Route Origin Authorization 

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3623CAF/D13F9DB0F4F111E5BE8A634CF8AEA228/D4836C70F58E11E59F714033F8AEA228.roa
File:                     D4836C70F58E11E59F714033F8AEA228.roa (raw, json)
Hash identifier:          pN8APZRuxk6Jm4N1ZwtHoYfsYhbm0SmVWbFKIM+vAlY=
Subject key identifier:   E8:44:BA:D6:43:23:AE:5C:3A:66:D7:ED:94:B7:E2:15:C7:9C:BF:D3
Certificate issuer:       /CN=F3623CAFAF/serialNumber=334DE7D2EB862018BB95749B648DCBAF50D13DA8
Certificate serial:       04
Authority key identifier: 33:4D:E7:D2:EB:86:20:18:BB:95:74:9B:64:8D:CB:AF:50:D1:3D:A8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/M03n0uuGIBi7lXSbZI3Lr1DRPag.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3623CAF/D13F9DB0F4F111E5BE8A634CF8AEA228/D4836C70F58E11E59F714033F8AEA228.roa
Signing time:             Tue 29 Mar 2016 09:18:15 +0000
ROA not before:           Tue 29 Mar 2016 09:18:01 +0000
ROA not after:            Sun 29 Mar 2026 09:18:01 +0000
asID:                     22690
IP address blocks:        41.242.140.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3623CAF/D13F9DB0F4F111E5BE8A634CF8AEA228/M03n0uuGIBi7lXSbZI3Lr1DRPag.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3623CAF/D13F9DB0F4F111E5BE8A634CF8AEA228/M03n0uuGIBi7lXSbZI3Lr1DRPag.mft
                          rsync://rpki.afrinic.net/repository/afrinic/M03n0uuGIBi7lXSbZI3Lr1DRPag.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 21 May 2024 00:04:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3623CAFAF/serialNumber=334DE7D2EB862018BB95749B648DCBAF50D13DA8
        Validity
            Not Before: Mar 29 09:18:01 2016 GMT
            Not After : Mar 29 09:18:01 2026 GMT
        Subject: CN=56fa4856-c9cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:72:8c:f4:fb:92:39:7c:b4:f0:53:1b:24:0a:
                    0f:7d:15:58:d5:f3:f3:1e:d0:16:8f:21:09:82:91:
                    fe:1b:87:d7:8f:bb:74:ed:f5:e1:88:59:fc:0d:ae:
                    06:fd:4b:3b:6b:9c:08:4d:61:0c:78:11:7c:79:1d:
                    4c:5c:93:8c:2d:89:89:b2:9c:58:d3:a9:5e:48:d7:
                    9b:f6:14:85:01:ab:30:0b:63:d0:b5:e0:da:6d:6e:
                    0f:99:2e:82:15:96:3f:70:a8:7a:32:07:fc:ee:87:
                    d4:27:83:ec:87:68:30:5b:ef:e1:d2:ff:c5:1e:28:
                    92:01:ec:f2:3a:75:60:fa:11:45:e9:be:2b:ee:1c:
                    e6:f0:f5:8f:8a:9c:3e:8a:3b:d3:fd:8c:54:c8:a5:
                    07:19:48:61:21:fa:67:83:c7:2f:a4:4b:10:d6:ce:
                    9c:e8:7c:4b:1c:90:b1:04:e7:62:58:45:2b:53:2e:
                    89:d5:58:1d:e2:b6:72:62:a2:ae:c2:74:e9:e3:b6:
                    5c:36:e3:8d:83:e0:37:05:31:7f:94:51:61:bc:6b:
                    5b:b8:e6:81:a6:b3:28:f8:b7:46:f9:a5:76:a9:5b:
                    91:8a:4a:ed:30:7b:62:85:51:c1:e8:8c:7f:c0:44:
                    bd:79:7e:b0:49:24:ac:d4:09:a9:73:2f:38:1e:dc:
                    b6:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:44:BA:D6:43:23:AE:5C:3A:66:D7:ED:94:B7:E2:15:C7:9C:BF:D3
            X509v3 Authority Key Identifier:
                keyid:33:4D:E7:D2:EB:86:20:18:BB:95:74:9B:64:8D:CB:AF:50:D1:3D:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3623CAF/D13F9DB0F4F111E5BE8A634CF8AEA228/M03n0uuGIBi7lXSbZI3Lr1DRPag.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/M03n0uuGIBi7lXSbZI3Lr1DRPag.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3623CAF/D13F9DB0F4F111E5BE8A634CF8AEA228/D4836C70F58E11E59F714033F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.242.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         26:aa:2d:17:f7:4d:5b:40:6c:cb:76:de:3f:e9:8b:64:15:d3:
         77:9a:02:65:8a:8c:a4:e4:77:d9:d9:44:0d:a8:01:fe:ee:2a:
         6d:77:cd:e7:97:fd:df:5e:17:c1:34:f2:61:1a:cd:e1:5f:c0:
         df:20:f6:46:5a:05:eb:df:b2:e0:86:99:2e:11:d0:bc:5f:6e:
         cf:81:19:76:1c:b6:b7:5c:92:93:04:e4:79:26:f8:75:a3:84:
         05:94:3e:6c:23:0d:fc:d8:4c:39:f9:cf:1e:59:c4:91:f9:72:
         e4:bb:97:cc:1f:b2:cf:44:cb:45:1c:1d:c7:c8:96:cd:ef:f7:
         93:c2:7e:3e:77:26:f7:32:10:bd:c3:f9:67:88:94:fa:3d:c0:
         4d:4e:4a:87:ff:63:9c:9b:a8:4f:28:d2:92:54:aa:68:4a:3f:
         fd:e3:0f:8c:aa:b2:15:ec:38:c6:70:a6:ae:74:0d:20:3b:fd:
         83:62:99:02:2e:c3:c7:43:74:07:70:79:43:37:9c:42:57:36:
         21:6c:16:15:44:e0:3d:33:3f:6c:26:8a:38:1f:d8:9c:08:1b:
         0a:0e:a8:e0:ab:56:e5:95:5c:6d:54:30:a6:5a:3f:83:6f:36:
         d9:e6:70:af:84:85:12:8c:e4:ee:b9:93:81:b3:2b:be:4e:9f:
         02:69:40:eb
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
M0NBRkFGMTEwLwYDVQQFEygzMzRERTdEMkVCODYyMDE4QkI5NTc0OUI2NDhEQ0JB
RjUwRDEzREE4MB4XDTE2MDMyOTA5MTgwMVoXDTI2MDMyOTA5MTgwMVowGDEWMBQG
A1UEAxMNNTZmYTQ4NTYtYzljZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhyjPT7kjl8tPBTGyQKD30VWNXz8x7QFo8hCYKR/huH14+7dO314YhZ/A2u
Bv1LO2ucCE1hDHgRfHkdTFyTjC2JibKcWNOpXkjXm/YUhQGrMAtj0LXg2m1uD5ku
ghWWP3CoejIH/O6H1CeD7IdoMFvv4dL/xR4okgHs8jp1YPoRRem+K+4c5vD1j4qc
Poo70/2MVMilBxlIYSH6Z4PHL6RLENbOnOh8SxyQsQTnYlhFK1MuidVYHeK2cmKi
rsJ06eO2XDbjjYPgNwUxf5RRYbxrW7jmgaazKPi3RvmldqlbkYpK7TB7YoVRweiM
f8BEvXl+sEkkrNQJqXMvOB7cto0CAwEAAaOCAm4wggJqMB0GA1UdDgQWBBToRLrW
QyOuXDpm1+2Ut+IVx5y/0zAfBgNVHSMEGDAWgBQzTefS64YgGLuVdJtkjcuvUNE9
qDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjNDQUYvRDEzRjlEQjBGNEYxMTFFNUJFOEE2MzRDRjhBRUEyMjgvTTAzbjB1
dUdJQmk3bFhTYlpJM0xyMURSUGFnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTTAzbjB1dUdJQmk3bFhTYlpJM0xyMURSUGFnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCBpAYIKwYBBQUHAQsEgZcwgZQwgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjNDQUYvRDEzRjlEQjBGNEYxMTFFNUJFOEE2MzRDRjhB
RUEyMjgvRDQ4MzZDNzBGNThFMTFFNTlGNzE0MDMzRjhBRUEyMjgucm9hMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCKfKMMA0GCSqGSIb3DQEBCwUAA4IBAQAm
qi0X901bQGzLdt4/6YtkFdN3mgJlioyk5HfZ2UQNqAH+7iptd83nl/3fXhfBNPJh
Gs3hX8DfIPZGWgXr37LghpkuEdC8X27PgRl2HLa3XJKTBOR5Jvh1o4QFlD5sIw38
2Ew5+c8eWcSR+XLku5fMH7LPRMtFHB3HyJbN7/eTwn4+dyb3MhC9w/lniJT6PcBN
TkqH/2Ocm6hPKNKSVKpoSj/94w+MqrIV7DjGcKaudA0gO/2DYpkCLsPHQ3QHcHlD
N5xCVzYhbBYVROA9Mz9sJoo4H9icCBsKDqjgq1bllVxtVDCmWj+DbzbZ5nCvhIUS
jOTuuZOBsyu+Tp8CaUDr
-----END CERTIFICATE-----
Generated at Sun May 19 01:46:45 2024 by rpki-client on console-fra.rpki-client.org