Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/001A7F62B61B11EF8A6F4D55762E951A.roa
File: 001A7F62B61B11EF8A6F4D55762E951A.roa (raw, json)
Hash identifier: DJwDNTn+dJTwmq9NN8zkk9NyTIkBu2ZkKR3VfhtlhA4=
Subject key identifier: 49:12:74:5D:6C:35:4E:E5:E1:0C:87:74:25:DB:E4:0D:4F:C5:40:A5
Certificate issuer: /CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
Certificate serial: 0723
Authority key identifier: AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/001A7F62B61B11EF8A6F4D55762E951A.roa
Signing time: Mon 09 Dec 2024 10:47:35 +0000
ROA not before: Mon 09 Dec 2024 10:47:29 +0000
ROA not after: Sat 30 Jul 2033 10:47:29 +0000
asID: 37119
IP address blocks: 2c0f:f888:a040::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.mft
rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1827 (0x723)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D0F50AF
Validity
Not Before: Dec 9 10:47:29 2024 GMT
Not After : Jul 30 10:47:29 2033 GMT
Subject: CN=6756cac7-41e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ee:5f:d3:1e:ae:b6:4e:2b:3a:17:cf:16:be:
a5:05:08:93:1b:70:24:7e:8e:0d:b3:68:40:d6:36:
66:e5:89:98:bf:29:00:17:91:00:5a:a9:0e:72:9e:
32:51:82:49:0b:32:b2:2e:d9:a2:eb:1b:59:20:d3:
57:16:65:56:b1:5d:96:b4:eb:15:9f:47:ef:52:aa:
6f:31:82:23:97:03:50:86:c6:0d:c6:ab:60:c1:0a:
34:d1:16:65:41:cc:97:55:4f:98:80:8a:82:bd:3a:
6b:d1:b9:22:e5:15:57:f5:ae:7c:69:34:f6:d8:de:
f1:71:ce:b8:56:69:26:dd:c9:f6:9a:17:9f:3b:36:
a9:d1:f9:a6:02:18:b7:0d:79:dd:0a:a9:ab:58:59:
32:c7:98:cf:65:a6:a8:8c:ad:8e:46:a7:eb:56:20:
31:52:ea:e3:fe:9f:b3:1e:8f:a8:d5:82:7e:2f:e5:
ef:7c:65:5a:f5:97:8d:0a:99:83:7a:07:cc:cf:fd:
b8:08:59:9e:e9:ed:16:68:bf:ac:6d:35:7d:a6:d7:
cb:03:0e:09:1c:4d:49:07:06:d8:a6:dd:c3:53:55:
4b:b3:ba:02:42:80:d5:ad:9f:32:04:9d:4b:2b:62:
53:2d:28:07:41:0b:96:fa:7a:45:53:2e:a2:c9:47:
47:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:12:74:5D:6C:35:4E:E5:E1:0C:87:74:25:DB:E4:0D:4F:C5:40:A5
X509v3 Authority Key Identifier:
keyid:AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/001A7F62B61B11EF8A6F4D55762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f888:a040::/44
Signature Algorithm: sha256WithRSAEncryption
78:43:f1:75:c0:04:20:91:2f:c0:95:57:cb:06:31:1b:63:88:
e2:d6:94:b3:b7:83:52:a8:2a:b5:8f:1b:0a:e1:e5:67:75:79:
2d:71:77:73:4c:18:5d:34:d1:aa:0c:e8:0d:3a:4b:17:c6:c7:
c2:49:b2:44:ad:fb:69:f5:39:96:52:04:d5:82:d7:71:9d:66:
dd:e1:17:2f:db:f5:a1:2b:8f:b2:52:c7:13:1d:73:ad:7d:2c:
f9:a3:dd:9e:e0:ad:d2:29:ba:b7:ff:f0:39:36:64:d2:66:91:
8f:ce:38:21:d2:57:49:fd:15:d7:2a:5c:af:fb:b3:2f:61:20:
89:32:8d:78:a4:3d:55:46:85:ba:f0:36:82:ad:04:80:3e:5c:
48:53:e3:33:a9:38:b2:3a:41:53:8e:49:1a:cc:f4:b0:ed:74:
69:28:82:14:62:6d:ea:76:be:1c:12:d0:64:10:bb:49:7d:e3:
88:f4:4f:01:f8:c9:ef:ff:1f:a2:3c:ef:89:66:97:70:bf:6c:
c7:f5:3c:05:a8:b4:f0:d9:f2:a7:82:74:b7:04:88:26:60:9c:
dd:e7:fb:12:23:f1:8f:5b:43:a3:53:73:5f:f6:9c:44:c7:5e:
bc:6e:17:af:12:99:8d:83:e2:c8:3f:32:ad:a4:fd:47:e5:08:
4c:2e:2e:46
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICByMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDBGNTBBRjExMC8GA1UEBRMoQUU5OEE1RkRBRDJEQzlGNEZDMUJFNDdGNjY4NTdB
OEM0Nzk4ODEwMjAeFw0yNDEyMDkxMDQ3MjlaFw0zMzA3MzAxMDQ3MjlaMBgxFjAU
BgNVBAMTDTY3NTZjYWM3LTQxZTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCf7l/THq62Tis6F88WvqUFCJMbcCR+jg2zaEDWNmbliZi/KQAXkQBaqQ5y
njJRgkkLMrIu2aLrG1kg01cWZVaxXZa06xWfR+9Sqm8xgiOXA1CGxg3Gq2DBCjTR
FmVBzJdVT5iAioK9OmvRuSLlFVf1rnxpNPbY3vFxzrhWaSbdyfaaF587NqnR+aYC
GLcNed0KqatYWTLHmM9lpqiMrY5Gp+tWIDFS6uP+n7Mej6jVgn4v5e98ZVr1l40K
mYN6B8zP/bgIWZ7p7RZov6xtNX2m18sDDgkcTUkHBtim3cNTVUuzugJCgNWtnzIE
nUsrYlMtKAdBC5b6ekVTLqLJR0fdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUSRJ0
XWw1TuXhDId0JdvkDU/FQKUwHwYDVR0jBBgwFoAUrpil/a0tyfT8G+R/ZoV6jEeY
gQIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4QUVBMjI4L3JwaWxf
YTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JwaWxfYTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4
QUVBMjI4LzAwMUE3RjYyQjYxQjExRUY4QTZGNEQ1NTc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQsD/iIoEAwDQYJKoZIhvcN
AQELBQADggEBAHhD8XXABCCRL8CVV8sGMRtjiOLWlLO3g1KoKrWPGwrh5Wd1eS1x
d3NMGF000aoM6A06SxfGx8JJskSt+2n1OZZSBNWC13GdZt3hFy/b9aErj7JSxxMd
c619LPmj3Z7grdIpurf/8Dk2ZNJmkY/OOCHSV0n9FdcqXK/7sy9hIIkyjXikPVVG
hbrwNoKtBIA+XEhT4zOpOLI6QVOOSRrM9LDtdGkoghRibep2vhwS0GQQu0l944j0
TwH4ye//H6I874lml3C/bMf1PAWotPDZ8qeCdLcEiCZgnN3n+xIj8Y9bQ6NTc1/2
nETHXrxuF68SmY2D4sg/Mq2k/UflCEwuLkY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:43 2025 by rpki-client