Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/F592AE225B7E11EEAAD8A37B4AD9E6FC.roa
File: F592AE225B7E11EEAAD8A37B4AD9E6FC.roa (raw, json)
Hash identifier: H2+/hMWhZrQQ/v+xp+P99me7GUvAhaEZLEIOvuDJ8+o=
Subject key identifier: 17:DC:53:44:7A:4A:92:BF:BC:EB:88:28:55:D9:79:F1:C5:72:6E:02
Certificate issuer: /CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Certificate serial: 42
Authority key identifier: A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/F592AE225B7E11EEAAD8A37B4AD9E6FC.roa
Signing time: Mon 25 Sep 2023 08:38:54 +0000
ROA not before: Mon 25 Sep 2023 08:38:51 +0000
ROA not after: Sat 31 Dec 2033 08:38:51 +0000
asID: 61266
IP address blocks: 2c0f:eb00:500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.mft
rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66 (0x42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3668CFEAF/serialNumber=A8EF960514E336444D3CDE37B24B66DC39D43D1B
Validity
Not Before: Sep 25 08:38:51 2023 GMT
Not After : Dec 31 08:38:51 2033 GMT
Subject: CN=6511471e-e968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:30:aa:b0:be:90:0d:32:d8:44:e0:b6:e2:9e:
8c:69:fe:3b:47:da:13:09:12:40:2e:06:7a:82:23:
b0:08:90:ae:84:9a:36:26:0b:87:b6:40:da:0d:62:
94:c8:e1:c9:f0:e7:f5:cb:83:13:a8:3d:00:56:f0:
fb:aa:3b:6c:c4:3c:9b:44:e0:ec:09:e2:eb:9f:66:
dd:ba:e8:56:1d:f2:7e:32:ef:5e:69:2d:d0:ba:56:
55:ea:71:33:0d:34:66:20:04:c5:05:21:fa:fc:48:
6a:17:d9:7a:f5:a9:34:b2:88:a7:62:51:e1:d3:bc:
5f:c2:09:72:e0:10:4a:f7:f2:19:dc:6d:04:86:8c:
14:90:06:f2:de:f0:c0:e5:da:84:45:34:22:7e:c5:
00:cd:c2:90:f6:21:28:e4:43:3c:74:38:b5:98:eb:
c7:96:3f:d2:0f:8f:0d:81:b5:c0:48:f8:83:68:17:
d9:39:38:96:e5:b8:40:81:fc:34:1a:1c:65:76:9c:
70:a4:60:d4:75:be:d6:1b:89:99:3e:b8:c0:47:af:
3e:e7:67:02:1d:66:96:0b:99:19:50:ca:cb:b0:f8:
2a:d1:65:f9:7a:49:14:af:d5:7c:a8:f4:1e:cd:64:
61:2d:72:ff:08:a1:80:51:73:47:5e:8a:f1:3a:2c:
e4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DC:53:44:7A:4A:92:BF:BC:EB:88:28:55:D9:79:F1:C5:72:6E:02
X509v3 Authority Key Identifier:
keyid:A8:EF:96:05:14:E3:36:44:4D:3C:DE:37:B2:4B:66:DC:39:D4:3D:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/qO-WBRTjNkRNPN43sktm3DnUPRs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qO-WBRTjNkRNPN43sktm3DnUPRs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3668CFE/95EFD74C375711EEBB1432184AD9E6FC/F592AE225B7E11EEAAD8A37B4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:eb00:500::/40
Signature Algorithm: sha256WithRSAEncryption
40:21:28:60:d8:17:ac:5e:de:4c:08:92:96:16:d0:d1:82:5d:
60:17:fb:71:23:96:4e:01:c1:f5:40:44:19:b6:84:7b:4a:53:
cb:58:6b:c2:d5:d9:eb:f5:c2:e0:92:e3:aa:0a:42:d4:b8:a9:
fe:58:96:72:b5:d7:32:a4:88:96:1f:9e:4e:0e:60:9f:6e:74:
da:3d:38:47:36:7b:9b:dc:fb:34:cf:7c:f7:4c:fa:22:08:49:
e9:21:7e:d7:ee:cd:b2:bb:c0:e3:9e:f2:ba:8c:e4:aa:bc:31:
6e:24:36:15:46:9e:23:71:ec:73:af:52:a5:a5:92:27:2c:56:
39:e5:f1:d4:22:43:a0:ea:08:ed:06:14:27:59:2a:2d:7a:da:
e0:23:d9:b3:b9:33:5e:19:e6:7f:1e:43:88:67:8a:b7:4a:b6:
df:5b:c8:4e:b3:8a:bf:10:c1:81:26:c8:97:e5:98:79:55:9e:
e7:a3:db:92:79:4a:cb:d1:fa:24:2d:20:84:db:dd:39:38:15:
67:a1:52:3d:07:23:39:dd:fd:77:1f:d3:8e:16:14:3b:ae:7b:
b8:4f:b0:9c:f4:6c:13:59:a2:23:52:db:8d:d3:4f:04:6b:4e:
d8:82:a3:df:eb:6f:4c:6c:c4:97:e2:e3:d6:32:e4:52:eb:2e:
0c:42:7a:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBQjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
OENGRUFGMTEwLwYDVQQFEyhBOEVGOTYwNTE0RTMzNjQ0NEQzQ0RFMzdCMjRCNjZE
QzM5RDQzRDFCMB4XDTIzMDkyNTA4Mzg1MVoXDTMzMTIzMTA4Mzg1MVowGDEWMBQG
A1UEAxMNNjUxMTQ3MWUtZTk2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPAwqrC+kA0y2ETgtuKejGn+O0faEwkSQC4GeoIjsAiQroSaNiYLh7ZA2g1i
lMjhyfDn9cuDE6g9AFbw+6o7bMQ8m0Tg7Ani659m3broVh3yfjLvXmkt0LpWVepx
Mw00ZiAExQUh+vxIahfZevWpNLKIp2JR4dO8X8IJcuAQSvfyGdxtBIaMFJAG8t7w
wOXahEU0In7FAM3CkPYhKORDPHQ4tZjrx5Y/0g+PDYG1wEj4g2gX2Tk4luW4QIH8
NBocZXaccKRg1HW+1huJmT64wEevPudnAh1mlguZGVDKy7D4KtFl+XpJFK/VfKj0
Hs1kYS1y/wihgFFzR16K8Tos5GcCAwEAAaOCAqcwggKjMB0GA1UdDgQWBBQX3FNE
ekqSv7zriChV2XnxxXJuAjAfBgNVHSMEGDAWgBSo75YFFOM2RE083jeyS2bcOdQ9
GzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFEOUU2RkMvcU8tV0JS
VGpOa1JOUE40M3NrdG0zRG5VUFJzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcU8tV0JSVGpOa1JOUE40M3NrdG0zRG5VUFJzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjhDRkUvOTVFRkQ3NEMzNzU3MTFFRUJCMTQzMjE4NEFE
OUU2RkMvRjU5MkFFMjI1QjdFMTFFRUFBRDhBMzdCNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACwP6wAFMA0GCSqGSIb3DQEB
CwUAA4IBAQBAIShg2BesXt5MCJKWFtDRgl1gF/txI5ZOAcH1QEQZtoR7SlPLWGvC
1dnr9cLgkuOqCkLUuKn+WJZytdcypIiWH55ODmCfbnTaPThHNnub3Ps0z3z3TPoi
CEnpIX7X7s2yu8DjnvK6jOSqvDFuJDYVRp4jcexzr1KlpZInLFY55fHUIkOg6gjt
BhQnWSotetrgI9mzuTNeGeZ/HkOIZ4q3SrbfW8hOs4q/EMGBJsiX5Zh5VZ7no9uS
eUrL0fokLSCE2905OBVnoVI9ByM53f13H9OOFhQ7rnu4T7Cc9GwTWaIjUtuN008E
a07YgqPf629MbMSX4uPWMuRS6y4MQnp0
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org