Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/CF99B532216A11EFBD87B3127DDC24C2.roa
File: CF99B532216A11EFBD87B3127DDC24C2.roa (raw, json)
Hash identifier: jOjj4Xh+2NT4yOAFMCOKRdCM3mQyy3CpEf+pl4OtA9Y=
Subject key identifier: 3E:53:C9:D9:E8:9F:88:44:27:6B:88:9A:82:42:42:6C:E1:E4:AD:82
Certificate issuer: /CN=F36E2B8CRI/serialNumber=0629C99D4760C289B84CDBECF1B6C13CF525EAAF
Certificate serial: 0187
Authority key identifier: 06:29:C9:9D:47:60:C2:89:B8:4C:DB:EC:F1:B6:C1:3C:F5:25:EA:AF
Authority info access: rsync://rpki.afrinic.net/repository/ripe/BinJnUdgwom4TNvs8bbBPPUl6q8.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/CF99B532216A11EFBD87B3127DDC24C2.roa
Signing time: Mon 03 Jun 2024 05:33:31 +0000
ROA not before: Mon 03 Jun 2024 05:33:27 +0000
ROA not after: Tue 01 Jan 2030 05:33:27 +0000
asID: 37684
IP address blocks: 62.12.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/BinJnUdgwom4TNvs8bbBPPUl6q8.crl
rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/BinJnUdgwom4TNvs8bbBPPUl6q8.mft
rsync://rpki.afrinic.net/repository/ripe/BinJnUdgwom4TNvs8bbBPPUl6q8.cer
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.crl
rsync://rpki.afrinic.net/repository/ripe/f3rBgIl5g-Kek3wKGHgDwHJ1VUU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/ripe-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 391 (0x187)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36E2B8CRI/serialNumber=0629C99D4760C289B84CDBECF1B6C13CF525EAAF
Validity
Not Before: Jun 3 05:33:27 2024 GMT
Not After : Jan 1 05:33:27 2030 GMT
Subject: CN=665d55aa-c94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:8c:72:c5:dc:c7:c7:2b:dd:d3:cb:a2:78:22:
47:4d:65:dc:88:01:3e:e4:91:00:45:40:64:9e:06:
3f:af:67:2b:df:74:aa:f9:a5:1c:ca:c8:88:7a:f9:
eb:d6:5e:3a:80:53:d3:b4:dd:39:45:c6:a3:81:87:
74:2b:89:41:43:09:bc:86:1b:ed:f0:32:e0:aa:ff:
85:ca:ee:e4:7d:25:fd:2a:9b:c6:52:86:d1:f8:02:
0d:4a:ca:68:23:bd:52:6a:12:35:3e:16:1b:a5:8f:
53:f3:04:54:54:0a:f3:77:af:87:d1:2e:ed:99:b6:
62:7f:75:fe:5c:b9:c4:d2:8a:2a:75:cd:b5:5e:b9:
2e:a3:38:c3:2c:a3:9e:33:87:ef:b3:33:49:a3:75:
79:59:2a:c4:29:26:4b:c3:71:45:be:22:fc:21:7a:
c0:5d:e3:f4:36:d6:5b:18:7b:9f:28:b9:4a:b6:a5:
34:3b:62:b9:8d:cf:63:49:5b:41:4c:cd:51:6e:2b:
81:56:a9:64:14:f4:e7:2e:7e:f1:9f:b4:af:21:28:
ca:86:99:4f:d7:f2:2c:d2:cb:9c:f8:3b:37:24:5b:
2a:51:2e:00:a1:5f:bc:fe:55:42:42:e3:11:e8:bc:
72:ec:e2:cd:29:a4:a8:b8:b9:05:67:8a:e1:e3:ee:
fa:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:53:C9:D9:E8:9F:88:44:27:6B:88:9A:82:42:42:6C:E1:E4:AD:82
X509v3 Authority Key Identifier:
keyid:06:29:C9:9D:47:60:C2:89:B8:4C:DB:EC:F1:B6:C1:3C:F5:25:EA:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/BinJnUdgwom4TNvs8bbBPPUl6q8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/ripe/BinJnUdgwom4TNvs8bbBPPUl6q8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/B50CA4AA0B6211EEB2D35E8A4AD9E6FC/CF99B532216A11EFBD87B3127DDC24C2.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
62.12.116.0/24
Signature Algorithm: sha256WithRSAEncryption
de:a1:e2:cd:5a:66:01:e9:b4:08:3a:60:fd:8c:18:a4:d7:5b:
d6:13:c9:47:f0:c0:83:09:fb:61:dd:c8:2e:b8:c4:1a:e5:80:
5a:81:1a:3d:7d:ff:c7:90:56:13:df:71:95:8d:b1:4c:d6:db:
15:66:ff:bd:23:4f:60:45:e8:36:2f:e9:f1:5c:be:fd:42:c3:
36:42:bc:eb:0a:cf:22:7e:90:47:1b:e5:01:ab:17:f4:b7:97:
15:5e:b1:59:e2:96:bd:c2:32:26:9f:f5:1d:ad:30:69:22:7c:
5f:3f:97:2b:61:93:e9:71:d0:84:6f:43:48:62:8d:3f:1e:47:
9d:63:bc:7a:ee:2a:da:1d:e0:bd:56:68:7e:6f:bb:b1:a4:cc:
d6:dd:5c:5a:b6:7e:66:2e:79:54:4f:21:37:b1:3f:61:b1:2f:
fe:6f:f5:6c:de:7c:31:f3:fd:c6:54:8f:0b:e7:24:1c:43:41:
ce:b6:e3:82:fe:5b:e6:b0:1b:5f:46:b1:3c:a0:d6:50:59:2a:
b6:e7:de:94:97:e2:8c:6e:1e:f2:8c:c0:2a:b3:8e:97:72:39:
98:81:9b:30:4f:55:fb:7b:94:74:51:ce:21:24:ce:66:12:60:
d3:d8:9d:eb:31:0d:b1:6b:08:0f:2d:0b:aa:13:8a:83:e5:d6:
91:4f:0d:b8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAYcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTJCOENSSTExMC8GA1UEBRMoMDYyOUM5OUQ0NzYwQzI4OUI4NENEQkVDRjFCNkMx
M0NGNTI1RUFBRjAeFw0yNDA2MDMwNTMzMjdaFw0zMDAxMDEwNTMzMjdaMBgxFjAU
BgNVBAMTDTY2NWQ1NWFhLWM5NGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDujHLF3MfHK93Ty6J4IkdNZdyIAT7kkQBFQGSeBj+vZyvfdKr5pRzKyIh6
+evWXjqAU9O03TlFxqOBh3QriUFDCbyGG+3wMuCq/4XK7uR9Jf0qm8ZShtH4Ag1K
ymgjvVJqEjU+Fhulj1PzBFRUCvN3r4fRLu2ZtmJ/df5cucTSiip1zbVeuS6jOMMs
o54zh++zM0mjdXlZKsQpJkvDcUW+IvwhesBd4/Q21lsYe58ouUq2pTQ7YrmNz2NJ
W0FMzVFuK4FWqWQU9OcufvGftK8hKMqGmU/X8izSy5z4OzckWypRLgChX7z+VUJC
4xHovHLs4s0ppKi4uQVniuHj7vp1AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUPlPJ
2eifiEQna4iagkJCbOHkrYIwHwYDVR0jBBgwFoAUBinJnUdgwom4TNvs8bbBPPUl
6q8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUyQjhDL0I1MENBNEFBMEI2MjExRUVCMkQzNUU4QTRBRDlFNkZDL0Jpbkpu
VWRnd29tNFROdnM4YmJCUFBVbDZxOC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9yaXBl
L0JpbkpuVWRnd29tNFROdnM4YmJCUFBVbDZxOC5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkUyQjhDL0I1MENBNEFBMEI2MjExRUVCMkQzNUU4QTRBRDlF
NkZDL0NGOTlCNTMyMjE2QTExRUZCRDg3QjMxMjdEREMyNEMyLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA+DHQwDQYJKoZIhvcNAQELBQAD
ggEBAN6h4s1aZgHptAg6YP2MGKTXW9YTyUfwwIMJ+2HdyC64xBrlgFqBGj19/8eQ
VhPfcZWNsUzW2xVm/70jT2BF6DYv6fFcvv1CwzZCvOsKzyJ+kEcb5QGrF/S3lxVe
sVnilr3CMiaf9R2tMGkifF8/lythk+lx0IRvQ0hijT8eR51jvHruKtod4L1WaH5v
u7GkzNbdXFq2fmYueVRPITexP2GxL/5v9WzefDHz/cZUjwvnJBxDQc6244L+W+aw
G19GsTyg1lBZKrbn3pSX4oxuHvKMwCqzjpdyOZiBmzBPVft7lHRRziEkzmYSYNPY
nesxDbFrCA8tC6oTioPl1pFPDbg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org