Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/DC489C3ADD6211EF8F2B7094762E951A.roa
File: DC489C3ADD6211EF8F2B7094762E951A.roa (raw, json)
Hash identifier: p2ixVkBk3b3qJpM6Zs4ufBdkSirsCLWFtvz/MrJnLfU=
Subject key identifier: 0E:44:61:B2:BD:23:A2:3D:93:B0:B6:F2:54:2A:94:61:01:58:EE:80
Certificate issuer: /CN=F36D0F50AF/serialNumber=AE98A5FDAD2DC9F4FC1BE47F66857A8C47988102
Certificate serial: 079E
Authority key identifier: AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/DC489C3ADD6211EF8F2B7094762E951A.roa
Signing time: Tue 28 Jan 2025 10:30:14 +0000
ROA not before: Tue 28 Jan 2025 10:30:11 +0000
ROA not after: Sat 30 Jul 2033 10:30:11 +0000
asID: 37119
IP address blocks: 2c0f:f888:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.mft
rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1950 (0x79e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D0F50AF
Validity
Not Before: Jan 28 10:30:11 2025 GMT
Not After : Jul 30 10:30:11 2033 GMT
Subject: CN=6798b1b6-685f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:17:3a:3b:94:1f:fa:0d:f3:72:1c:56:68:61:
fe:6e:7a:0b:16:14:21:ce:71:c2:c8:c3:c4:2b:c6:
74:c5:26:1f:18:59:b3:39:63:f8:a5:25:36:74:ea:
ac:71:ca:e2:6f:68:1a:d2:4d:f8:dc:08:4b:ee:1e:
01:91:b3:d6:4d:25:b6:7f:57:96:c3:6e:33:c9:24:
1b:b7:c6:30:b6:db:27:7c:7d:40:74:51:a4:22:22:
01:11:1d:d3:7e:01:f6:74:b1:8a:58:9a:e5:72:6c:
a2:04:45:44:c0:8e:bc:23:b5:e2:4b:1e:08:f8:e0:
35:f7:38:23:00:7d:cf:56:f4:2c:fe:10:a9:94:cf:
7f:50:c2:7d:10:ef:2c:f8:78:14:0e:2c:46:95:94:
1f:b1:4d:a0:68:30:41:82:35:b8:7f:c1:10:4b:5c:
df:9b:92:5f:90:43:f0:53:9c:d8:bb:6b:86:45:56:
1f:c7:aa:31:de:33:52:50:da:69:c4:ba:81:2e:c1:
45:42:cd:dc:54:d3:2a:1e:71:d2:2f:eb:0d:4c:26:
95:35:dd:87:11:29:1e:78:35:df:ee:70:49:ed:6c:
1b:b5:02:a0:93:41:c4:d5:55:10:fe:15:0d:d1:ff:
0d:d4:a4:39:b7:b5:67:19:a8:27:9f:b9:85:02:17:
7e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:44:61:B2:BD:23:A2:3D:93:B0:B6:F2:54:2A:94:61:01:58:EE:80
X509v3 Authority Key Identifier:
keyid:AE:98:A5:FD:AD:2D:C9:F4:FC:1B:E4:7F:66:85:7A:8C:47:98:81:02
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/rpil_a0tyfT8G-R_ZoV6jEeYgQI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/rpil_a0tyfT8G-R_ZoV6jEeYgQI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D0F50/5EAAA6B8258F11EBB70B7C19F8AEA228/DC489C3ADD6211EF8F2B7094762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f888:f000::/36
Signature Algorithm: sha256WithRSAEncryption
9a:96:36:a7:43:96:67:57:59:95:a2:54:f6:53:01:4f:de:74:
9d:a3:35:db:1b:ae:50:89:51:29:5c:ae:7c:97:bc:da:1f:9a:
c3:fd:37:f3:71:ef:e6:c3:0e:fe:08:fe:e5:91:18:a1:b2:4d:
02:16:49:c4:23:46:62:24:6a:5b:f7:01:6b:81:e5:ba:b2:08:
a1:3c:ab:94:79:cd:0d:d1:57:04:b9:57:ff:9e:4d:d1:62:a7:
3d:48:9a:b2:88:ac:da:13:cc:a2:6e:8a:8a:50:98:d0:61:5b:
9d:6f:fc:30:ba:31:e7:2d:de:81:b5:91:0a:d6:39:27:aa:51:
af:94:9b:a6:4c:6e:3e:e8:ec:11:bb:cd:c7:5a:44:a8:dc:9a:
1f:42:bc:86:a0:85:5b:aa:03:d7:79:91:19:86:ea:b5:59:6f:
cd:b4:a1:0f:5a:43:9d:97:16:00:84:e4:4e:94:dc:85:37:53:
95:f1:4e:91:ff:ac:4a:36:41:65:2e:37:4e:87:0d:e9:19:14:
18:43:98:fb:16:3b:f4:ff:28:4c:6b:8a:17:32:05:e2:c7:7f:
c6:3d:98:40:2f:16:64:d2:f6:54:9c:91:a6:8b:02:a5:b8:18:
40:f5:42:a7:79:d3:01:de:d5:cf:a8:36:de:53:ba:75:4b:0a:
5a:2b:0c:08
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICB54wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDBGNTBBRjExMC8GA1UEBRMoQUU5OEE1RkRBRDJEQzlGNEZDMUJFNDdGNjY4NTdB
OEM0Nzk4ODEwMjAeFw0yNTAxMjgxMDMwMTFaFw0zMzA3MzAxMDMwMTFaMBgxFjAU
BgNVBAMTDTY3OThiMWI2LTY4NWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpFzo7lB/6DfNyHFZoYf5uegsWFCHOccLIw8QrxnTFJh8YWbM5Y/ilJTZ0
6qxxyuJvaBrSTfjcCEvuHgGRs9ZNJbZ/V5bDbjPJJBu3xjC22yd8fUB0UaQiIgER
HdN+AfZ0sYpYmuVybKIERUTAjrwjteJLHgj44DX3OCMAfc9W9Cz+EKmUz39Qwn0Q
7yz4eBQOLEaVlB+xTaBoMEGCNbh/wRBLXN+bkl+QQ/BTnNi7a4ZFVh/HqjHeM1JQ
2mnEuoEuwUVCzdxU0yoecdIv6w1MJpU13YcRKR54Nd/ucEntbBu1AqCTQcTVVRD+
FQ3R/w3UpDm3tWcZqCefuYUCF36FAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUDkRh
sr0joj2TsLbyVCqUYQFY7oAwHwYDVR0jBBgwFoAUrpil/a0tyfT8G+R/ZoV6jEeY
gQIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4QUVBMjI4L3JwaWxf
YTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3JwaWxfYTB0eWZUOEctUl9ab1Y2akVlWWdRSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQwRjUwLzVFQUFBNkI4MjU4RjExRUJCNzBCN0MxOUY4
QUVBMjI4L0RDNDg5QzNBREQ2MjExRUY4RjJCNzA5NDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQsD/iI8DANBgkqhkiG9w0B
AQsFAAOCAQEAmpY2p0OWZ1dZlaJU9lMBT950naM12xuuUIlRKVyufJe82h+aw/03
83Hv5sMO/gj+5ZEYobJNAhZJxCNGYiRqW/cBa4HlurIIoTyrlHnNDdFXBLlX/55N
0WKnPUiasois2hPMom6KilCY0GFbnW/8MLox5y3egbWRCtY5J6pRr5SbpkxuPujs
EbvNx1pEqNyaH0K8hqCFW6oD13mRGYbqtVlvzbShD1pDnZcWAITkTpTchTdTlfFO
kf+sSjZBZS43TocN6RkUGEOY+xY79P8oTGuKFzIF4sd/xj2YQC8WZNL2VJyRposC
pbgYQPVCp3nTAd7Vz6g23lO6dUsKWisMCA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:36:19 2025 by rpki-client