Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/F1CA4556BF7F11EEBB4826C3775412E6.roa
File: F1CA4556BF7F11EEBB4826C3775412E6.roa (raw, json)
Hash identifier: l40ZqirIPBTx/x+bNutVHtKD07PTBU26d+cCsLpIIBk=
Subject key identifier: F1:00:9C:D2:33:48:4B:EB:F4:19:DE:3A:CD:D6:E8:DE:D5:14:2C:09
Certificate issuer: /CN=F36B0C44AF/serialNumber=49BAE67DFEDE9D9509BB03A7C732DC566166B75A
Certificate serial: 0C
Authority key identifier: 49:BA:E6:7D:FE:DE:9D:95:09:BB:03:A7:C7:32:DC:56:61:66:B7:5A
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/Sbrmff7enZUJuwOnxzLcVmFmt1o.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/F1CA4556BF7F11EEBB4826C3775412E6.roa
Signing time: Tue 30 Jan 2024 14:57:53 +0000
ROA not before: Tue 30 Jan 2024 14:57:50 +0000
ROA not after: Thu 25 Feb 2044 14:57:50 +0000
asID: 37480
IP address blocks: 2c0f:fb98::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/Sbrmff7enZUJuwOnxzLcVmFmt1o.crl
rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/Sbrmff7enZUJuwOnxzLcVmFmt1o.mft
rsync://rpki.afrinic.net/repository/afrinic/Sbrmff7enZUJuwOnxzLcVmFmt1o.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36B0C44AF/serialNumber=49BAE67DFEDE9D9509BB03A7C732DC566166B75A
Validity
Not Before: Jan 30 14:57:50 2024 GMT
Not After : Feb 25 14:57:50 2044 GMT
Subject: CN=65b90e71-2c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e8:03:e1:f0:70:78:a0:78:4d:64:00:24:b3:
f3:f8:89:96:e7:32:4e:11:e0:38:66:d3:fb:2a:78:
9b:1a:70:35:3f:72:cf:82:0b:e0:d4:c3:14:10:cf:
84:c5:59:8b:ba:14:c3:8d:1e:4c:d5:1d:28:37:e9:
23:09:3f:ee:63:bd:db:e3:dd:ea:5d:5f:6c:f4:54:
e6:50:90:50:85:d3:ae:c6:75:56:d8:d3:3a:ab:6b:
eb:fe:88:d4:47:67:74:ac:4b:e6:f8:5e:de:fe:f5:
43:36:af:bc:64:20:48:ea:cf:77:b7:11:98:84:0c:
b9:8a:6b:42:21:3a:6d:d5:7c:73:dc:ce:7a:92:e4:
b6:ba:b9:88:b0:82:98:9c:9e:f2:97:bf:0c:a9:03:
41:7e:6c:dc:21:5a:07:59:fb:02:2a:5b:84:18:51:
63:e6:cd:35:99:3e:99:e9:a9:11:18:b0:de:4f:9a:
24:2a:85:d1:79:9c:1f:01:2a:37:8b:be:af:34:48:
87:c9:06:fc:b0:f1:fc:43:93:20:fe:17:7c:e0:63:
4a:41:f8:a2:94:91:b6:e4:80:fc:c3:94:b9:1d:d5:
b3:bc:8e:c8:7f:70:9f:0f:9c:02:0b:bc:c0:5c:e0:
da:1e:69:20:f0:7e:3b:19:2f:00:11:a8:68:d8:df:
d8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:00:9C:D2:33:48:4B:EB:F4:19:DE:3A:CD:D6:E8:DE:D5:14:2C:09
X509v3 Authority Key Identifier:
keyid:49:BA:E6:7D:FE:DE:9D:95:09:BB:03:A7:C7:32:DC:56:61:66:B7:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/Sbrmff7enZUJuwOnxzLcVmFmt1o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/Sbrmff7enZUJuwOnxzLcVmFmt1o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B0C44/DEB69BA6BF7811EE86CB6CB7775412E6/F1CA4556BF7F11EEBB4826C3775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:fb98::/32
Signature Algorithm: sha256WithRSAEncryption
68:71:7d:9b:24:09:f5:1a:11:06:e2:5e:3e:27:4e:f5:cd:df:
b3:5a:50:0b:db:d1:73:80:7a:3c:3d:70:2d:21:53:1b:c7:3d:
32:93:e1:72:3b:7b:eb:2a:ce:d8:7d:05:9e:73:e2:b0:b6:31:
41:de:44:0a:8a:d4:fc:fa:35:cf:60:6c:45:23:78:ed:5b:7f:
f7:18:92:a4:85:e1:74:96:99:ff:05:cb:53:c4:8b:6f:bb:1d:
07:28:08:01:06:0d:42:9c:0f:52:d9:38:10:e8:6b:60:6a:63:
7a:80:93:6f:df:9e:94:0a:60:f7:60:56:bf:cf:0b:29:fe:e7:
2c:05:6a:98:92:69:96:8c:67:f5:ce:87:25:2b:4c:c4:79:5e:
55:f9:c8:c7:e5:b2:3e:21:45:87:5b:6f:7d:65:7b:79:0e:25:
94:48:96:2a:03:1a:cf:ef:85:fe:35:30:8f:a4:2a:90:15:d0:
7b:00:7f:e9:ce:37:80:e8:7b:b4:41:70:88:12:5a:d0:8c:87:
18:a1:ec:2b:c7:68:d6:9b:e0:7a:2e:04:d7:bb:e9:87:6b:1a:
39:ec:e4:aa:a0:1d:64:12:42:0d:8a:49:32:43:ae:0b:f7:ee:
4e:08:c6:fe:17:3a:06:5d:e0:da:42:b9:d3:24:b8:71:64:7d:
d6:5e:ba:73
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
MEM0NEFGMTEwLwYDVQQFEyg0OUJBRTY3REZFREU5RDk1MDlCQjAzQTdDNzMyREM1
NjYxNjZCNzVBMB4XDTI0MDEzMDE0NTc1MFoXDTQ0MDIyNTE0NTc1MFowGDEWMBQG
A1UEAxMNNjViOTBlNzEtMmM5NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMToA+HwcHigeE1kACSz8/iJlucyThHgOGbT+yp4mxpwNT9yz4IL4NTDFBDP
hMVZi7oUw40eTNUdKDfpIwk/7mO92+Pd6l1fbPRU5lCQUIXTrsZ1VtjTOqtr6/6I
1EdndKxL5vhe3v71QzavvGQgSOrPd7cRmIQMuYprQiE6bdV8c9zOepLktrq5iLCC
mJye8pe/DKkDQX5s3CFaB1n7AipbhBhRY+bNNZk+mempERiw3k+aJCqF0XmcHwEq
N4u+rzRIh8kG/LDx/EOTIP4XfOBjSkH4opSRtuSA/MOUuR3Vs7yOyH9wnw+cAgu8
wFzg2h5pIPB+OxkvABGoaNjf2CECAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTxAJzS
M0hL6/QZ3jrN1uje1RQsCTAfBgNVHSMEGDAWgBRJuuZ9/t6dlQm7A6fHMtxWYWa3
WjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QjBDNDQvREVCNjlCQTZCRjc4MTFFRTg2Q0I2Q0I3Nzc1NDEyRTYvU2JybWZm
N2VuWlVKdXdPbnh6TGNWbUZtdDFvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU2JybWZmN2VuWlVKdXdPbnh6TGNWbUZtdDFvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QjBDNDQvREVCNjlCQTZCRjc4MTFFRTg2Q0I2Q0I3Nzc1
NDEyRTYvRjFDQTQ1NTZCRjdGMTFFRUJCNDgyNkMzNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP+5gwDQYJKoZIhvcNAQEL
BQADggEBAGhxfZskCfUaEQbiXj4nTvXN37NaUAvb0XOAejw9cC0hUxvHPTKT4XI7
e+sqzth9BZ5z4rC2MUHeRAqK1Pz6Nc9gbEUjeO1bf/cYkqSF4XSWmf8Fy1PEi2+7
HQcoCAEGDUKcD1LZOBDoa2BqY3qAk2/fnpQKYPdgVr/PCyn+5ywFapiSaZaMZ/XO
hyUrTMR5XlX5yMflsj4hRYdbb31le3kOJZRIlioDGs/vhf41MI+kKpAV0HsAf+nO
N4Doe7RBcIgSWtCMhxih7CvHaNab4HouBNe76YdrGjns5KqgHWQSQg2KSTJDrgv3
7k4Ixv4XOgZd4NpCudMkuHFkfdZeunM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org