Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A3F9E/CFD8C1C01B8A11ECB488356ED8A014CE/3CC373A0D18D11EFB9A08393762E951A.roa
File: 3CC373A0D18D11EFB9A08393762E951A.roa (raw, json)
Hash identifier: J/XCADMjL9YV56WDi2ZZxp5RHEw9w+Slr4XdI+atiNA=
Subject key identifier: 81:FA:FB:EF:E5:35:82:DB:2C:AA:AF:60:29:B8:58:94:9E:B7:D9:4A
Certificate issuer: /CN=F36A3F9EAF/serialNumber=5BC6CA62D6DD6EF49DA13E747EC1076DDD4F4AB6
Certificate serial: 04E0
Authority key identifier: 5B:C6:CA:62:D6:DD:6E:F4:9D:A1:3E:74:7E:C1:07:6D:DD:4F:4A:B6
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/W8bKYtbdbvSdoT50fsEHbd1PSrY.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A3F9E/CFD8C1C01B8A11ECB488356ED8A014CE/3CC373A0D18D11EFB9A08393762E951A.roa
Signing time: Mon 13 Jan 2025 09:03:21 +0000
ROA not before: Mon 13 Jan 2025 09:03:18 +0000
ROA not after: Mon 01 Jan 2035 09:03:18 +0000
asID: 60171
IP address blocks: 2c0f:43c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A3F9E/CFD8C1C01B8A11ECB488356ED8A014CE/W8bKYtbdbvSdoT50fsEHbd1PSrY.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A3F9E/CFD8C1C01B8A11ECB488356ED8A014CE/W8bKYtbdbvSdoT50fsEHbd1PSrY.mft
rsync://rpki.afrinic.net/repository/afrinic/W8bKYtbdbvSdoT50fsEHbd1PSrY.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1248 (0x4e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A3F9EAF
Validity
Not Before: Jan 13 09:03:18 2025 GMT
Not After : Jan 1 09:03:18 2035 GMT
Subject: CN=6784d6d9-9373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5a:bf:7e:e1:e5:11:ef:6a:62:a1:ee:4d:aa:
24:61:ba:ec:00:5b:39:3e:91:d8:67:6e:6c:71:eb:
49:98:fc:91:a1:ae:d2:88:3d:f8:48:55:1b:66:d9:
14:3b:5d:a3:bc:56:ca:62:e1:cc:b0:5b:fd:6c:3e:
2e:b8:8c:09:42:bb:ee:95:09:57:d2:15:58:76:dd:
13:10:58:17:3f:e6:4f:2a:8b:dd:99:56:7f:82:3b:
19:50:a5:d7:99:c2:2a:cb:d5:aa:86:f9:a4:0f:82:
89:15:b7:ec:44:80:6c:79:65:3d:5c:e6:d7:39:4c:
c9:2b:55:d9:60:46:e1:c1:75:0a:01:ea:aa:90:92:
3f:5d:9b:ad:3d:87:88:5f:97:1c:f0:9f:36:31:23:
e6:89:34:1c:89:70:1b:bc:9f:1b:3a:b6:55:09:4c:
af:f3:6f:82:d9:df:ef:c8:7f:1a:45:57:c5:10:f7:
c1:9c:73:41:59:cd:07:21:a5:2f:55:65:52:34:8a:
54:e4:ae:08:13:9d:ff:2b:9e:78:94:f9:02:f8:87:
d7:29:b4:db:5f:c5:e1:38:35:79:5d:c2:ff:3a:92:
45:8c:18:fc:8f:17:9c:66:eb:b4:d2:a9:6c:37:fa:
82:6c:d9:c5:10:3c:61:fd:35:f2:ac:a5:ab:66:a6:
fe:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FA:FB:EF:E5:35:82:DB:2C:AA:AF:60:29:B8:58:94:9E:B7:D9:4A
X509v3 Authority Key Identifier:
keyid:5B:C6:CA:62:D6:DD:6E:F4:9D:A1:3E:74:7E:C1:07:6D:DD:4F:4A:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A3F9E/CFD8C1C01B8A11ECB488356ED8A014CE/W8bKYtbdbvSdoT50fsEHbd1PSrY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/W8bKYtbdbvSdoT50fsEHbd1PSrY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A3F9E/CFD8C1C01B8A11ECB488356ED8A014CE/3CC373A0D18D11EFB9A08393762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:43c0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:a1:c5:a8:08:80:25:e8:51:e6:0e:88:7f:91:81:00:10:ac:
de:8d:b0:00:fa:82:41:c0:22:7a:e4:ba:b6:20:98:40:3c:4a:
64:fa:f3:f7:27:b2:48:60:4e:c3:ea:3f:49:6b:df:de:f3:84:
69:9a:6b:a8:10:1f:b7:84:9e:cb:c2:d0:b4:23:41:6b:24:53:
37:a8:8d:8b:84:a3:9c:75:ef:b0:41:37:de:1f:2d:54:86:bc:
a1:15:ea:d4:3c:dc:8f:4b:64:69:25:ac:62:d1:3c:d6:1a:2c:
21:8e:88:fd:29:f4:95:02:05:7e:0e:d6:02:ad:f8:15:32:eb:
09:ee:65:f6:d4:b0:af:b2:03:0e:f9:91:17:68:00:31:c9:b2:
08:51:e9:d9:a0:be:76:38:71:23:61:f8:4a:93:2a:e5:64:f8:
b6:31:e5:10:2c:9d:a6:41:44:87:5b:8d:95:3a:0c:6c:9d:eb:
72:1f:f9:b7:3c:ec:2f:f2:6b:25:05:1c:23:d6:c5:bd:75:1a:
73:f5:04:2a:27:f5:40:22:16:12:13:e7:c2:24:f2:79:4c:79:
f8:1c:ea:5d:9c:c5:51:ec:0e:b5:89:e8:70:82:05:9e:e3:4c:
54:50:cc:73:ca:85:c2:e4:c5:35:4e:e5:b7:0d:85:d2:83:75:
f8:72:98:52
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBOAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTNGOUVBRjExMC8GA1UEBRMoNUJDNkNBNjJENkRENkVGNDlEQTEzRTc0N0VDMTA3
NkRERDRGNEFCNjAeFw0yNTAxMTMwOTAzMThaFw0zNTAxMDEwOTAzMThaMBgxFjAU
BgNVBAMTDTY3ODRkNmQ5LTkzNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsWr9+4eUR72pioe5NqiRhuuwAWzk+kdhnbmxx60mY/JGhrtKIPfhIVRtm
2RQ7XaO8Vspi4cywW/1sPi64jAlCu+6VCVfSFVh23RMQWBc/5k8qi92ZVn+COxlQ
pdeZwirL1aqG+aQPgokVt+xEgGx5ZT1c5tc5TMkrVdlgRuHBdQoB6qqQkj9dm609
h4hflxzwnzYxI+aJNByJcBu8nxs6tlUJTK/zb4LZ3+/IfxpFV8UQ98Gcc0FZzQch
pS9VZVI0ilTkrggTnf8rnniU+QL4h9cptNtfxeE4NXldwv86kkWMGPyPF5xm67TS
qWw3+oJs2cUQPGH9NfKspatmpv4zAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUgfr7
7+U1gtssqq9gKbhYlJ632UowHwYDVR0jBBgwFoAUW8bKYtbdbvSdoT50fsEHbd1P
SrYwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkEzRjlFL0NGRDhDMUMwMUI4QTExRUNCNDg4MzU2RUQ4QTAxNENFL1c4YktZ
dGJkYnZTZG9UNTBmc0VIYmQxUFNyWS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1c4YktZdGJkYnZTZG9UNTBmc0VIYmQxUFNyWS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkEzRjlFL0NGRDhDMUMwMUI4QTExRUNCNDg4MzU2RUQ4
QTAxNENFLzNDQzM3M0EwRDE4RDExRUZCOUEwODM5Mzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD0PAMA0GCSqGSIb3DQEB
CwUAA4IBAQCMocWoCIAl6FHmDoh/kYEAEKzejbAA+oJBwCJ65Lq2IJhAPEpk+vP3
J7JIYE7D6j9Ja9/e84RpmmuoEB+3hJ7LwtC0I0FrJFM3qI2LhKOcde+wQTfeHy1U
hryhFerUPNyPS2RpJaxi0TzWGiwhjoj9KfSVAgV+DtYCrfgVMusJ7mX21LCvsgMO
+ZEXaAAxybIIUenZoL52OHEjYfhKkyrlZPi2MeUQLJ2mQUSHW42VOgxsnetyH/m3
POwv8mslBRwj1sW9dRpz9QQqJ/VAIhYSE+fCJPJ5THn4HOpdnMVR7A61iehwggWe
40xUUMxzyoXC5MU1TuW3DYXSg3X4cphS
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:21 2025 by rpki-client