Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/EC17DAD29EA911EBA0639941F8AEA228.roa
File:                     EC17DAD29EA911EBA0639941F8AEA228.roa (raw, json)
Hash identifier:          tmy+9p0VWiMmZWA0QRZ2fgoauFE3Y6jS2hlQpUun5VU=
Subject key identifier:   B1:A4:97:2A:A9:B3:CE:E7:E0:10:72:37:66:56:E0:C9:9F:B3:BA:2F
Certificate issuer:       /CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
Certificate serial:       08
Authority key identifier: DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/EC17DAD29EA911EBA0639941F8AEA228.roa
Signing time:             Fri 16 Apr 2021 11:50:21 +0000
ROA not before:           Fri 16 Apr 2021 11:50:17 +0000
ROA not after:            Wed 16 Apr 2031 11:50:17 +0000
asID:                     37053
IP address blocks:        41.79.36.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B8A8AF/serialNumber=DF376480DCF07A1B7AD164DE64A3EA215F247541
        Validity
            Not Before: Apr 16 11:50:17 2021 GMT
            Not After : Apr 16 11:50:17 2031 GMT
        Subject: CN=607979fd-f4d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:65:33:0f:57:a1:fe:01:4b:32:a3:56:1c:3b:
                    61:1d:98:07:37:1a:fd:ce:05:d4:fd:2d:3c:b9:3d:
                    21:62:10:0b:da:60:19:98:25:2f:63:f8:d7:2b:a5:
                    11:30:5f:75:d4:6a:c9:8c:82:57:80:22:fc:87:e0:
                    68:e2:67:e7:1a:6a:df:aa:df:4d:7e:69:2d:ac:11:
                    9d:a8:12:1c:14:8b:a0:57:e8:3d:3b:d9:ee:0f:84:
                    c8:bd:90:37:ce:26:15:3b:00:48:3d:aa:21:d2:b3:
                    37:9a:fb:26:8c:66:3e:89:51:18:9f:ab:a3:29:08:
                    e1:ff:43:3c:28:50:4f:34:90:37:74:7a:ee:69:97:
                    5b:60:09:66:40:5b:09:47:9b:ec:7d:4c:3f:d7:1e:
                    f0:b3:9f:97:b2:dc:f1:b4:01:e6:4a:d6:f7:4d:10:
                    b1:92:c6:18:68:c6:5e:74:f4:4a:6e:cc:f3:3b:e2:
                    ad:71:82:93:a3:5e:91:35:4a:08:5d:53:7a:b7:04:
                    97:25:27:76:5f:73:c4:6c:1a:11:57:cc:b2:58:43:
                    e1:2b:24:81:70:69:a0:09:08:b0:4c:90:a2:a8:ec:
                    f5:e1:a5:2d:50:d6:52:1f:02:40:21:83:09:dc:93:
                    4c:ce:13:9b:c5:c7:0b:af:f3:40:2d:16:04:42:4a:
                    5f:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:A4:97:2A:A9:B3:CE:E7:E0:10:72:37:66:56:E0:C9:9F:B3:BA:2F
            X509v3 Authority Key Identifier:
                keyid:DF:37:64:80:DC:F0:7A:1B:7A:D1:64:DE:64:A3:EA:21:5F:24:75:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/3zdkgNzweht60WTeZKPqIV8kdUE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3zdkgNzweht60WTeZKPqIV8kdUE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B8A8/B5C94E4C9C2511EBAD78FF53F8AEA228/EC17DAD29EA911EBA0639941F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.79.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:17:fc:fe:49:60:67:24:c3:34:23:96:78:69:c9:95:8e:fc:
         0b:c5:61:8b:73:7d:74:15:c0:06:79:fb:18:6c:4e:aa:bc:2f:
         7d:c9:2c:11:6e:ae:a5:dc:18:c5:e5:71:87:67:0e:64:dc:9b:
         08:3f:19:b0:9b:79:93:a9:26:be:80:9a:7a:25:93:09:0a:c1:
         4d:79:d9:46:b8:2f:de:27:c0:cc:2e:93:c1:e5:a0:23:69:43:
         dc:93:b6:f5:66:8b:5c:7d:9a:20:5b:84:21:b8:76:f1:50:a0:
         40:66:81:64:0a:39:78:0a:3b:70:c5:46:db:3f:76:4f:3a:03:
         d0:b3:3d:c8:69:36:c8:8a:43:12:64:3d:ff:e8:66:20:38:e4:
         9b:9c:d5:e2:7a:fa:21:af:38:e5:5a:1a:b5:15:68:5a:6d:c2:
         c2:a2:07:a3:68:a3:93:f4:07:7b:62:f0:e7:0f:0c:57:cb:d9:
         b3:1b:4b:10:68:60:2e:c6:50:de:20:a3:08:21:8d:87:fc:27:
         71:39:20:cc:1a:85:ff:fb:c0:4a:c8:19:33:c4:21:03:16:16:
         a8:7f:08:99:61:e3:4c:e9:5d:3e:67:cb:21:e0:67:e8:b4:9f:
         e9:c4:8f:5f:4e:78:93:8c:1d:fc:4c:45:06:3f:58:e7:d3:1a:
         dc:a0:10:71
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjhBOEFGMTEwLwYDVQQFEyhERjM3NjQ4MERDRjA3QTFCN0FEMTY0REU2NEEzRUEy
MTVGMjQ3NTQxMB4XDTIxMDQxNjExNTAxN1oXDTMxMDQxNjExNTAxN1owGDEWMBQG
A1UEAxMNNjA3OTc5ZmQtZjRkNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhlMw9Xof4BSzKjVhw7YR2YBzca/c4F1P0tPLk9IWIQC9pgGZglL2P41yul
ETBfddRqyYyCV4Ai/IfgaOJn5xpq36rfTX5pLawRnagSHBSLoFfoPTvZ7g+EyL2Q
N84mFTsASD2qIdKzN5r7JoxmPolRGJ+roykI4f9DPChQTzSQN3R67mmXW2AJZkBb
CUeb7H1MP9ce8LOfl7Lc8bQB5krW900QsZLGGGjGXnT0Sm7M8zvirXGCk6NekTVK
CF1TercElyUndl9zxGwaEVfMslhD4SskgXBpoAkIsEyQoqjs9eGlLVDWUh8CQCGD
CdyTTM4Tm8XHC6/zQC0WBEJKX9MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSxpJcq
qbPO5+AQcjdmVuDJn7O6LzAfBgNVHSMEGDAWgBTfN2SA3PB6G3rRZN5ko+ohXyR1
QTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkI4QTgvQjVDOTRFNEM5QzI1MTFFQkFENzhGRjUzRjhBRUEyMjgvM3pka2dO
endlaHQ2MFdUZVpLUHFJVjhrZFVFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvM3pka2dOendlaHQ2MFdUZVpLUHFJVjhrZFVFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MkI4QTgvQjVDOTRFNEM5QzI1MTFFQkFENzhGRjUzRjhB
RUEyMjgvRUMxN0RBRDI5RUE5MTFFQkEwNjM5OTQxRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilPJDANBgkqhkiG9w0BAQsF
AAOCAQEAIhf8/klgZyTDNCOWeGnJlY78C8Vhi3N9dBXABnn7GGxOqrwvfcksEW6u
pdwYxeVxh2cOZNybCD8ZsJt5k6kmvoCaeiWTCQrBTXnZRrgv3ifAzC6TweWgI2lD
3JO29WaLXH2aIFuEIbh28VCgQGaBZAo5eAo7cMVG2z92TzoD0LM9yGk2yIpDEmQ9
/+hmIDjkm5zV4nr6Ia845VoatRVoWm3CwqIHo2ijk/QHe2Lw5w8MV8vZsxtLEGhg
LsZQ3iCjCCGNh/wncTkgzBqF//vASsgZM8QhAxYWqH8ImWHjTOldPmfLIeBn6LSf
6cSPX054k4wd/ExFBj9Y59Ma3KAQcQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org