Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/7F5635A2887511EEBFD443484AD9E6FC.roa
File: 7F5635A2887511EEBFD443484AD9E6FC.roa (raw, json)
Hash identifier: ocQwdIyiszloWpRuczWxhp841V/qq4mP8+w57e47R8w=
Subject key identifier: 3D:57:95:59:95:9E:67:43:2E:49:C8:12:A5:8F:FB:32:7E:E1:77:70
Certificate issuer: /CN=F36E4B69AF/serialNumber=CA6642EA9AFCC73AA24AA4047544B17C2603CBD2
Certificate serial: 02
Authority key identifier: CA:66:42:EA:9A:FC:C7:3A:A2:4A:A4:04:75:44:B1:7C:26:03:CB:D2
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/ymZC6pr8xzqiSqQEdUSxfCYDy9I.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/7F5635A2887511EEBFD443484AD9E6FC.roa
Signing time: Tue 21 Nov 2023 13:54:32 +0000
ROA not before: Tue 21 Nov 2023 13:54:27 +0000
ROA not after: Tue 21 Nov 2028 13:54:27 +0000
asID: 36912
IP address blocks: 2c0f:f070::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/ymZC6pr8xzqiSqQEdUSxfCYDy9I.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/ymZC6pr8xzqiSqQEdUSxfCYDy9I.mft
rsync://rpki.afrinic.net/repository/afrinic/ymZC6pr8xzqiSqQEdUSxfCYDy9I.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 26 Nov 2024 00:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E4B69AF/serialNumber=CA6642EA9AFCC73AA24AA4047544B17C2603CBD2
Validity
Not Before: Nov 21 13:54:27 2023 GMT
Not After : Nov 21 13:54:27 2028 GMT
Subject: CN=655cb698-0494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ad:71:36:de:6c:40:3b:2a:87:77:d3:96:d6:
a8:2b:78:21:92:76:92:3f:aa:23:17:b4:c8:48:84:
af:b5:51:3c:ee:f2:44:7a:43:f5:e2:53:9b:05:cc:
f2:fa:95:df:eb:e0:54:5c:30:11:54:b1:4b:d7:9d:
59:be:e3:30:0f:00:c7:ac:e7:d6:3e:5c:3d:ad:ce:
8b:fd:23:7b:68:0e:f6:d8:9b:e9:8e:1f:bd:ea:56:
5e:87:9b:c5:51:0d:84:20:b9:05:e8:c2:fd:eb:0c:
50:43:59:0f:01:a0:d5:cd:8e:77:89:d0:40:d3:fb:
e9:5f:96:3a:a0:ca:d4:4e:d1:5a:44:63:2b:d5:4c:
5e:63:67:fe:aa:d1:73:10:de:2f:3f:a4:23:65:35:
5d:8c:39:02:de:48:31:24:f3:16:8b:6e:7b:28:ea:
ec:4b:f8:d2:b3:51:89:25:95:6b:0f:4f:29:b1:fe:
d5:a1:29:77:e3:ea:80:f9:f2:ac:88:42:c2:1d:60:
e1:d9:96:82:a3:5c:5d:a4:f5:48:b7:6a:1b:06:3b:
89:9a:64:3c:01:cf:28:57:f1:6c:d3:8d:c4:e1:70:
2e:3d:f0:a8:86:8d:c1:36:64:79:90:b5:4a:77:b4:
01:b6:25:95:94:16:0e:1a:21:30:92:58:cf:bc:7a:
a0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:57:95:59:95:9E:67:43:2E:49:C8:12:A5:8F:FB:32:7E:E1:77:70
X509v3 Authority Key Identifier:
keyid:CA:66:42:EA:9A:FC:C7:3A:A2:4A:A4:04:75:44:B1:7C:26:03:CB:D2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/ymZC6pr8xzqiSqQEdUSxfCYDy9I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ymZC6pr8xzqiSqQEdUSxfCYDy9I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E4B69/DE14770E887311EE89B811434AD9E6FC/7F5635A2887511EEBFD443484AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:f070::/32
Signature Algorithm: sha256WithRSAEncryption
66:84:99:a7:33:94:fa:a1:00:6b:cd:81:fd:6c:3e:13:1d:4c:
03:2f:25:74:57:b7:13:58:43:aa:6a:9a:89:4c:f6:39:4a:25:
24:5a:89:c6:29:20:02:e0:af:05:df:f7:59:a5:95:f7:3a:f3:
f9:73:9b:86:97:48:39:6d:d1:24:de:ea:e5:cf:27:94:00:a5:
5b:20:39:a0:c6:8b:32:38:e3:36:50:98:51:6b:f0:c5:71:51:
cc:10:ad:91:03:d8:43:cd:a6:74:17:81:5c:af:dd:1e:3d:1b:
2f:56:44:20:9e:74:be:26:76:c9:cf:5b:82:fa:7f:90:c4:d6:
de:9b:01:6e:0c:ca:49:be:4a:4d:fd:a4:ed:02:24:e4:43:b6:
5c:3f:1c:d3:98:5d:09:b5:7a:bf:4c:c7:02:0f:d3:d7:66:4f:
d6:9e:94:b6:49:d1:53:81:23:51:79:90:c3:e6:02:2e:08:8a:
75:b8:d2:e6:39:2b:36:19:91:f1:f8:1d:e9:ed:73:e7:69:1b:
1b:24:69:7b:54:3e:c3:02:62:7a:6a:71:55:b3:b3:cb:0a:79:
7c:c3:9d:94:c1:b0:3e:5b:e4:2d:88:05:10:eb:7b:54:e1:16:
c5:da:00:22:05:98:4f:28:b5:dd:71:87:6c:c3:eb:ef:0e:1c:
b0:aa:be:2b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
NEI2OUFGMTEwLwYDVQQFEyhDQTY2NDJFQTlBRkNDNzNBQTI0QUE0MDQ3NTQ0QjE3
QzI2MDNDQkQyMB4XDTIzMTEyMTEzNTQyN1oXDTI4MTEyMTEzNTQyN1owGDEWMBQG
A1UEAxMNNjU1Y2I2OTgtMDQ5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmtcTbebEA7Kod305bWqCt4IZJ2kj+qIxe0yEiEr7VRPO7yRHpD9eJTmwXM
8vqV3+vgVFwwEVSxS9edWb7jMA8Ax6zn1j5cPa3Oi/0je2gO9tib6Y4fvepWXoeb
xVENhCC5BejC/esMUENZDwGg1c2Od4nQQNP76V+WOqDK1E7RWkRjK9VMXmNn/qrR
cxDeLz+kI2U1XYw5At5IMSTzFotueyjq7Ev40rNRiSWVaw9PKbH+1aEpd+PqgPny
rIhCwh1g4dmWgqNcXaT1SLdqGwY7iZpkPAHPKFfxbNONxOFwLj3wqIaNwTZkeZC1
Sne0AbYllZQWDhohMJJYz7x6oK0CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQ9V5VZ
lZ5nQy5JyBKlj/syfuF3cDAfBgNVHSMEGDAWgBTKZkLqmvzHOqJKpAR1RLF8JgPL
0jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTRCNjkvREUxNDc3MEU4ODczMTFFRTg5QjgxMTQzNEFEOUU2RkMveW1aQzZw
cjh4enFpU3FRRWRVU3hmQ1lEeTlJLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveW1aQzZwcjh4enFpU3FRRWRVU3hmQ1lEeTlJLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTRCNjkvREUxNDc3MEU4ODczMTFFRTg5QjgxMTQzNEFE
OUU2RkMvN0Y1NjM1QTI4ODc1MTFFRUJGRDQ0MzQ4NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP8HAwDQYJKoZIhvcNAQEL
BQADggEBAGaEmaczlPqhAGvNgf1sPhMdTAMvJXRXtxNYQ6pqmolM9jlKJSRaicYp
IALgrwXf91mllfc68/lzm4aXSDlt0STe6uXPJ5QApVsgOaDGizI44zZQmFFr8MVx
UcwQrZED2EPNpnQXgVyv3R49Gy9WRCCedL4mdsnPW4L6f5DE1t6bAW4Mykm+Sk39
pO0CJORDtlw/HNOYXQm1er9MxwIP09dmT9aelLZJ0VOBI1F5kMPmAi4IinW40uY5
KzYZkfH4Hentc+dpGxskaXtUPsMCYnpqcVWzs8sKeXzDnZTBsD5b5C2IBRDre1Th
FsXaACIFmE8otd1xh2zD6+8OHLCqvis=
-----END CERTIFICATE-----
Generated at Sun Nov 24 03:19:44 2024 by rpki-client on console-ams.rpki-client.org