Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/AB7E9A96052811EE8B0E93444AD9E6FC.roa
File:                     AB7E9A96052811EE8B0E93444AD9E6FC.roa (raw, json)
Hash identifier:          MyA6dQA89oG/sojI5P70u1iSYN9Fg+8vAGIM45hxUow=
Subject key identifier:   DC:90:C2:D1:2F:5B:F0:DA:77:23:05:3C:BE:D8:B1:B7:A5:67:81:CA
Certificate issuer:       /CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Certificate serial:       14
Authority key identifier: AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
Authority info access:    rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/AB7E9A96052811EE8B0E93444AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 11:44:33 +0000
ROA not before:           Wed 07 Jun 2023 11:44:29 +0000
ROA not after:            Mon 30 Jun 2025 11:44:29 +0000
asID:                     37463
IP address blocks:        169.255.121.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.mft
                          rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:16:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20 (0x14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
        Validity
            Not Before: Jun  7 11:44:29 2023 GMT
            Not After : Jun 30 11:44:29 2025 GMT
        Subject: CN=64806da1-b602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:5f:39:4f:57:9a:d2:94:22:90:cc:3d:f9:9c:
                    5e:24:eb:2c:84:b8:93:07:d5:af:eb:f1:b2:17:23:
                    6f:b9:ac:9b:6b:06:6e:ba:f4:f7:13:3a:fa:8f:6a:
                    7d:f1:3d:d1:82:78:aa:eb:80:94:28:a0:1e:6c:5a:
                    4b:69:10:b8:04:19:65:0f:ce:dc:70:8b:c2:ee:e3:
                    a0:28:66:0e:e6:de:c6:8b:6c:2b:74:b1:9c:af:f2:
                    e7:56:5d:8f:9f:1e:25:77:0c:78:df:c0:d5:ec:74:
                    b5:5d:56:de:48:a1:92:0c:4b:0f:65:26:60:6e:3a:
                    0e:06:fa:15:5a:22:53:13:ce:e0:d5:9f:b4:0b:99:
                    02:3a:54:8c:e2:b5:b6:a7:05:f3:7a:58:17:bb:1a:
                    db:11:cb:ba:6e:84:18:78:77:d0:85:71:01:de:ee:
                    ec:6f:1c:a4:17:b9:6e:31:7b:06:9b:62:af:e5:26:
                    08:d1:4a:87:04:ad:ef:0f:e3:06:14:d7:7d:bf:bc:
                    78:4b:06:30:3a:5d:e0:59:4f:e2:ab:62:09:1f:6d:
                    96:e2:3d:9b:ec:ff:d5:da:ff:cd:48:8e:26:28:b5:
                    6f:fe:9d:b7:8f:d4:ae:61:5e:37:4b:88:19:5d:d5:
                    05:65:9e:65:4b:a5:4d:c6:d9:50:f5:5d:02:56:2a:
                    d4:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:90:C2:D1:2F:5B:F0:DA:77:23:05:3C:BE:D8:B1:B7:A5:67:81:CA
            X509v3 Authority Key Identifier:
                keyid:AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/AB7E9A96052811EE8B0E93444AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  169.255.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:c3:7c:4b:34:1b:38:f7:38:78:3c:66:5a:dc:b7:21:03:f2:
         4a:ae:52:cc:d4:11:85:86:c6:18:2c:cb:58:4a:a8:d4:e9:84:
         95:f3:43:fc:26:51:26:1d:05:d7:c9:07:97:8f:ce:c4:20:a6:
         68:ef:4d:b0:b8:ff:76:46:51:3b:57:40:13:38:7d:90:3a:92:
         66:a3:c5:3e:e4:38:be:83:18:78:c7:d1:80:34:42:80:5c:98:
         be:b6:ff:4f:14:fd:f4:12:48:97:e1:b6:36:f4:51:4b:90:4e:
         e0:f1:f9:6f:62:6a:73:1f:15:5b:10:16:68:76:c8:f1:d9:bf:
         e0:3c:92:18:cc:9a:27:e5:63:3a:ab:a8:b4:97:2f:ba:c4:59:
         c6:d5:80:92:7d:7b:8e:8b:e7:81:a9:e8:50:dd:e9:83:23:3e:
         b9:7f:64:f1:8c:0a:bf:30:b0:2d:e3:00:1b:0e:32:b2:39:77:
         55:f1:25:d0:bf:58:64:01:3e:60:a1:80:72:84:73:8b:88:0a:
         15:c9:9a:dc:40:19:40:bd:be:27:93:cb:14:c8:be:ba:fd:9c:
         b9:0b:91:f0:2b:8f:d3:17:8c:53:60:7f:ad:49:e7:26:b7:2c:
         a6:0d:34:68:ab:a3:b8:a6:79:41:76:1b:82:93:e6:34:6f:b9:
         a5:cd:42:a8
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBFDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEMxNkFSMTEwLwYDVQQFEyhBRTUxMjkzNjI3RjFCRDdBOUY1Mzc4OEUyQTY1RUEw
NDEzNDZBNzAyMB4XDTIzMDYwNzExNDQyOVoXDTI1MDYzMDExNDQyOVowGDEWMBQG
A1UEAxMNNjQ4MDZkYTEtYjYwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhfOU9XmtKUIpDMPfmcXiTrLIS4kwfVr+vxshcjb7msm2sGbrr09xM6+o9q
ffE90YJ4quuAlCigHmxaS2kQuAQZZQ/O3HCLwu7joChmDubexotsK3SxnK/y51Zd
j58eJXcMeN/A1ex0tV1W3kihkgxLD2UmYG46Dgb6FVoiUxPO4NWftAuZAjpUjOK1
tqcF83pYF7sa2xHLum6EGHh30IVxAd7u7G8cpBe5bjF7Bptir+UmCNFKhwSt7w/j
BhTXfb+8eEsGMDpd4FlP4qtiCR9tluI9m+z/1dr/zUiOJii1b/6dt4/UrmFeN0uI
GV3VBWWeZUulTcbZUPVdAlYq1P8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTckMLR
L1vw2ncjBTy+2LG3pWeByjAfBgNVHSMEGDAWgBSuUSk2J/G9ep9TeI4qZeoEE0an
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2RkMvcmxFcE5p
Znh2WHFmVTNpT0ttWHFCQk5HcHdJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
cmxFcE5pZnh2WHFmVTNpT0ttWHFCQk5HcHdJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2
RkMvQUI3RTlBOTYwNTI4MTFFRThCMEU5MzQ0NEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKn/eTANBgkqhkiG9w0BAQsFAAOC
AQEAPsN8SzQbOPc4eDxmWty3IQPySq5SzNQRhYbGGCzLWEqo1OmElfND/CZRJh0F
18kHl4/OxCCmaO9NsLj/dkZRO1dAEzh9kDqSZqPFPuQ4voMYeMfRgDRCgFyYvrb/
TxT99BJIl+G2NvRRS5BO4PH5b2Jqcx8VWxAWaHbI8dm/4DySGMyaJ+VjOquotJcv
usRZxtWAkn17jovnganoUN3pgyM+uX9k8YwKvzCwLeMAGw4ysjl3VfEl0L9YZAE+
YKGAcoRzi4gKFcma3EAZQL2+J5PLFMi+uv2cuQuR8CuP0xeMU2B/rUnnJrcspg00
aKujuKZ5QXYbgpPmNG+5pc1CqA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:07 2024 by rpki-client on console-fra.rpki-client.org