Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C8371/EC0AE8747AFA11E988A3C33CF8AEA228/5485B674E05C11E99BDD7B68F8AEA228.roa
File: 5485B674E05C11E99BDD7B68F8AEA228.roa (raw, json)
Hash identifier: GMxARkVgSAjZjYciaY2xlI4ghs0CTnwbWi22fUmnqGI=
Subject key identifier: 9F:7E:D0:B1:28:4E:91:5D:7D:2C:C3:DC:FA:24:B4:06:99:69:79:DC
Certificate issuer: /CN=F36C8371AF/serialNumber=7B965B64C3E724B93FC00B186E15E35CED535DC7
Certificate serial: 96
Authority key identifier: 7B:96:5B:64:C3:E7:24:B9:3F:C0:0B:18:6E:15:E3:5C:ED:53:5D:C7
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/e5ZbZMPnJLk_wAsYbhXjXO1TXcc.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C8371/EC0AE8747AFA11E988A3C33CF8AEA228/5485B674E05C11E99BDD7B68F8AEA228.roa
Signing time: Thu 26 Sep 2019 12:51:17 +0000
ROA not before: Thu 26 Sep 2019 12:51:13 +0000
ROA not after: Thu 26 Sep 2024 12:51:13 +0000
asID: 327804
IP address blocks: 2c0f:f050::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C8371/EC0AE8747AFA11E988A3C33CF8AEA228/e5ZbZMPnJLk_wAsYbhXjXO1TXcc.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C8371/EC0AE8747AFA11E988A3C33CF8AEA228/e5ZbZMPnJLk_wAsYbhXjXO1TXcc.mft
rsync://rpki.afrinic.net/repository/afrinic/e5ZbZMPnJLk_wAsYbhXjXO1TXcc.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 26 May 2024 00:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150 (0x96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C8371AF/serialNumber=7B965B64C3E724B93FC00B186E15E35CED535DC7
Validity
Not Before: Sep 26 12:51:13 2019 GMT
Not After : Sep 26 12:51:13 2024 GMT
Subject: CN=5d8cb445-77e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ae:96:bf:36:e3:ee:67:a4:e5:85:16:95:43:
a4:d8:8a:a3:a1:a2:80:60:10:d7:7b:4c:24:4c:a3:
28:09:31:c8:55:a6:73:ce:36:37:d1:60:f3:5d:58:
7a:37:bf:d3:6d:01:74:25:89:a7:d1:9b:9c:00:77:
ad:25:97:40:3e:80:3b:7b:f0:f9:f4:ef:e3:29:f7:
d8:82:07:e1:85:e9:9a:55:dc:49:43:59:77:62:d1:
d0:c3:78:0f:54:92:a0:6d:d8:bc:a9:b2:b8:5b:29:
53:5d:5e:1b:91:ca:e4:40:41:7f:ff:23:95:30:23:
04:07:15:6c:e8:f4:ff:3d:09:71:24:4c:32:3e:6c:
01:fc:1f:c3:4e:19:69:5b:e6:8d:4a:6f:f6:46:bf:
76:c3:be:92:08:6f:77:f8:ab:f1:4a:2b:95:94:4e:
08:f1:5b:30:25:3b:31:02:f5:24:35:48:d8:0a:53:
ac:e7:c5:54:9b:5b:08:b4:8f:46:d4:20:7e:77:ff:
f7:d5:68:50:cb:b0:66:7f:52:ce:b1:53:25:10:a2:
46:6b:7b:01:9c:ef:15:83:4b:a8:ea:09:49:c0:14:
92:c6:38:04:f6:84:4f:bb:40:65:ae:79:3b:60:2b:
a8:7e:da:71:bd:47:93:d2:69:70:00:24:69:da:83:
5b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7E:D0:B1:28:4E:91:5D:7D:2C:C3:DC:FA:24:B4:06:99:69:79:DC
X509v3 Authority Key Identifier:
keyid:7B:96:5B:64:C3:E7:24:B9:3F:C0:0B:18:6E:15:E3:5C:ED:53:5D:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C8371/EC0AE8747AFA11E988A3C33CF8AEA228/e5ZbZMPnJLk_wAsYbhXjXO1TXcc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/e5ZbZMPnJLk_wAsYbhXjXO1TXcc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C8371/EC0AE8747AFA11E988A3C33CF8AEA228/5485B674E05C11E99BDD7B68F8AEA228.roa
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f050::/36
Signature Algorithm: sha256WithRSAEncryption
0a:c6:60:ba:ad:bb:dd:d5:d5:b5:43:36:d3:e8:2b:44:a6:92:
4e:98:d3:64:ba:f3:26:7f:0b:ad:fe:14:e6:b8:fd:dc:22:cc:
b9:76:05:f2:1d:bb:75:2e:11:39:de:5e:6d:1c:47:f9:68:ff:
d4:ba:0e:a6:45:de:53:3c:bd:6c:7f:42:f3:15:20:1c:4c:85:
70:48:35:5e:86:98:a3:ab:9e:d3:ab:b2:48:48:fc:e8:dd:40:
71:9c:05:06:9b:3b:b1:e2:fe:92:e1:51:ab:d8:30:59:8d:71:
2b:1e:78:41:8b:02:93:72:87:a4:8b:48:78:4c:17:e2:c5:84:
4f:92:50:90:70:67:66:0a:36:6c:9d:db:71:dc:24:72:cd:8e:
be:06:7e:2e:4e:af:c5:63:30:ed:1e:79:f9:eb:09:7a:91:f6:
2c:c1:6b:60:56:3c:54:85:80:f8:22:4a:82:fd:8b:6a:bc:61:
3d:07:77:4e:97:5e:08:4e:8a:e2:fa:db:5d:37:e5:d0:dc:96:
e6:ba:87:74:bf:27:3d:e7:4f:13:49:66:7c:46:98:e3:ab:70:
04:5b:d6:e8:33:4e:28:59:8f:ea:ac:db:12:fb:0b:a2:7d:e0:
4a:3b:6d:b5:e5:fc:02:42:1d:09:a3:15:b6:a1:69:25:c2:9b:
2e:db:80:26
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICAJYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QzgzNzFBRjExMC8GA1UEBRMoN0I5NjVCNjRDM0U3MjRCOTNGQzAwQjE4NkUxNUUz
NUNFRDUzNURDNzAeFw0xOTA5MjYxMjUxMTNaFw0yNDA5MjYxMjUxMTNaMBgxFjAU
BgNVBAMTDTVkOGNiNDQ1LTc3ZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDgrpa/NuPuZ6TlhRaVQ6TYiqOhooBgENd7TCRMoygJMchVpnPONjfRYPNd
WHo3v9NtAXQliafRm5wAd60ll0A+gDt78Pn07+Mp99iCB+GF6ZpV3ElDWXdi0dDD
eA9UkqBt2LypsrhbKVNdXhuRyuRAQX//I5UwIwQHFWzo9P89CXEkTDI+bAH8H8NO
GWlb5o1Kb/ZGv3bDvpIIb3f4q/FKK5WUTgjxWzAlOzEC9SQ1SNgKU6znxVSbWwi0
j0bUIH53//fVaFDLsGZ/Us6xUyUQokZrewGc7xWDS6jqCUnAFJLGOAT2hE+7QGWu
eTtgK6h+2nG9R5PSaXAAJGnag1ulAgMBAAGjggJwMIICbDAdBgNVHQ4EFgQUn37Q
sShOkV19LMPc+iS0BplpedwwHwYDVR0jBBgwFoAUe5ZbZMPnJLk/wAsYbhXjXO1T
XccwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM4MzcxL0VDMEFFODc0N0FGQTExRTk4OEEzQzMzQ0Y4QUVBMjI4L2U1WmJa
TVBuSkxrX3dBc1liaFhqWE8xVFhjYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2U1WmJaTVBuSkxrX3dBc1liaFhqWE8xVFhjYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkM4MzcxL0VDMEFFODc0N0FGQTExRTk4OEEzQzMzQ0Y4
QUVBMjI4LzU0ODVCNjc0RTA1QzExRTk5QkREN0I2OEY4QUVBMjI4LnJvYTAhBggr
BgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCwP8FAAMA0GCSqGSIb3DQEBCwUAA4IB
AQAKxmC6rbvd1dW1QzbT6CtEppJOmNNkuvMmfwut/hTmuP3cIsy5dgXyHbt1LhE5
3l5tHEf5aP/Uug6mRd5TPL1sf0LzFSAcTIVwSDVehpijq57Tq7JISPzo3UBxnAUG
mzux4v6S4VGr2DBZjXErHnhBiwKTcoeki0h4TBfixYRPklCQcGdmCjZsndtx3CRy
zY6+Bn4uTq/FYzDtHnn56wl6kfYswWtgVjxUhYD4IkqC/YtqvGE9B3dOl14ITori
+ttdN+XQ3Jbmuod0vyc9508TSWZ8Rpjjq3AEW9boM04oWY/qrNsS+wuifeBKO221
5fwCQh0JoxW2oWklwpsu24Am
-----END CERTIFICATE-----
Generated at Fri May 24 02:40:10 2024 by rpki-client on console-ams.rpki-client.org