Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3617560/30C4542CF25911EC90D029C2F1222468/3FB71B40F3B211EC832ED98EF1222468.roa
File:                     3FB71B40F3B211EC832ED98EF1222468.roa (raw, json)
Hash identifier:          iKbTDOfiOzIUQTnoHmvFh8aaKwNKEynvlDO8sUNXeaY=
Subject key identifier:   05:F4:64:4E:D6:79:CE:0B:C3:34:CE:02:A4:F1:D7:33:95:FB:EF:61
Certificate issuer:       /CN=F3617560AF/serialNumber=559608F1905C17B2C1EB888134CC383C8FD4EEF4
Certificate serial:       08
Authority key identifier: 55:96:08:F1:90:5C:17:B2:C1:EB:88:81:34:CC:38:3C:8F:D4:EE:F4
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/VZYI8ZBcF7LB64iBNMw4PI_U7vQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3617560/30C4542CF25911EC90D029C2F1222468/3FB71B40F3B211EC832ED98EF1222468.roa
Signing time:             Fri 24 Jun 2022 11:39:04 +0000
ROA not before:           Fri 24 Jun 2022 11:38:59 +0000
ROA not after:            Wed 31 Dec 2042 11:38:59 +0000
asID:                     6453
IP address blocks:        41.136.0.0/16 maxlen: 24
                          41.212.128.0/17 maxlen: 24
                          196.27.64.0/19 maxlen: 24
                          196.192.96.0/20 maxlen: 24
                          197.224.0.0/14 maxlen: 24
                          2001:4290::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3617560/30C4542CF25911EC90D029C2F1222468/VZYI8ZBcF7LB64iBNMw4PI_U7vQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3617560/30C4542CF25911EC90D029C2F1222468/VZYI8ZBcF7LB64iBNMw4PI_U7vQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/VZYI8ZBcF7LB64iBNMw4PI_U7vQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3617560AF/serialNumber=559608F1905C17B2C1EB888134CC383C8FD4EEF4
        Validity
            Not Before: Jun 24 11:38:59 2022 GMT
            Not After : Dec 31 11:38:59 2042 GMT
        Subject: CN=62b5a258-8335
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:e9:0d:c8:c1:02:b4:92:2c:49:9d:dc:48:0b:
                    9f:10:f0:d7:23:68:c2:99:6e:2d:3a:7b:6a:91:8d:
                    b8:25:ac:4a:94:c2:5f:c6:6f:2c:3f:e8:8c:24:6b:
                    b4:ca:fd:5b:f3:d5:cf:2d:b9:5a:c2:a2:62:78:1c:
                    6f:0f:d7:bd:ec:c8:c7:53:48:27:67:5c:65:b0:41:
                    54:88:db:db:cf:3c:79:a1:7f:6b:36:d0:67:1e:ba:
                    de:d8:08:94:6e:d5:99:9a:96:2f:b0:dc:98:79:33:
                    c6:1f:c9:33:99:94:d6:17:77:dc:c4:30:fb:6b:4f:
                    66:0a:2f:9e:2b:90:61:fd:d8:06:20:5d:0f:d0:72:
                    ef:86:e3:61:de:4a:71:d4:8c:fa:29:3b:34:3c:56:
                    ad:d1:94:34:66:2c:0d:61:31:eb:3e:6d:99:07:ed:
                    ae:5a:18:68:69:53:5f:94:58:2a:2d:a3:32:20:b8:
                    a9:e1:ca:17:a5:00:3c:e4:99:f4:24:b6:3e:ab:c0:
                    ea:cb:c1:6c:53:02:2f:16:99:02:08:d4:26:3a:52:
                    ab:e3:b0:25:07:7a:73:06:98:d2:03:91:ed:6e:d2:
                    52:94:ab:6c:5b:1a:46:09:4c:d6:16:2a:2f:9d:74:
                    00:41:37:48:b5:cf:49:f9:3d:8a:5f:c5:63:c2:b8:
                    0e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:F4:64:4E:D6:79:CE:0B:C3:34:CE:02:A4:F1:D7:33:95:FB:EF:61
            X509v3 Authority Key Identifier:
                keyid:55:96:08:F1:90:5C:17:B2:C1:EB:88:81:34:CC:38:3C:8F:D4:EE:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3617560/30C4542CF25911EC90D029C2F1222468/VZYI8ZBcF7LB64iBNMw4PI_U7vQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/VZYI8ZBcF7LB64iBNMw4PI_U7vQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3617560/30C4542CF25911EC90D029C2F1222468/3FB71B40F3B211EC832ED98EF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.136.0.0/16
                  41.212.128.0/17
                  196.27.64.0/19
                  196.192.96.0/20
                  197.224.0.0/14
                IPv6:
                  2001:4290::/32

    Signature Algorithm: sha256WithRSAEncryption
         80:76:63:00:d0:75:db:ad:2b:fe:5b:15:55:18:91:6f:89:46:
         ad:23:79:5b:a9:6c:43:04:a1:a0:82:7c:c4:4b:96:99:38:7f:
         e3:d7:79:13:54:3f:fb:22:a1:e6:0c:9f:95:68:4b:8b:73:fe:
         6c:7b:aa:c7:5a:50:0c:87:f7:5b:3d:f9:7c:05:21:b2:53:de:
         c5:47:79:8b:ac:84:5f:65:8f:bb:ee:a3:ee:d0:fa:52:09:4b:
         da:29:d1:08:e2:5e:7c:a3:95:40:fe:51:b4:ad:e4:c1:4f:a1:
         a8:bc:6e:f1:ec:88:8b:78:a0:d9:f3:18:9b:8a:12:fc:a6:2f:
         a2:72:89:93:26:7a:7d:b0:84:bd:2c:68:33:a3:53:58:1b:dc:
         64:e2:8f:7e:67:14:c4:04:fa:88:fc:f3:d3:5f:af:e4:2a:11:
         d0:ca:8f:c3:b3:c6:13:12:fe:3d:6e:c0:a0:04:05:a9:71:b4:
         b8:8d:5a:b8:d4:60:f6:6b:d0:f7:0f:aa:7b:a0:e5:60:e2:8a:
         09:0b:3f:31:39:60:85:82:a0:dd:17:d9:10:6f:69:8e:56:9e:
         a5:a4:55:4d:d2:a9:6a:b7:22:0d:3a:24:74:77:de:f1:94:0d:
         d9:08:30:e9:2c:88:a5:16:a3:34:77:20:d8:3e:8e:07:14:81:
         57:53:c6:5e
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYx
NzU2MEFGMTEwLwYDVQQFEyg1NTk2MDhGMTkwNUMxN0IyQzFFQjg4ODEzNENDMzgz
QzhGRDRFRUY0MB4XDTIyMDYyNDExMzg1OVoXDTQyMTIzMTExMzg1OVowGDEWMBQG
A1UEAwwNNjJiNWEyNTgtODMzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTpDcjBArSSLEmd3EgLnxDw1yNowpluLTp7apGNuCWsSpTCX8ZvLD/ojCRr
tMr9W/PVzy25WsKiYngcbw/XvezIx1NIJ2dcZbBBVIjb2888eaF/azbQZx663tgI
lG7VmZqWL7DcmHkzxh/JM5mU1hd33MQw+2tPZgovniuQYf3YBiBdD9By74bjYd5K
cdSM+ik7NDxWrdGUNGYsDWEx6z5tmQftrloYaGlTX5RYKi2jMiC4qeHKF6UAPOSZ
9CS2PqvA6svBbFMCLxaZAgjUJjpSq+OwJQd6cwaY0gOR7W7SUpSrbFsaRglM1hYq
L510AEE3SLXPSfk9il/FY8K4DrkCAwEAAaOCAsowggLGMB0GA1UdDgQWBBQF9GRO
1nnOC8M0zgKk8dczlfvvYTAfBgNVHSMEGDAWgBRVlgjxkFwXssHriIE0zDg8j9Tu
9DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTc1NjAvMzBDNDU0MkNGMjU5MTFFQzkwRDAyOUMyRjEyMjI0NjgvVlpZSTha
QmNGN0xCNjRpQk5NdzRQSV9VN3ZRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVlpZSThaQmNGN0xCNjRpQk5NdzRQSV9VN3ZRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTc1NjAvMzBDNDU0MkNGMjU5MTFFQzkwRDAyOUMyRjEy
MjI0NjgvM0ZCNzFCNDBGM0IyMTFFQzgzMkVEOThFRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBEBggrBgEFBQcBBwEB/wQ1MDMwIgQCAAEwHAMDACmIAwQHKdSAAwQFxBtAAwQE
xMBgAwMCxeAwDQQCAAIwBwMFACABQpAwDQYJKoZIhvcNAQELBQADggEBAIB2YwDQ
ddutK/5bFVUYkW+JRq0jeVupbEMEoaCCfMRLlpk4f+PXeRNUP/sioeYMn5VoS4tz
/mx7qsdaUAyH91s9+XwFIbJT3sVHeYushF9lj7vuo+7Q+lIJS9op0QjiXnyjlUD+
UbSt5MFPoai8bvHsiIt4oNnzGJuKEvymL6JyiZMmen2whL0saDOjU1gb3GTij35n
FMQE+oj889Nfr+QqEdDKj8OzxhMS/j1uwKAEBalxtLiNWrjUYPZr0PcPqnug5WDi
igkLPzE5YIWCoN0X2RBvaY5WnqWkVU3SqWq3Ig06JHR33vGUDdkIMOksiKUWozR3
INg+jgcUgVdTxl4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org