Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/A355EDC8A0DB11EB87F2FC7DF8AEA228.roa
File:                     A355EDC8A0DB11EB87F2FC7DF8AEA228.roa (raw, json)
Hash identifier:          P3+HhN3YnB8DQjtTMhjEMHdHESBMFxFQZlU9EI7263k=
Subject key identifier:   32:E6:62:63:0C:58:60:D9:D6:73:E5:3A:75:54:4D:F9:15:A5:29:E2
Certificate issuer:       /CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
Certificate serial:       1D
Authority key identifier: DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/A355EDC8A0DB11EB87F2FC7DF8AEA228.roa
Signing time:             Mon 19 Apr 2021 06:51:16 +0000
ROA not before:           Mon 19 Apr 2021 06:51:13 +0000
ROA not after:            Sat 19 Apr 2031 06:51:13 +0000
asID:                     37053
IP address blocks:        2c0f:f800::/28 maxlen: 28

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29 (0x1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
        Validity
            Not Before: Apr 19 06:51:13 2021 GMT
            Not After : Apr 19 06:51:13 2031 GMT
        Subject: CN=607d2864-77a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ae:06:22:16:a9:7f:ac:f0:7c:da:ac:6f:ee:
                    e1:56:ee:c3:bd:9f:ce:fb:2c:6e:41:ee:58:65:6b:
                    3c:a6:89:e8:fd:7a:48:a9:52:64:76:63:7d:3a:d7:
                    8b:93:ab:d1:b5:49:2b:95:03:64:b8:2c:a0:e9:aa:
                    e0:c1:7f:64:91:8f:97:a8:b6:7b:eb:1e:c9:a8:ce:
                    54:a9:6b:99:51:67:54:2a:13:34:f7:d3:c4:37:ba:
                    14:8a:47:23:37:06:63:c1:13:e7:c4:9d:4b:e0:ec:
                    1a:76:f2:26:a0:c2:56:a1:82:cc:79:08:7f:d1:8b:
                    c2:4e:b8:e2:c3:cc:e6:2d:54:26:fd:67:38:24:7d:
                    7f:ff:32:30:8a:6d:f5:80:14:50:f3:b0:76:a9:67:
                    5b:29:ee:e2:10:54:c5:52:e4:25:97:1b:3a:d0:2d:
                    57:48:73:53:c3:de:42:c2:ad:6f:45:70:04:9e:e2:
                    ca:96:52:2e:53:e4:ea:6c:2e:2f:a7:ef:37:d1:b8:
                    cf:bc:53:22:dc:77:02:00:3c:37:d5:85:ff:fb:9b:
                    94:a0:d7:15:21:fe:00:a7:cb:4f:e2:33:9b:64:c7:
                    3f:96:d2:e3:67:19:e1:ef:24:e8:cd:b2:5c:91:3d:
                    f2:48:a9:f4:f7:99:29:09:c4:de:5e:b4:93:b8:84:
                    12:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:E6:62:63:0C:58:60:D9:D6:73:E5:3A:75:54:4D:F9:15:A5:29:E2
            X509v3 Authority Key Identifier:
                keyid:DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/A355EDC8A0DB11EB87F2FC7DF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f800::/28

    Signature Algorithm: sha256WithRSAEncryption
         19:13:54:09:77:52:1f:45:90:40:02:ba:08:45:de:b5:b7:fb:
         83:04:09:16:51:fc:32:c7:64:f5:70:b4:54:46:44:60:0d:d4:
         b3:d3:d9:9b:2c:3d:77:5d:b3:d0:3b:42:47:49:fe:24:78:32:
         93:ed:00:f0:63:cf:39:c2:69:48:cd:ea:f0:fe:89:80:43:b0:
         ec:b8:1f:f4:97:16:24:86:cd:ca:b5:99:34:0a:d1:2e:f7:4e:
         df:c7:03:63:0f:a0:4d:77:91:93:e8:9b:7a:4c:0a:44:48:68:
         e8:c9:a0:54:46:b0:0f:e2:5d:9f:b4:cb:52:03:1e:ec:cb:fb:
         fa:69:dc:42:a6:38:28:47:e5:7c:fd:b3:d3:09:ad:46:71:e1:
         d4:75:50:e0:97:52:7b:ae:7b:e0:b2:d4:bd:20:9f:e4:8b:44:
         40:c1:56:fe:fa:3f:1b:41:b0:0b:23:51:c4:f5:1d:70:8f:93:
         ba:ac:fd:23:87:d7:49:34:54:f9:49:ed:b2:a2:40:c6:8a:80:
         3c:71:62:f9:b8:d2:6e:d5:8a:c1:8b:e6:bf:0e:12:82:bb:39:
         90:16:95:94:5d:03:40:9a:24:af:32:53:aa:16:f1:ec:95:a7:
         7e:7a:49:b0:8f:e7:cf:c2:42:67:ee:67:9c:0b:dc:e9:18:7a:
         1b:77:09:17
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBHTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjhBOEFGMTEwLwYDVQQFEyhERjM3NjQ4MERDRjA3QTFCN0FEMTY0REU2NEEzRUEy
MTVGMjQ3NTQxMB4XDTIxMDQxOTA2NTExM1oXDTMxMDQxOTA2NTExM1owGDEWMBQG
A1UEAxMNNjA3ZDI4NjQtNzdhMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+uBiIWqX+s8HzarG/u4Vbuw72fzvssbkHuWGVrPKaJ6P16SKlSZHZjfTrX
i5Or0bVJK5UDZLgsoOmq4MF/ZJGPl6i2e+seyajOVKlrmVFnVCoTNPfTxDe6FIpH
IzcGY8ET58SdS+DsGnbyJqDCVqGCzHkIf9GLwk644sPM5i1UJv1nOCR9f/8yMIpt
9YAUUPOwdqlnWynu4hBUxVLkJZcbOtAtV0hzU8PeQsKtb0VwBJ7iypZSLlPk6mwu
L6fvN9G4z7xTItx3AgA8N9WF//ublKDXFSH+AKfLT+Izm2THP5bS42cZ4e8k6M2y
XJE98kip9PeZKQnE3l60k7iEEqUCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQy5mJj
DFhg2dZz5Tp1VE35FaUp4jAfBgNVHSMEGDAWgBTfN2SA3PB6G3rRZN5ko+ohXyR1
QTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkI4QTgvQjVDOTRFNEM5QzI1MTFFQkFENzhGRjUzRjhBRUEyMjgvM3pka2dO
endlaHQ2MFdUZVpLUHFJVjhrZFVFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvM3pka2dOendlaHQ2MFdUZVpLUHFJVjhrZFVFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MkI4QTgvQjVDOTRFNEM5QzI1MTFFQkFENzhGRjUzRjhB
RUEyMjgvQTM1NUVEQzhBMERCMTFFQjg3RjJGQzdERjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCwP+AAwDQYJKoZIhvcNAQEL
BQADggEBABkTVAl3Uh9FkEACughF3rW3+4MECRZR/DLHZPVwtFRGRGAN1LPT2Zss
PXdds9A7QkdJ/iR4MpPtAPBjzznCaUjN6vD+iYBDsOy4H/SXFiSGzcq1mTQK0S73
Tt/HA2MPoE13kZPom3pMCkRIaOjJoFRGsA/iXZ+0y1IDHuzL+/pp3EKmOChH5Xz9
s9MJrUZx4dR1UOCXUnuue+Cy1L0gn+SLREDBVv76PxtBsAsjUcT1HXCPk7qs/SOH
10k0VPlJ7bKiQMaKgDxxYvm40m7VisGL5r8OEoK7OZAWlZRdA0CaJK8yU6oW8eyV
p356SbCP58/CQmfuZ5wL3OkYeht3CRc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org