Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/8B4FDD02DD6211EFB4C77993762E951A.roa
File: 8B4FDD02DD6211EFB4C77993762E951A.roa (raw, json)
Hash identifier: Z1rrEpUe4MTbEq40ijUN0jAM2CAe4s4o3V9RhT7W13c=
Subject key identifier: CD:5D:FA:B1:6F:B9:38:EF:83:2E:8A:75:56:71:6F:AE:2F:40:3B:9E
Certificate issuer: /CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
Certificate serial: 079C
Authority key identifier: AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/8B4FDD02DD6211EFB4C77993762E951A.roa
Signing time: Tue 28 Jan 2025 10:27:59 +0000
ROA not before: Tue 28 Jan 2025 10:27:55 +0000
ROA not after: Sat 30 Jul 2033 10:27:55 +0000
asID: 37119
IP address blocks: 2c0f:f888:e000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.mft
rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1948 (0x79c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D0F50AF
Validity
Not Before: Jan 28 10:27:55 2025 GMT
Not After : Jul 30 10:27:55 2033 GMT
Subject: CN=6798b12e-9fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:80:7e:b9:6e:f0:4d:6e:a9:bf:96:f7:01:04:
f7:e8:55:ce:e1:cd:6a:e9:63:02:d6:1e:04:df:1d:
7e:5c:ff:4d:0a:e0:31:fb:24:2f:4c:b3:eb:0a:28:
7d:81:85:1c:11:f4:ff:e2:94:5f:a2:28:5a:fc:d8:
dd:92:07:20:c4:ff:d7:65:10:d3:62:ef:1f:a4:66:
38:fe:a0:66:20:ad:00:f1:71:34:bc:a5:d6:6e:8c:
35:8f:f6:7e:73:14:89:1a:90:ae:d7:6b:24:40:f1:
67:5a:14:3e:78:6c:f9:49:20:1d:b1:7e:b1:90:55:
11:d1:c5:50:8e:8b:40:c2:76:68:ca:08:de:0e:30:
82:8e:95:60:cb:61:26:06:7e:d0:6a:b9:c9:31:30:
37:03:6d:e7:e5:79:e3:90:fc:16:09:35:9d:87:ed:
5e:43:51:99:3a:3a:4e:de:54:86:b1:3d:44:04:5a:
a9:1e:4d:fd:15:a1:13:a4:02:83:f0:17:7d:04:ce:
db:ab:97:a7:78:d4:83:50:86:05:46:2f:94:f8:a9:
03:5d:d9:1e:10:44:b1:55:ce:99:30:61:c9:1c:c3:
b6:85:6f:f2:89:9f:0c:44:54:55:e6:b8:a7:db:68:
fd:1d:23:40:c0:35:80:a5:27:f4:54:8a:ec:8e:e4:
52:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:5D:FA:B1:6F:B9:38:EF:83:2E:8A:75:56:71:6F:AE:2F:40:3B:9E
X509v3 Authority Key Identifier:
keyid:AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/8B4FDD02DD6211EFB4C77993762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f888:e000::/36
Signature Algorithm: sha256WithRSAEncryption
58:68:f7:99:70:3a:02:9a:86:44:57:b0:d5:0a:45:f6:1d:ca:
1c:35:01:4d:6a:f9:11:1e:90:1d:2b:c9:a8:1b:81:84:db:ed:
51:c5:bb:0c:70:34:fe:b3:07:52:b7:93:b3:0d:cb:4b:9f:95:
84:a0:0d:49:f8:d8:a8:57:42:b9:35:74:c7:76:ea:50:d3:c3:
4f:d8:32:28:42:6f:f4:72:d2:1e:8e:de:a8:7b:41:84:e3:70:
4d:bf:39:bb:ec:23:98:bb:8a:53:72:cb:44:46:14:25:ea:94:
3f:4c:ed:f8:10:c6:10:52:32:07:f3:58:95:c5:a6:57:32:f1:
7e:67:bb:51:e6:b1:a1:c6:2a:80:ef:d5:3b:76:63:6b:f8:35:
74:b1:1e:a1:e8:be:3a:d9:24:d9:41:17:bf:38:da:27:9e:2f:
ab:02:d5:0f:5c:02:12:71:38:b9:a1:89:03:3f:a7:66:15:84:
c1:4d:4d:ea:0a:b0:31:0a:0e:22:95:bb:00:60:88:7a:a1:8d:
f7:66:0d:7c:d3:b3:d7:0b:8e:29:d4:ff:ce:40:20:f3:a0:87:
f0:45:f2:0e:b4:54:15:f2:d1:b6:82:1d:45:81:4a:ba:b6:92:
58:0a:6b:58:7e:0f:49:f0:3e:57:ee:f4:a5:be:68:34:47:52:
ef:fc:34:66
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICB5wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDBGNTBBRjExMC8GA1UEBRMoQUU5OEE1RkRBRDJEQzlGNEZDMUJFNDdGNjY4NTdB
OEM0Nzk4ODEwMjAeFw0yNTAxMjgxMDI3NTVaFw0zMzA3MzAxMDI3NTVaMBgxFjAU
BgNVBAMTDTY3OThiMTJlLTlmY2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDKgH65bvBNbqm/lvcBBPfoVc7hzWrpYwLWHgTfHX5c/00K4DH7JC9Ms+sK
KH2BhRwR9P/ilF+iKFr82N2SByDE/9dlENNi7x+kZjj+oGYgrQDxcTS8pdZujDWP
9n5zFIkakK7XayRA8WdaFD54bPlJIB2xfrGQVRHRxVCOi0DCdmjKCN4OMIKOlWDL
YSYGftBquckxMDcDbefleeOQ/BYJNZ2H7V5DUZk6Ok7eVIaxPUQEWqkeTf0VoROk
AoPwF30Ezturl6d41INQhgVGL5T4qQNd2R4QRLFVzpkwYckcw7aFb/KJnwxEVFXm
uKfbaP0dI0DANYClJ/RUiuyO5FItAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUzV36
sW+5OO+DLop1VnFvri9AO54wHwYDVR0jBBgwFoAUrpil/a0tyfT8G+R/ZoV6jEeY
gQIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4QUVBMjI4L3JwaWxf
YTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JwaWxfYTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4
QUVBMjI4LzhCNEZERDAyREQ2MjExRUZCNEM3Nzk5Mzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQsD/iI4DANBgkqhkiG9w0B
AQsFAAOCAQEAWGj3mXA6ApqGRFew1QpF9h3KHDUBTWr5ER6QHSvJqBuBhNvtUcW7
DHA0/rMHUreTsw3LS5+VhKANSfjYqFdCuTV0x3bqUNPDT9gyKEJv9HLSHo7eqHtB
hONwTb85u+wjmLuKU3LLREYUJeqUP0zt+BDGEFIyB/NYlcWmVzLxfme7UeaxocYq
gO/VO3Zja/g1dLEeoei+Otkk2UEXvzjaJ54vqwLVD1wCEnE4uaGJAz+nZhWEwU1N
6gqwMQoOIpW7AGCIeqGN92YNfNOz1wuOKdT/zkAg86CH8EXyDrRUFfLRtoIdRYFK
uraSWAprWH4PSfA+V+70pb5oNEdS7/w0Zg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:38 2025 by rpki-client