Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C01B9/AFDA9FDCDA2E11EEA6D125A7775412E6/FCC5AF24DAF811EE935BB276775412E6.roa
File: FCC5AF24DAF811EE935BB276775412E6.roa (raw, json)
Hash identifier: lFol3HpR6fMYzPmNkPhAztGIiqTs04+UE2qgxyB1A54=
Subject key identifier: 71:6C:FF:B4:59:D4:B4:DD:E0:F9:29:0D:90:4D:28:7A:31:3D:31:50
Certificate issuer: /CN=F36C01B9RI/serialNumber=39649D638F8C5209384D62B880DF7F8C7E46E1FB
Certificate serial: 03
Authority key identifier: 39:64:9D:63:8F:8C:52:09:38:4D:62:B8:80:DF:7F:8C:7E:46:E1:FB
Authority info access: rsync://rpki.afrinic.net/repository/ripe/OWSdY4-MUgk4TWK4gN9_jH5G4fs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/AFDA9FDCDA2E11EEA6D125A7775412E6/FCC5AF24DAF811EE935BB276775412E6.roa
Signing time: Tue 05 Mar 2024 14:02:22 +0000
ROA not before: Tue 05 Mar 2024 14:02:19 +0000
ROA not after: Thu 05 Mar 2026 14:02:19 +0000
asID: 25543
IP address blocks: 212.52.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/AFDA9FDCDA2E11EEA6D125A7775412E6/OWSdY4-MUgk4TWK4gN9_jH5G4fs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/AFDA9FDCDA2E11EEA6D125A7775412E6/OWSdY4-MUgk4TWK4gN9_jH5G4fs.mft
rsync://rpki.afrinic.net/repository/ripe/OWSdY4-MUgk4TWK4gN9_jH5G4fs.cer
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 27 Jun 2024 00:25:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36C01B9RI/serialNumber=39649D638F8C5209384D62B880DF7F8C7E46E1FB
Validity
Not Before: Mar 5 14:02:19 2024 GMT
Not After : Mar 5 14:02:19 2026 GMT
Subject: CN=65e725ee-6d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:10:b3:25:6f:b4:43:de:3b:1e:34:2e:2c:15:
44:37:7b:bf:9e:f2:a5:9f:f7:c0:35:3a:0c:9c:d7:
8c:bc:ab:6f:d9:8e:70:c8:1e:2a:bf:df:a8:02:4c:
a2:ef:da:86:74:92:b1:5b:65:bc:fa:13:f6:57:29:
07:7f:ed:18:ca:96:f7:34:ee:1d:26:e5:7d:3d:8b:
4e:ca:c8:f7:f2:a2:4e:c2:18:8c:35:0d:9d:08:d1:
62:b6:89:d5:e9:4c:a2:80:b9:af:6f:78:98:68:90:
01:ff:a9:eb:69:f1:3d:30:b5:5c:1c:c9:42:8c:f9:
b8:d5:5b:4c:1d:d3:a8:9d:5e:ab:f0:0a:9d:88:57:
81:83:ef:b6:0c:14:7c:33:f8:87:1f:b3:09:c6:11:
30:fa:ab:4f:6c:d1:e9:3f:7a:67:a7:3b:16:f7:75:
da:da:87:83:47:f5:da:9c:b9:ea:99:ce:aa:98:b7:
d9:80:12:77:02:f8:76:ec:cf:31:42:af:4d:50:5b:
ec:75:09:1e:63:65:2f:01:5a:ab:e7:64:24:d0:d0:
99:3f:05:00:5b:ba:d3:fa:72:8a:78:b2:49:62:91:
b4:8b:59:23:93:f4:b8:63:2a:09:f9:7e:76:e6:15:
7f:f0:f8:eb:4a:2c:86:01:11:30:3f:79:5a:fb:85:
ff:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6C:FF:B4:59:D4:B4:DD:E0:F9:29:0D:90:4D:28:7A:31:3D:31:50
X509v3 Authority Key Identifier:
keyid:39:64:9D:63:8F:8C:52:09:38:4D:62:B8:80:DF:7F:8C:7E:46:E1:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/AFDA9FDCDA2E11EEA6D125A7775412E6/OWSdY4-MUgk4TWK4gN9_jH5G4fs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/OWSdY4-MUgk4TWK4gN9_jH5G4fs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/AFDA9FDCDA2E11EEA6D125A7775412E6/FCC5AF24DAF811EE935BB276775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
212.52.128.0/19
Signature Algorithm: sha256WithRSAEncryption
31:02:25:3a:91:ad:41:6c:4b:4f:13:66:31:4e:06:ce:f6:d7:
26:9f:26:ef:89:42:1a:1e:b7:d9:42:eb:36:bd:61:1b:f9:c4:
5e:a5:23:f4:9c:73:1a:8b:34:81:06:c4:b9:7a:84:fa:1f:f9:
4d:ed:0d:c2:1b:72:46:a6:e6:24:6b:db:d2:03:c4:52:13:d2:
af:2a:1f:e2:d3:45:4c:6c:ef:c9:ce:ea:9b:40:84:af:e4:5e:
3c:98:16:2c:39:db:90:34:c7:3a:e0:fa:4f:98:3b:a1:e8:d4:
4a:a1:30:bd:c5:3e:e7:92:72:ca:8c:0a:05:f6:03:31:9a:f4:
99:dc:c4:5d:23:fe:9a:62:ff:19:6d:79:41:c5:f3:16:9c:7e:
4a:71:b9:32:7c:97:20:80:0f:91:87:4f:1b:f6:d3:85:eb:7b:
f5:2c:48:d3:85:eb:c3:df:7e:2e:5a:b9:09:7d:cf:07:99:08:
45:d3:0e:87:0d:5a:87:d9:df:fb:f4:2e:03:13:94:3a:67:7f:
10:85:a9:eb:69:aa:b3:07:8e:fd:43:8a:08:55:3e:29:bc:55:
c1:85:d3:3f:41:aa:cd:a7:cd:d7:fa:91:e7:34:f4:19:b2:ef:
a2:02:e5:9b:99:f0:41:3b:16:93:eb:b3:af:76:84:48:60:1a:
a3:62:51:0a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MDFCOVJJMTEwLwYDVQQFEygzOTY0OUQ2MzhGOEM1MjA5Mzg0RDYyQjg4MERGN0Y4
QzdFNDZFMUZCMB4XDTI0MDMwNTE0MDIxOVoXDTI2MDMwNTE0MDIxOVowGDEWMBQG
A1UEAxMNNjVlNzI1ZWUtNmQwZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgQsyVvtEPeOx40LiwVRDd7v57ypZ/3wDU6DJzXjLyrb9mOcMgeKr/fqAJM
ou/ahnSSsVtlvPoT9lcpB3/tGMqW9zTuHSblfT2LTsrI9/KiTsIYjDUNnQjRYraJ
1elMooC5r294mGiQAf+p62nxPTC1XBzJQoz5uNVbTB3TqJ1eq/AKnYhXgYPvtgwU
fDP4hx+zCcYRMPqrT2zR6T96Z6c7Fvd12tqHg0f12py56pnOqpi32YASdwL4duzP
MUKvTVBb7HUJHmNlLwFaq+dkJNDQmT8FAFu60/pyiniySWKRtItZI5P0uGMqCfl+
duYVf/D460oshgERMD95WvuF/5UCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRxbP+0
WdS03eD5KQ2QTSh6MT0xUDAfBgNVHSMEGDAWgBQ5ZJ1jj4xSCThNYriA33+Mfkbh
+zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzAxQjkvQUZEQTlGRENEQTJFMTFFRUE2RDEyNUE3Nzc1NDEyRTYvT1dTZFk0
LU1VZ2s0VFdLNGdOOV9qSDVHNGZzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L3JpcGUv
T1dTZFk0LU1VZ2s0VFdLNGdOOV9qSDVHNGZzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QzAxQjkvQUZEQTlGRENEQTJFMTFFRUE2RDEyNUE3Nzc1NDEy
RTYvRkNDNUFGMjREQUY4MTFFRTkzNUJCMjc2Nzc1NDEyRTYucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdQ0gDANBgkqhkiG9w0BAQsFAAOC
AQEAMQIlOpGtQWxLTxNmMU4GzvbXJp8m74lCGh632ULrNr1hG/nEXqUj9JxzGos0
gQbEuXqE+h/5Te0NwhtyRqbmJGvb0gPEUhPSryof4tNFTGzvyc7qm0CEr+RePJgW
LDnbkDTHOuD6T5g7oejUSqEwvcU+55JyyowKBfYDMZr0mdzEXSP+mmL/GW15QcXz
Fpx+SnG5MnyXIIAPkYdPG/bThet79SxI04Xrw99+Llq5CX3PB5kIRdMOhw1ah9nf
+/QuAxOUOmd/EIWp62mqsweO/UOKCFU+KbxVwYXTP0GqzafN1/qR5zT0GbLvogLl
m5nwQTsWk+uzr3aESGAao2JRCg==
-----END CERTIFICATE-----
Generated at Tue Jun 25 04:13:08 2024 by rpki-client on console-ams.rpki-client.org