Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/961D6CDC514411E9A491A27FF8AEA228.roa
File:                     961D6CDC514411E9A491A27FF8AEA228.roa (raw, json)
Hash identifier:          NNaHINzVBMWqSbJSGAj/G207iuPCJoX+7813nJ2XI9E=
Subject key identifier:   23:D5:D0:C5:B8:7A:8B:80:D0:8E:C6:EC:A0:9F:DD:6E:7D:18:86:0A
Certificate issuer:       /CN=F3627A02AF/serialNumber=56952EF930F44FFE912770E3DBC163049F5AFDB7
Certificate serial:       D6
Authority key identifier: 56:95:2E:F9:30:F4:4F:FE:91:27:70:E3:DB:C1:63:04:9F:5A:FD:B7
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/961D6CDC514411E9A491A27FF8AEA228.roa
Signing time:             Thu 28 Mar 2019 10:31:03 +0000
ROA not before:           Thu 28 Mar 2019 10:30:57 +0000
ROA not after:            Sat 28 Mar 2026 10:30:57 +0000
asID:                     37721
IP address blocks:        102.67.96.0/19 maxlen: 24
                          2c0f:ee00::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 214 (0xd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3627A02AF/serialNumber=56952EF930F44FFE912770E3DBC163049F5AFDB7
        Validity
            Not Before: Mar 28 10:30:57 2019 GMT
            Not After : Mar 28 10:30:57 2026 GMT
        Subject: CN=5c9ca267-2196
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b8:bd:ca:1c:fa:9f:05:a5:9b:d3:00:b1:b8:
                    79:64:d4:47:77:8a:61:be:f3:b4:9b:e9:f1:cb:86:
                    a1:fb:77:17:e5:3d:c7:54:9b:fe:41:44:f4:d3:87:
                    f6:1b:c9:b3:2e:30:01:2a:f3:5a:fe:e0:96:02:5e:
                    0c:cd:1c:fd:03:37:ab:74:29:3c:07:77:df:e2:13:
                    e1:24:35:c0:e8:91:c9:e8:d3:da:96:3b:d0:b6:38:
                    d9:c3:c0:bb:05:fd:7b:20:3a:86:0c:67:17:9d:f7:
                    fa:e4:80:77:21:6e:f2:d4:ed:03:f3:09:cb:ef:41:
                    94:e1:28:18:45:25:4f:64:3f:09:23:2d:e2:cf:9a:
                    c3:ff:13:a4:8e:3c:4c:44:04:66:ce:8e:6c:a5:0f:
                    da:69:99:64:d2:f3:bc:63:ef:ad:90:7f:a0:5c:b1:
                    d5:c7:c1:21:6b:2a:3d:a8:f4:41:22:63:f2:d1:ee:
                    b5:38:22:93:6f:37:d0:8f:1d:c8:6e:83:19:8c:4a:
                    b9:5e:d3:21:1b:59:19:7f:0e:42:18:44:6b:8d:70:
                    d7:41:de:7e:14:4b:59:c7:1d:b9:d4:e9:24:09:e6:
                    8e:51:a6:38:ce:48:d9:1c:dc:98:8b:97:97:52:f5:
                    5e:37:9f:2d:7d:29:20:33:20:2d:de:f6:87:3b:81:
                    8b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:D5:D0:C5:B8:7A:8B:80:D0:8E:C6:EC:A0:9F:DD:6E:7D:18:86:0A
            X509v3 Authority Key Identifier:
                keyid:56:95:2E:F9:30:F4:4F:FE:91:27:70:E3:DB:C1:63:04:9F:5A:FD:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/VpUu-TD0T_6RJ3Dj28FjBJ9a_bc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3627A02/26DFD6B8B58E11E8A6CE2664F8AEA228/961D6CDC514411E9A491A27FF8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.67.96.0/19
                IPv6:
                  2c0f:ee00::/32

    Signature Algorithm: sha256WithRSAEncryption
         cd:f5:86:d5:a4:81:3f:70:3b:e6:dc:d7:18:77:4e:1f:6f:1c:
         eb:f0:1a:0c:11:7e:fb:48:66:be:8d:98:0b:e9:ee:ae:f2:ff:
         8b:52:61:97:c5:51:67:59:e2:ff:65:dd:63:91:03:b5:08:52:
         29:f3:f0:ac:69:cb:ca:c7:ca:f5:52:5c:d6:0e:1d:84:8b:4d:
         88:18:19:ad:b1:d9:a6:cc:2c:88:ad:3d:ba:50:56:67:0b:6c:
         a8:bd:09:66:9f:91:cf:f8:49:cf:fb:59:9e:3f:e3:af:88:96:
         09:ba:79:2d:94:20:65:1b:50:b2:24:9c:33:e6:06:18:ef:e9:
         99:4c:27:3e:a1:89:5d:66:a1:f6:83:7e:98:cd:29:0a:e9:a1:
         bd:17:e9:a6:be:b7:5f:59:d6:b9:fa:8c:b8:3e:5b:2a:d4:0a:
         d9:a9:86:08:a6:7b:11:cc:0f:86:a3:c5:fc:05:65:14:65:f1:
         aa:3f:9a:36:5f:e0:47:fa:9e:56:e0:e5:c7:09:9b:6d:ab:51:
         5d:b2:58:84:28:f3:80:26:cb:07:ab:4f:f8:e8:8f:60:ee:e8:
         ae:54:46:33:35:15:c6:d1:67:27:c1:02:6f:a4:86:1e:59:4f:
         74:56:a9:35:f4:07:32:58:3e:32:e4:35:f9:7d:c4:86:23:58:
         15:2e:c5:33
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgICANYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MjdBMDJBRjExMC8GA1UEBRMoNTY5NTJFRjkzMEY0NEZGRTkxMjc3MEUzREJDMTYz
MDQ5RjVBRkRCNzAeFw0xOTAzMjgxMDMwNTdaFw0yNjAzMjgxMDMwNTdaMBgxFjAU
BgNVBAMTDTVjOWNhMjY3LTIxOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDauL3KHPqfBaWb0wCxuHlk1Ed3imG+87Sb6fHLhqH7dxflPcdUm/5BRPTT
h/YbybMuMAEq81r+4JYCXgzNHP0DN6t0KTwHd9/iE+EkNcDokcno09qWO9C2ONnD
wLsF/XsgOoYMZxed9/rkgHchbvLU7QPzCcvvQZThKBhFJU9kPwkjLeLPmsP/E6SO
PExEBGbOjmylD9ppmWTS87xj762Qf6BcsdXHwSFrKj2o9EEiY/LR7rU4IpNvN9CP
HchugxmMSrle0yEbWRl/DkIYRGuNcNdB3n4US1nHHbnU6SQJ5o5RpjjOSNkc3JiL
l5dS9V43ny19KSAzIC3e9oc7gYvDAgMBAAGjggJ9MIICeTAdBgNVHQ4EFgQUI9XQ
xbh6i4DQjsbsoJ/dbn0YhgowHwYDVR0jBBgwFoAUVpUu+TD0T/6RJ3Dj28FjBJ9a
/bcwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI3QTAyLzI2REZENkI4QjU4RTExRThBNkNFMjY2NEY4QUVBMjI4L1ZwVXUt
VEQwVF82UkozRGoyOEZqQko5YV9iYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1ZwVXUtVEQwVF82UkozRGoyOEZqQko5YV9iYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjI3QTAyLzI2REZENkI4QjU4RTExRThBNkNFMjY2NEY4
QUVBMjI4Lzk2MUQ2Q0RDNTE0NDExRTlBNDkxQTI3RkY4QUVBMjI4LnJvYTAuBggr
BgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBWZDYDANBAIAAjAHAwUALA/uADANBgkq
hkiG9w0BAQsFAAOCAQEAzfWG1aSBP3A75tzXGHdOH28c6/AaDBF++0hmvo2YC+nu
rvL/i1Jhl8VRZ1ni/2XdY5EDtQhSKfPwrGnLysfK9VJc1g4dhItNiBgZrbHZpsws
iK09ulBWZwtsqL0JZp+Rz/hJz/tZnj/jr4iWCbp5LZQgZRtQsiScM+YGGO/pmUwn
PqGJXWah9oN+mM0pCumhvRfppr63X1nWufqMuD5bKtQK2amGCKZ7EcwPhqPF/AVl
FGXxqj+aNl/gR/qeVuDlxwmbbatRXbJYhCjzgCbLB6tP+OiPYO7orlRGMzUVxtFn
J8ECb6SGHllPdFapNfQHMlg+MuQ1+X3EhiNYFS7FMw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:31 2024 by rpki-client on console-ams.rpki-client.org