Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/8A9E7DDC101811EEB15BB7544AD9E6FC.roa
File: 8A9E7DDC101811EEB15BB7544AD9E6FC.roa (raw, json)
Hash identifier: DAU8G8pmRsyV/9q7muvBWTCwn6a0J91jSRhNNn56aqk=
Subject key identifier: D2:4F:69:38:41:34:BA:CC:3F:74:43:DC:C0:19:3B:F6:E3:0E:0E:38
Certificate issuer: /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial: 1C
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/8A9E7DDC101811EEB15BB7544AD9E6FC.roa
Signing time: Wed 21 Jun 2023 09:46:49 +0000
ROA not before: Wed 21 Jun 2023 09:46:45 +0000
ROA not after: Fri 21 Jun 2024 09:46:45 +0000
asID: 37684
IP address blocks: 2c0f:f408:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.mft
rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 19 Jun 2024 00:05:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28 (0x1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Validity
Not Before: Jun 21 09:46:45 2023 GMT
Not After : Jun 21 09:46:45 2024 GMT
Subject: CN=6492c708-594c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:50:e4:69:4e:d8:e9:9c:c2:64:3d:35:d7:9f:
ce:dd:dd:03:bb:a6:af:95:d7:13:df:83:ea:02:ad:
11:0f:b1:f0:f1:57:27:a9:27:7f:93:c9:ac:e8:ae:
39:4e:65:c3:83:a8:db:d8:c1:e9:f7:db:47:b5:cc:
4b:52:dc:0d:11:5b:a2:1d:25:e4:d2:42:7c:b8:8c:
b8:91:58:1a:03:c0:39:fa:29:c1:a2:e4:78:66:82:
a9:ac:9e:23:cd:e8:36:74:b8:a5:63:f3:5c:02:b1:
e9:c9:77:39:29:fb:d4:b4:93:37:4f:b9:9d:b3:a7:
34:0f:69:53:ea:35:36:68:1c:06:4d:b4:8b:8b:af:
a2:75:20:9b:46:a1:c1:00:77:34:05:3e:ad:1d:88:
84:03:bd:0f:48:97:e1:0e:c7:e8:49:f1:ba:16:17:
51:82:35:ac:57:b9:61:4a:8c:a2:51:cc:fb:90:fb:
7c:4c:31:4a:fa:73:44:18:e9:e7:21:f0:40:33:9c:
85:af:94:c3:e5:41:7c:2c:1c:bb:5e:5b:c0:51:2a:
44:15:9e:4a:f5:35:d9:10:57:47:bb:e5:46:26:2d:
cf:1a:82:80:f7:20:1b:1d:a2:c1:60:20:61:16:bb:
d7:05:3c:5b:e1:cd:ce:4a:2d:41:f7:5e:18:0f:8b:
66:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:4F:69:38:41:34:BA:CC:3F:74:43:DC:C0:19:3B:F6:E3:0E:0E:38
X509v3 Authority Key Identifier:
keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/8A9E7DDC101811EEB15BB7544AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f408:100::/40
Signature Algorithm: sha256WithRSAEncryption
66:b5:f3:de:0b:e6:30:01:b8:1f:78:5f:43:c2:f1:05:e9:50:
be:12:a4:dc:99:d1:83:da:f8:a7:2b:89:b0:ba:d8:d5:0e:e9:
75:24:a5:72:5a:4e:0e:dd:05:ae:5e:05:67:3c:77:3c:e3:39:
dd:8d:ee:c8:60:70:b0:7a:52:9c:3d:e5:f6:f9:10:4a:3c:52:
12:59:b6:35:48:06:61:bd:e9:f4:50:46:e6:10:15:6f:c4:80:
9c:a9:4b:16:86:7c:bd:a4:60:ca:56:73:7d:7c:17:b5:c3:1d:
a9:ae:41:64:1a:e1:ef:e7:88:f5:a8:ad:fc:12:5d:40:7c:bd:
da:27:0a:bc:f1:c8:c1:50:36:64:1c:44:47:14:dc:f9:73:9c:
26:b6:62:a7:0b:c3:cb:c2:08:c1:66:30:65:29:4a:da:b3:cb:
b6:44:49:2f:d0:48:8c:4c:d6:67:b7:50:1a:5c:d5:9e:66:51:
f2:f7:c7:01:3b:dd:bd:12:74:72:2e:10:94:15:2e:23:53:6b:
0f:a3:13:a5:80:f8:e8:6b:21:71:71:17:7b:d6:a6:c9:3f:3d:
6e:a5:e0:22:9f:7e:c1:75:8e:72:24:06:d9:21:be:a6:71:f7:
f7:cb:ab:07:6b:aa:6e:b9:2f:35:76:69:f2:35:38:ae:37:c6:
9c:a5:5d:61
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIBHDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
MkI4Q0FGMTEwLwYDVQQFEyg4NzIxMzBFNjlCM0ZCODAzNUIxQjI1RDNGNkZCOTc0
QTJBMDc4RUNDMB4XDTIzMDYyMTA5NDY0NVoXDTI0MDYyMTA5NDY0NVowGDEWMBQG
A1UEAxMNNjQ5MmM3MDgtNTk0YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZQ5GlO2OmcwmQ9Ndefzt3dA7umr5XXE9+D6gKtEQ+x8PFXJ6knf5PJrOiu
OU5lw4Oo29jB6ffbR7XMS1LcDRFboh0l5NJCfLiMuJFYGgPAOfopwaLkeGaCqaye
I83oNnS4pWPzXAKx6cl3OSn71LSTN0+5nbOnNA9pU+o1NmgcBk20i4uvonUgm0ah
wQB3NAU+rR2IhAO9D0iX4Q7H6EnxuhYXUYI1rFe5YUqMolHM+5D7fEwxSvpzRBjp
5yHwQDOcha+Uw+VBfCwcu15bwFEqRBWeSvU12RBXR7vlRiYtzxqCgPcgGx2iwWAg
YRa71wU8W+HNzkotQfdeGA+LZv8CAwEAAaOCAqcwggKjMB0GA1UdDgQWBBTST2k4
QTS6zD90Q9zAGTv24w4OODAfBgNVHSMEGDAWgBSHITDmmz+4A1sbJdP2+5dKKgeO
zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTJCOEMvQzhGOURGMUUwQjYyMTFFRTg2MkQ4NjhBNEFEOUU2RkMvaHlFdzVw
c191QU5iR3lYVDl2dVhTaW9IanN3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaHlFdzVwc191QU5iR3lYVDl2dVhTaW9IanN3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTJCOEMvQzhGOURGMUUwQjYyMTFFRTg2MkQ4NjhBNEFE
OUU2RkMvOEE5RTdEREMxMDE4MTFFRUIxNUJCNzU0NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACwP9AgBMA0GCSqGSIb3DQEB
CwUAA4IBAQBmtfPeC+YwAbgfeF9DwvEF6VC+EqTcmdGD2vinK4mwutjVDul1JKVy
Wk4O3QWuXgVnPHc84zndje7IYHCwelKcPeX2+RBKPFISWbY1SAZhven0UEbmEBVv
xICcqUsWhny9pGDKVnN9fBe1wx2prkFkGuHv54j1qK38El1AfL3aJwq88cjBUDZk
HERHFNz5c5wmtmKnC8PLwgjBZjBlKUras8u2REkv0EiMTNZnt1AaXNWeZlHy98cB
O929EnRyLhCUFS4jU2sPoxOlgPjoayFxcRd71qbJPz1upeAin37BdY5yJAbZIb6m
cff3y6sHa6puuS81dmnyNTiuN8acpV1h
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:47:45 2024 by rpki-client on console-ams.rpki-client.org