Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/539E5CC2F81411EFBDDFCB7C762E951A.roa
File: 539E5CC2F81411EFBDDFCB7C762E951A.roa (raw, json)
Hash identifier: ATiggh+vNVuMqXawpwCemlyRXEd1oK0f4La6CW2y5Xw=
Subject key identifier: A3:23:1B:E6:92:D3:8C:54:92:3F:1C:AF:9E:AC:3C:FB:FD:DC:29:14
Certificate issuer: /CN=F36CC035AF/serialNumber=E3B07BB9D0957749FFE48C7E7325A9E11B416AB9
Certificate serial: 036D
Authority key identifier: E3:B0:7B:B9:D0:95:77:49:FF:E4:8C:7E:73:25:A9:E1:1B:41:6A:B9
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/47B7udCVd0n_5Ix-cyWp4RtBark.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/539E5CC2F81411EFBDDFCB7C762E951A.roa
Signing time: Mon 03 Mar 2025 09:46:06 +0000
ROA not before: Mon 03 Mar 2025 09:46:02 +0000
ROA not after: Sat 31 Mar 2035 09:46:02 +0000
asID: 198949
IP address blocks: 2c0f:f778::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/47B7udCVd0n_5Ix-cyWp4RtBark.crl
rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/47B7udCVd0n_5Ix-cyWp4RtBark.mft
rsync://rpki.afrinic.net/repository/afrinic/47B7udCVd0n_5Ix-cyWp4RtBark.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 20:07:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 877 (0x36d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36CC035AF
Validity
Not Before: Mar 3 09:46:02 2025 GMT
Not After : Mar 31 09:46:02 2035 GMT
Subject: CN=67c57a5e-4907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:df:d7:1e:92:79:84:fd:2c:8b:99:85:cb:6b:
04:20:e8:5a:ef:d1:d5:84:c3:c5:27:8e:1b:2f:6f:
14:b3:5b:df:42:95:06:c6:18:de:8c:ad:ed:c7:00:
16:57:4f:98:8b:d9:14:34:3f:9e:43:ef:73:7a:2a:
88:cd:04:71:9f:9c:d5:c7:7f:eb:c3:d8:36:5e:4f:
cf:de:5f:64:20:40:fa:e7:2e:26:8c:f5:46:b7:b7:
df:a0:4e:f8:5b:28:68:46:95:17:18:d9:a8:f2:ff:
66:c8:8f:4b:31:3a:d8:32:da:1d:4e:ce:65:15:7b:
a9:7f:b2:9e:51:5c:9b:72:68:52:4b:71:57:25:1a:
a3:c8:1b:14:72:ab:fd:fe:19:07:8d:22:7c:67:7e:
85:c2:a5:97:b8:4b:33:29:3c:b8:16:ae:fe:c4:2d:
eb:bb:3e:3f:ec:7b:35:f6:09:36:2b:48:fb:fe:15:
49:9f:55:b9:0a:d3:2b:b9:56:82:bf:d9:d8:36:28:
0a:ea:5d:69:b8:f9:69:dc:8f:fb:1f:23:77:9b:ca:
ac:7a:a8:d4:8b:ab:24:4d:64:c2:bd:eb:c3:76:0e:
ce:63:c8:b9:3c:52:5f:74:14:68:ee:56:4f:35:df:
eb:42:e9:a1:a0:35:21:bb:af:0b:9d:8a:b4:d4:a3:
ef:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:23:1B:E6:92:D3:8C:54:92:3F:1C:AF:9E:AC:3C:FB:FD:DC:29:14
X509v3 Authority Key Identifier:
keyid:E3:B0:7B:B9:D0:95:77:49:FF:E4:8C:7E:73:25:A9:E1:1B:41:6A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/47B7udCVd0n_5Ix-cyWp4RtBark.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/47B7udCVd0n_5Ix-cyWp4RtBark.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CC035/71F69968715811ED8B19339FF1222468/539E5CC2F81411EFBDDFCB7C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f778::/32
Signature Algorithm: sha256WithRSAEncryption
3e:3f:50:7e:82:c3:98:95:a8:2f:db:a1:97:ec:a2:8e:87:58:
10:22:94:96:7f:a2:32:6a:7c:72:11:cf:1a:88:10:c1:d4:92:
ad:25:19:06:73:de:f8:44:98:7f:7b:c3:b6:6a:d0:88:5d:58:
81:6f:9f:d8:18:4f:b7:be:1b:4a:14:df:03:f0:3b:95:26:0a:
5d:54:43:94:85:3a:77:af:80:66:94:76:3c:4c:40:be:ab:77:
00:68:a6:66:0b:55:f8:7b:75:98:79:3e:ca:89:05:f9:bf:28:
08:11:e9:16:a7:e0:54:62:c9:46:3d:ec:96:48:76:5b:e2:6b:
2e:12:44:7e:00:69:2e:64:bd:f3:c0:fb:ba:c8:94:b6:40:37:
95:eb:3a:5b:9a:e8:b5:e9:f2:9e:4e:42:53:06:eb:6a:a2:55:
44:0a:7e:e4:5f:99:16:9c:57:b1:5b:6b:10:82:4e:80:88:0b:
f2:0c:6a:a1:c3:f9:0e:8c:86:c9:05:3f:01:e1:35:d1:c9:96:
a7:3f:63:77:67:0e:b3:76:1c:f7:c8:35:09:51:0b:cf:a1:8e:
14:f9:27:d2:cb:26:69:85:60:59:e9:03:dc:1d:ef:97:15:ea:
66:99:cd:16:b9:e3:25:cc:98:2f:37:0a:d7:a9:37:d5:f2:d7:
66:e7:69:dd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA20wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
Q0MwMzVBRjExMC8GA1UEBRMoRTNCMDdCQjlEMDk1Nzc0OUZGRTQ4QzdFNzMyNUE5
RTExQjQxNkFCOTAeFw0yNTAzMDMwOTQ2MDJaFw0zNTAzMzEwOTQ2MDJaMBgxFjAU
BgNVBAMTDTY3YzU3YTVlLTQ5MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCf39ceknmE/SyLmYXLawQg6Frv0dWEw8UnjhsvbxSzW99ClQbGGN6Mre3H
ABZXT5iL2RQ0P55D73N6KojNBHGfnNXHf+vD2DZeT8/eX2QgQPrnLiaM9Ua3t9+g
TvhbKGhGlRcY2ajy/2bIj0sxOtgy2h1OzmUVe6l/sp5RXJtyaFJLcVclGqPIGxRy
q/3+GQeNInxnfoXCpZe4SzMpPLgWrv7ELeu7Pj/sezX2CTYrSPv+FUmfVbkK0yu5
VoK/2dg2KArqXWm4+Wncj/sfI3ebyqx6qNSLqyRNZMK968N2Ds5jyLk8Ul90FGju
Vk813+tC6aGgNSG7rwudirTUo+8hAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUoyMb
5pLTjFSSPxyvnqw8+/3cKRQwHwYDVR0jBBgwFoAU47B7udCVd0n/5Ix+cyWp4RtB
arkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkNDMDM1LzcxRjY5OTY4NzE1ODExRUQ4QjE5MzM5RkYxMjIyNDY4LzQ3Qjd1
ZENWZDBuXzVJeC1jeVdwNFJ0QmFyay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzQ3Qjd1ZENWZDBuXzVJeC1jeVdwNFJ0QmFyay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkNDMDM1LzcxRjY5OTY4NzE1ODExRUQ4QjE5MzM5RkYx
MjIyNDY4LzUzOUU1Q0MyRjgxNDExRUZCRERGQ0I3Qzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsD/d4MA0GCSqGSIb3DQEB
CwUAA4IBAQA+P1B+gsOYlagv26GX7KKOh1gQIpSWf6IyanxyEc8aiBDB1JKtJRkG
c974RJh/e8O2atCIXViBb5/YGE+3vhtKFN8D8DuVJgpdVEOUhTp3r4BmlHY8TEC+
q3cAaKZmC1X4e3WYeT7KiQX5vygIEekWp+BUYslGPeyWSHZb4msuEkR+AGkuZL3z
wPu6yJS2QDeV6zpbmui16fKeTkJTButqolVECn7kX5kWnFexW2sQgk6AiAvyDGqh
w/kOjIbJBT8B4TXRyZanP2N3Zw6zdhz3yDUJUQvPoY4U+SfSyyZphWBZ6QPcHe+X
Fepmmc0WueMlzJgvNwrXqTfV8tdm52nd
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:44:35 2025 by rpki-client