee:d9:b8:a5:fa:34:0a:da:4a:08:d1:b9:
2d:98:b3:4a:c1:74:34:f3:43:cd:fe:48:a0:94:bd:
33:fa:e3:47:06:6d:5f:ec:34:9d:95:5d:ab:f3:f8:
fe:4d:2c:ec:a8:ee:d4:95:1e:83:9a:4c:7a:29:97:
d1:75:b7:d0:89:14:0f:d5:ba:be:1f:e2:a4:41:16:
2d:b8:52:d5:94:07:3d:b8:b1:50:86:b8:9a:a2:02:
89:8f:55:1a:48:95:71:19:7c:57:19:dc:0d:16:ed:
16:62:8b:df:fb:8a:d6:91:67:8a:af:9b:54:9a:c9:
12:ea:c3:6f:d7:7a:3b:ed:eb:65:b8:4a:b4:79:69:
f3:3e:e7:d5:12:b1:8f:1b:a3:5f:99:6f:b6:91:81:
27:4a:31:49:a4:64:35:30:0e:fe:78:1c:e6:4a:2c:
9b:79:2e:99:74:e5:53:82:21:88:9e:40:64:e3:b7:
36:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:4D:E2:82:0C:CB:BE:3F:A2:F3:CE:5C:7A:82:2E:82:C9:73:58:CE
X509v3 Authority Key Identifier:
keyid:A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/D6AA10E05B7E11EE9B32467A4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:eb00:600::/40
Signature Algorithm: sha256WithRSAEncryption
5e:a3:f2:85:73:b2:1c:29:18:b4:92:87:3e:49:71:76:f1:a4:
9a:25:80:1e:c6:26:51:0a:19:98:0d:d7:61:9f:66:10:7a:3b:
69:4f:47:76:49:02:2e:11:68:a1:38:86:0a:d4:5a:76:1e:15:
dc:24:11:4f:3d:6f:6c:51:e2:68:79:92:c8:b7:c6:09:ba:09:
66:b8:b5:97:62:0d:36:08:11:0a:fc:3e:94:8c:be:78:7e:03:
a2:23:cf:d8:f4:5d:0d:dd:92:5a:5d:b4:e7:12:18:72:d4:c1:
07:19:65:9f:d9:12:3c:69:d4:00:62:1a:86:54:27:6f:51:19:
60:37:1d:5e:e5:35:72:e8:a1:c4:3f:8a:7d:70:66:64:1e:5f:
4f:4c:14:e6:01:41:5e:aa:6c:50:e6:db:17:28:48:c5:ec:10:
df:c9:7a:7d:2a:5e:60:4e:0d:3a:89:c9:6f:4b:12:f4:a2:0a:
a4:6b:1b:d1:c9:a5:9c:ba:6b:a6:be:12:9d:9a:af:8b:e5:71:
46:2d:03:fc:47:9b:3b:50:b6:c5:22:9a:da:a1:b4:b3:3e:cb:
72:e4:64:b6:8f:9a:c9:da:9f:2c:e7:9d:81:6f:1e:ef:4e:23:
11:f8:7e:6c:1a:33:38:63:85:c0:42:ef:6c:51:8e:89:3b:9e:
b1:e6:1c:fc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBQDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
OENGRUFGMTEwLwYDVQQFEyhBOEVGOTYwNTE0RTMzNjQ0NEQzQ0RFMzdCMjRCNjZE
QzM5RDQzRDFCMB4XDTIzMDkyNTA4Mzc1OVoXDTMzMTIzMTA4Mzc1OVowGDEWMBQG
A1UEAxMNNjUxMTQ2ZWEtNjFjODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMQlp+v3MuA3c8gjLtuQv2lner7ybO2rxk/IHzersd946xMKD1Yx7fM4lBW
l1pT99mfwkWwmxNyvo1zLJ6HfA5X2UL02u3vCc5GzhNi7tm4pfo0CtpKCNG5LZiz
SsF0NPNDzf5IoJS9M/rjRwZtX+w0nZVdq/P4/k0s7Kju1JUeg5pMeimX0XW30IkU
D9W6vh/ipEEWLbhS1ZQHPbixUIa4mqICiY9VGkiVcRl8VxncDRbtFmKL3/uK1pFn
iq+bVJrJEurDb9d6O+3rZbhKtHlp8z7n1RKxjxujX5lvtpGBJ0oxSaRkNTAO/ngc
5kosm3kumXTlU4IhiJ5AZOO3NgECAwEAAaOCAqcwggKjMB0GA1UdDgQWBBTtTeKC
DMu+P6Lzzlx6gi6CyXNYzjAfBgNVHSMEGDAWgBSo75YFFOM2RE083jeyS2bcOdQ9
GzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFEOUU2RkMvcU8tV0JS
VGpOa1JOUE40M3NrdG0zRG5VUFJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcU8tV0JSVGpOa1JOUE40M3NrdG0zRG5VUFJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFE
OUU2RkMvRDZBQTEwRTA1QjdFMTFFRTlCMzI0NjdBNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACwP6wAGMA0GCSqGSIb3DQEB
CwUAA4IBAQBeo/KFc7IcKRi0koc+SXF28aSaJYAexiZRChmYDddhn2YQejtpT0d2
SQIuEWihOIYK1Fp2HhXcJBFPPW9sUeJoeZLIt8YJuglmuLWXYg02CBEK/D6UjL54
fgOiI8/Y9F0N3ZJaXbTnEhhy1MEHGWWf2RI8adQAYhqGVCdvURlgNx1e5TVy6KHE
P4p9cGZkHl9PTBTmAUFeqmxQ5tsXKEjF7BDfyXp9Kl5gTg06iclvSxL0ogqkaxvR
yaWcumumvhKdmq+L5XFGLQP8R5s7ULbFIpraobSzPsty5GS2j5rJ2p8s552Bbx7v
TiMR+H5sGjM4Y4XAQu9sUY6JO56x5hz8
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:55 2024 by rpki-client on console-fra.rpki-client.org