Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FCA07/8A4B771C72B111EEA0E0096E4AD9E6FC/878D493881A211EE930A1D244AD9E6FC.roa
File: 878D493881A211EE930A1D244AD9E6FC.roa (raw, json)
Hash identifier: zLISAvhBvxTn3b4oaLe3yfM1aFnsxwTljhKhQX5W/BU=
Subject key identifier: 3F:B0:DB:48:18:F2:7D:1D:DE:9C:14:8F:C9:7D:39:9D:0B:77:94:8E
Certificate issuer: /CN=F36FCA07AF/serialNumber=BC3DE1E9840080B83C65278CDEA85EA298829481
Certificate serial: 1A
Authority key identifier: BC:3D:E1:E9:84:00:80:B8:3C:65:27:8C:DE:A8:5E:A2:98:82:94:81
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/vD3h6YQAgLg8ZSeM3qheopiClIE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36FCA07/8A4B771C72B111EEA0E0096E4AD9E6FC/878D493881A211EE930A1D244AD9E6FC.roa
Signing time: Sun 12 Nov 2023 21:29:15 +0000
ROA not before: Sun 12 Nov 2023 21:29:10 +0000
ROA not after: Mon 01 Nov 2027 21:29:10 +0000
asID: 328055
IP address blocks: 2c0f:4100::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36FCA07/8A4B771C72B111EEA0E0096E4AD9E6FC/vD3h6YQAgLg8ZSeM3qheopiClIE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36FCA07/8A4B771C72B111EEA0E0096E4AD9E6FC/vD3h6YQAgLg8ZSeM3qheopiClIE.mft
rsync://rpki.afrinic.net/repository/afrinic/vD3h6YQAgLg8ZSeM3qheopiClIE.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36FCA07AF/serialNumber=BC3DE1E9840080B83C65278CDEA85EA298829481
Validity
Not Before: Nov 12 21:29:10 2023 GMT
Not After : Nov 1 21:29:10 2027 GMT
Subject: CN=655143ab-f70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8d:fc:92:48:64:7e:4b:48:ba:9f:41:2d:19:
3b:45:4e:dc:76:da:34:3d:74:21:56:84:2b:9d:d0:
e2:0b:ec:d8:f8:21:f0:f8:7d:e7:bb:19:d4:bb:46:
ee:1d:ba:4c:c4:33:fd:d1:42:35:11:45:27:a0:64:
cc:ff:c1:f5:78:47:ed:81:3c:d2:3f:b1:a1:48:e6:
80:0c:3b:c9:fc:d0:34:d1:71:2b:ff:ed:7f:77:ba:
4e:ed:8b:84:ef:4e:28:cf:72:02:11:03:37:0c:e9:
ea:7d:ff:6c:55:d3:6c:8a:b9:c2:aa:c4:ad:1b:cb:
3e:c0:d2:dd:c6:dc:51:2b:1f:dc:68:ce:c3:82:5c:
2d:15:24:7a:f4:7f:a1:5d:bb:f7:4a:32:52:58:b3:
f0:b9:39:ae:fc:54:4f:54:93:87:c3:ce:2b:42:4a:
85:67:a5:88:79:89:63:ee:cf:55:23:62:ab:e5:4d:
27:22:ba:c9:c7:fe:e6:f8:90:bb:b1:b9:ad:7f:a3:
a1:36:da:93:61:86:2f:67:18:ad:0b:8e:30:33:b4:
b9:4b:d5:c5:4b:bd:f4:88:9c:b9:ef:95:f0:51:4d:
ad:44:ec:8d:5d:ea:7f:80:f5:38:b5:9c:1c:35:76:
de:7f:56:e6:ac:b7:cb:f6:d1:8f:5d:f4:f3:b2:10:
7f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B0:DB:48:18:F2:7D:1D:DE:9C:14:8F:C9:7D:39:9D:0B:77:94:8E
X509v3 Authority Key Identifier:
keyid:BC:3D:E1:E9:84:00:80:B8:3C:65:27:8C:DE:A8:5E:A2:98:82:94:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36FCA07/8A4B771C72B111EEA0E0096E4AD9E6FC/vD3h6YQAgLg8ZSeM3qheopiClIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vD3h6YQAgLg8ZSeM3qheopiClIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FCA07/8A4B771C72B111EEA0E0096E4AD9E6FC/878D493881A211EE930A1D244AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2c0f:4100::/32
Signature Algorithm: sha256WithRSAEncryption
31:af:34:2e:28:3b:3f:f4:2e:1a:fe:12:7d:65:ad:a0:01:fc:
89:a8:91:08:74:98:69:5e:ff:c1:31:d6:f9:6d:10:ba:4f:4b:
2f:8e:54:8d:e8:cb:81:9b:65:bd:29:a3:1d:7d:71:0c:ce:06:
ba:f4:c9:bc:7c:fd:47:c6:75:d2:ec:e0:cd:86:84:cc:d4:be:
a0:35:d3:e3:af:9a:6c:f2:1b:56:52:51:39:6c:10:78:09:c3:
06:bb:85:bf:4f:84:ed:f9:cf:3c:43:da:b3:d2:ec:1d:16:7d:
cc:be:b6:1a:92:66:d6:44:c6:4d:7a:df:ec:28:a8:fd:77:57:
07:ba:31:22:af:fe:5f:76:f8:33:5e:dc:8b:72:17:2b:4a:c8:
74:58:8d:33:a5:b7:b6:a3:a9:14:88:ee:8c:97:b9:aa:53:c6:
2c:d3:50:eb:88:41:f7:cd:25:9c:63:fc:ae:66:e3:a2:82:d1:
7e:de:f7:ec:38:df:d0:61:c5:2d:b4:b3:2e:58:c6:f4:e5:ea:
6b:0a:9a:bf:20:76:62:4e:a5:84:38:f9:f3:d7:1a:5b:82:1e:
d6:c5:13:56:4a:d5:1b:9f:a0:73:fd:29:a7:0d:b1:8e:51:3c:
b5:46:c3:9b:90:a9:ad:f3:a6:b7:f0:67:8a:ab:fa:ee:72:08:
6c:e9:f9:a6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZG
Q0EwN0FGMTEwLwYDVQQFEyhCQzNERTFFOTg0MDA4MEI4M0M2NTI3OENERUE4NUVB
Mjk4ODI5NDgxMB4XDTIzMTExMjIxMjkxMFoXDTI3MTEwMTIxMjkxMFowGDEWMBQG
A1UEAxMNNjU1MTQzYWItZjcwYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMaN/JJIZH5LSLqfQS0ZO0VO3HbaND10IVaEK53Q4gvs2Pgh8Ph957sZ1LtG
7h26TMQz/dFCNRFFJ6BkzP/B9XhH7YE80j+xoUjmgAw7yfzQNNFxK//tf3e6Tu2L
hO9OKM9yAhEDNwzp6n3/bFXTbIq5wqrErRvLPsDS3cbcUSsf3GjOw4JcLRUkevR/
oV2790oyUliz8Lk5rvxUT1STh8POK0JKhWeliHmJY+7PVSNiq+VNJyK6ycf+5viQ
u7G5rX+joTbak2GGL2cYrQuOMDO0uUvVxUu99Iicue+V8FFNrUTsjV3qf4D1OLWc
HDV23n9W5qy3y/bRj13087IQf90CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQ/sNtI
GPJ9Hd6cFI/JfTmdC3eUjjAfBgNVHSMEGDAWgBS8PeHphACAuDxlJ4zeqF6imIKU
gTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RkNBMDcvOEE0Qjc3MUM3MkIxMTFFRUEwRTAwOTZFNEFEOUU2RkMvdkQzaDZZ
UUFnTGc4WlNlTTNxaGVvcGlDbElFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdkQzaDZZUUFnTGc4WlNlTTNxaGVvcGlDbElFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RkNBMDcvOEE0Qjc3MUM3MkIxMTFFRUEwRTAwOTZFNEFE
OUU2RkMvODc4RDQ5Mzg4MUEyMTFFRTkzMEExRDI0NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPQQAwDQYJKoZIhvcNAQEL
BQADggEBADGvNC4oOz/0Lhr+En1lraAB/ImokQh0mGle/8Ex1vltELpPSy+OVI3o
y4GbZb0pox19cQzOBrr0ybx8/UfGddLs4M2GhMzUvqA10+OvmmzyG1ZSUTlsEHgJ
wwa7hb9PhO35zzxD2rPS7B0Wfcy+thqSZtZExk163+woqP13Vwe6MSKv/l92+DNe
3ItyFytKyHRYjTOlt7ajqRSI7oyXuapTxizTUOuIQffNJZxj/K5m46KC0X7e9+w4
39BhxS20sy5YxvTl6msKmr8gdmJOpYQ4+fPXGluCHtbFE1ZK1RufoHP9KacNsY5R
PLVGw5uQqa3zprfwZ4qr+u5yCGzp+aY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:01 2024 by rpki-client on console-fra.rpki-client.org