Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361D56A/918952F8DABF11EE9E12439B775412E6/181084A206B911EF877AA736017001B1.roa
File:                     181084A206B911EF877AA736017001B1.roa (raw, json)
Hash identifier:          CNpzrTzZHNqI/KQx7+VeOW0cqEbnDDNqqbPZUxsZXi8=
Subject key identifier:   E9:E8:87:88:A6:D9:ED:E2:F4:4C:C7:38:FA:6F:F1:07:8B:DD:45:33
Certificate issuer:       /CN=F361D56AAF/serialNumber=DEEBF5D221B1C48D059FDF894EEA1866B036FCB1
Certificate serial:       3F
Authority key identifier: DE:EB:F5:D2:21:B1:C4:8D:05:9F:DF:89:4E:EA:18:66:B0:36:FC:B1
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3uv10iGxxI0Fn9-JTuoYZrA2_LE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F361D56A/918952F8DABF11EE9E12439B775412E6/181084A206B911EF877AA736017001B1.roa
Signing time:             Tue 30 Apr 2024 06:15:51 +0000
ROA not before:           Tue 30 Apr 2024 06:15:47 +0000
ROA not after:            Thu 30 Apr 2026 06:15:47 +0000
asID:                     328856
IP address blocks:        102.209.56.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F361D56A/918952F8DABF11EE9E12439B775412E6/3uv10iGxxI0Fn9-JTuoYZrA2_LE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F361D56A/918952F8DABF11EE9E12439B775412E6/3uv10iGxxI0Fn9-JTuoYZrA2_LE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/3uv10iGxxI0Fn9-JTuoYZrA2_LE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 63 (0x3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F361D56AAF/serialNumber=DEEBF5D221B1C48D059FDF894EEA1866B036FCB1
        Validity
            Not Before: Apr 30 06:15:47 2024 GMT
            Not After : Apr 30 06:15:47 2026 GMT
        Subject: CN=66308c97-c9de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:83:b1:8b:54:41:48:4a:99:ff:7c:cf:19:71:
                    54:a6:51:88:6c:e2:b4:15:75:ca:82:db:b5:7f:78:
                    86:57:22:a9:67:65:cf:ce:9e:fd:92:98:db:b9:44:
                    05:78:ba:52:94:60:da:18:f3:f9:08:13:b3:46:05:
                    97:5e:a0:42:0f:ae:e5:33:74:62:2c:e5:67:42:d9:
                    44:cf:76:37:b4:d2:18:67:05:d3:44:6c:5a:c8:b1:
                    ee:92:12:dc:09:17:68:dc:d0:63:3b:78:c2:f7:86:
                    2d:11:2b:f5:a9:ce:e4:ee:9f:bf:64:17:f2:88:c3:
                    e4:c8:f6:80:42:05:61:e2:94:36:f5:a3:e2:12:df:
                    b3:2e:5a:50:cd:7a:bd:a2:df:a9:65:68:59:2f:4f:
                    8f:06:cb:92:c1:d1:05:a3:63:b5:d3:69:f5:8a:b9:
                    a7:fa:ff:bf:a8:cd:8f:e5:8d:2a:a3:00:e7:1d:ab:
                    ff:c4:18:48:19:64:fb:fa:c3:15:dc:b2:9d:c4:5d:
                    e9:99:8b:aa:2d:1a:14:9b:2d:2f:8f:76:db:dc:57:
                    9b:09:36:93:6d:0b:6b:8a:f9:bd:52:3d:fe:42:3e:
                    ed:87:13:cb:f1:b5:da:8e:69:f1:b4:b3:e3:37:65:
                    54:ef:fe:4e:b6:0e:77:f6:ed:12:a6:87:f4:32:e4:
                    d2:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:E8:87:88:A6:D9:ED:E2:F4:4C:C7:38:FA:6F:F1:07:8B:DD:45:33
            X509v3 Authority Key Identifier:
                keyid:DE:EB:F5:D2:21:B1:C4:8D:05:9F:DF:89:4E:EA:18:66:B0:36:FC:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F361D56A/918952F8DABF11EE9E12439B775412E6/3uv10iGxxI0Fn9-JTuoYZrA2_LE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3uv10iGxxI0Fn9-JTuoYZrA2_LE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361D56A/918952F8DABF11EE9E12439B775412E6/181084A206B911EF877AA736017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ba:f6:b5:a8:62:53:6c:65:26:23:98:c3:98:b3:57:62:f6:aa:
         5f:f5:28:e7:a4:b2:5f:f7:fb:85:43:ee:0e:82:7e:49:b7:7b:
         b4:e6:50:09:12:0a:09:79:97:5a:66:18:6e:07:da:e9:bc:bc:
         ee:b5:32:3d:38:62:62:47:b1:2e:5c:c7:cc:26:33:82:cc:4e:
         4a:93:35:57:8c:31:01:7c:43:51:e2:0b:a2:d8:d8:bd:5a:d3:
         e6:54:f4:6e:73:2d:90:34:ee:21:09:24:c3:28:38:27:4a:01:
         77:51:43:ee:72:e7:e9:93:16:7f:92:bf:d7:c0:a4:3c:8b:79:
         b8:1f:a8:3e:b8:6f:9e:1d:54:a7:d0:26:7f:eb:69:76:da:07:
         78:72:a1:59:87:58:90:be:21:71:97:56:3b:05:3e:af:99:0a:
         40:f6:d3:13:c5:2e:5a:56:35:b7:e3:d9:21:ac:e1:94:fe:56:
         59:d7:3e:63:96:61:45:d2:b9:b8:01:f0:7f:f6:64:58:d3:ce:
         ab:ab:46:74:bd:81:6e:ca:6e:0a:47:fe:ff:ea:8f:a3:c2:eb:
         81:27:5e:28:34:53:d6:a5:ff:6e:53:53:e8:92:c4:1b:08:92:
         21:c7:ea:20:a4:03:4d:16:fe:c2:4a:a6:32:40:de:60:80:90:
         95:bf:74:91
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBPzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
RDU2QUFGMTEwLwYDVQQFEyhERUVCRjVEMjIxQjFDNDhEMDU5RkRGODk0RUVBMTg2
NkIwMzZGQ0IxMB4XDTI0MDQzMDA2MTU0N1oXDTI2MDQzMDA2MTU0N1owGDEWMBQG
A1UEAxMNNjYzMDhjOTctYzlkZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALODsYtUQUhKmf98zxlxVKZRiGzitBV1yoLbtX94hlciqWdlz86e/ZKY27lE
BXi6UpRg2hjz+QgTs0YFl16gQg+u5TN0YizlZ0LZRM92N7TSGGcF00RsWsix7pIS
3AkXaNzQYzt4wveGLREr9anO5O6fv2QX8ojD5Mj2gEIFYeKUNvWj4hLfsy5aUM16
vaLfqWVoWS9PjwbLksHRBaNjtdNp9Yq5p/r/v6jNj+WNKqMA5x2r/8QYSBlk+/rD
FdyyncRd6ZmLqi0aFJstL49229xXmwk2k20La4r5vVI9/kI+7YcTy/G12o5p8bSz
4zdlVO/+TrYOd/btEqaH9DLk0qkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTp6IeI
ptnt4vRMxzj6b/EHi91FMzAfBgNVHSMEGDAWgBTe6/XSIbHEjQWf34lO6hhmsDb8
sTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUQ1NkEvOTE4OTUyRjhEQUJGMTFFRTlFMTI0MzlCNzc1NDEyRTYvM3V2MTBp
R3h4STBGbjktSlR1b1lackEyX0xFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvM3V2MTBpR3h4STBGbjktSlR1b1lackEyX0xFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUQ1NkEvOTE4OTUyRjhEQUJGMTFFRTlFMTI0MzlCNzc1
NDEyRTYvMTgxMDg0QTIwNkI5MTFFRjg3N0FBNzM2MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbRODANBgkqhkiG9w0BAQsF
AAOCAQEAuva1qGJTbGUmI5jDmLNXYvaqX/Uo56SyX/f7hUPuDoJ+Sbd7tOZQCRIK
CXmXWmYYbgfa6by87rUyPThiYkexLlzHzCYzgsxOSpM1V4wxAXxDUeILotjYvVrT
5lT0bnMtkDTuIQkkwyg4J0oBd1FD7nLn6ZMWf5K/18CkPIt5uB+oPrhvnh1Up9Am
f+tpdtoHeHKhWYdYkL4hcZdWOwU+r5kKQPbTE8UuWlY1t+PZIazhlP5WWdc+Y5Zh
RdK5uAHwf/ZkWNPOq6tGdL2BbspuCkf+/+qPo8LrgSdeKDRT1qX/blNT6JLEGwiS
IcfqIKQDTRb+wkqmMkDeYICQlb90kQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org