Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36429BB/5F4E1BC878AA11E5AB4EDE28F8AEA228/187EDD9C7AED11E984C8C332F8AEA228.roa
File:                     187EDD9C7AED11E984C8C332F8AEA228.roa (raw, json)
Hash identifier:          nhY0hDClfKko61UqhvpEoCzSPfAm4A5VUTRq1mCbE5Q=
Subject key identifier:   14:D5:E9:B3:16:4C:90:B1:A1:CF:5B:FA:D9:68:62:33:7C:7F:C5:16
Certificate issuer:       /CN=F36429BBAF/serialNumber=6BCD2F6AB793DAD17649081044AFB032D5FB4957
Certificate serial:       052F
Authority key identifier: 6B:CD:2F:6A:B7:93:DA:D1:76:49:08:10:44:AF:B0:32:D5:FB:49:57
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/a80vareT2tF2SQgQRK-wMtX7SVc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36429BB/5F4E1BC878AA11E5AB4EDE28F8AEA228/187EDD9C7AED11E984C8C332F8AEA228.roa
Signing time:             Mon 20 May 2019 10:50:35 +0000
ROA not before:           Mon 20 May 2019 10:50:28 +0000
ROA not after:            Fri 20 May 2039 10:50:28 +0000
asID:                     37403
IP address blocks:        41.79.148.0/22 maxlen: 24
                          41.222.152.0/21 maxlen: 24
                          41.242.40.0/21 maxlen: 24
                          196.251.192.0/19 maxlen: 24
                          2c0f:faf8::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36429BB/5F4E1BC878AA11E5AB4EDE28F8AEA228/a80vareT2tF2SQgQRK-wMtX7SVc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36429BB/5F4E1BC878AA11E5AB4EDE28F8AEA228/a80vareT2tF2SQgQRK-wMtX7SVc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/a80vareT2tF2SQgQRK-wMtX7SVc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1327 (0x52f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36429BBAF/serialNumber=6BCD2F6AB793DAD17649081044AFB032D5FB4957
        Validity
            Not Before: May 20 10:50:28 2019 GMT
            Not After : May 20 10:50:28 2039 GMT
        Subject: CN=5ce2867b-9476
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d8:c2:6d:43:7d:c8:6a:3c:53:90:ca:01:d0:
                    9f:99:0c:68:4b:03:4d:40:e7:01:e6:bf:9f:bd:a3:
                    b5:b7:03:03:e5:17:4e:2e:0b:35:b0:6f:1d:93:fa:
                    f9:bd:12:98:2b:79:d4:02:59:b8:d5:93:3a:94:62:
                    8c:04:26:84:4b:88:cc:b2:4d:9e:bc:bf:51:83:72:
                    ee:18:30:4f:31:07:e4:2c:e5:43:1a:b3:55:c2:a0:
                    83:f8:c0:d8:55:64:dc:fd:97:fd:e7:57:c5:59:a0:
                    d1:0e:fc:c4:ba:57:e2:ce:2c:80:31:e4:48:da:e4:
                    5c:4c:42:87:b0:02:12:cd:ad:fc:2c:29:f4:ed:36:
                    87:1b:2f:7f:09:d2:2d:19:bd:c1:3f:a2:12:e7:a5:
                    b9:a8:1b:30:7f:e5:01:f2:28:b6:58:43:e8:14:54:
                    0d:fe:b2:21:2a:c1:42:8a:14:7f:f0:9a:9d:d6:86:
                    c4:a4:27:11:74:87:c5:6e:6c:b5:70:bf:ce:69:ff:
                    0f:20:22:32:d6:b9:08:2f:36:27:98:6f:91:c3:c1:
                    49:26:d9:6c:51:d5:2d:ba:7b:aa:51:b2:a5:0c:1c:
                    0c:be:dd:f8:92:83:c5:53:bb:db:18:ea:3b:bc:fe:
                    3d:b8:7f:31:8a:37:f7:6c:3a:bb:f1:13:29:5c:13:
                    ef:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D5:E9:B3:16:4C:90:B1:A1:CF:5B:FA:D9:68:62:33:7C:7F:C5:16
            X509v3 Authority Key Identifier:
                keyid:6B:CD:2F:6A:B7:93:DA:D1:76:49:08:10:44:AF:B0:32:D5:FB:49:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36429BB/5F4E1BC878AA11E5AB4EDE28F8AEA228/a80vareT2tF2SQgQRK-wMtX7SVc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/a80vareT2tF2SQgQRK-wMtX7SVc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36429BB/5F4E1BC878AA11E5AB4EDE28F8AEA228/187EDD9C7AED11E984C8C332F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.79.148.0/22
                  41.222.152.0/21
                  41.242.40.0/21
                  196.251.192.0/19
                IPv6:
                  2c0f:faf8::/32

    Signature Algorithm: sha256WithRSAEncryption
         25:1e:29:a0:73:2f:9e:0e:a3:4c:3a:00:81:74:a3:14:2d:59:
         ad:29:fd:64:d3:36:3c:6b:f1:39:41:13:26:29:90:f9:0a:6f:
         58:27:34:4e:7b:d2:38:4e:b8:12:87:ea:da:81:f1:fc:ac:3d:
         b9:97:da:ef:74:7e:0a:6d:cf:d9:88:73:60:90:11:61:a9:5d:
         c3:f3:f0:cf:5f:e7:62:3e:d3:3e:b4:23:75:e8:15:44:7b:f7:
         a4:31:dd:24:72:d3:a6:c4:18:42:74:82:b3:42:e5:65:25:3f:
         ab:00:53:ed:e7:10:29:e8:49:53:42:36:e1:79:ec:d9:a8:c3:
         91:1d:99:52:bf:20:9d:aa:36:93:b3:e4:f3:31:e3:91:20:f0:
         9a:4c:ed:66:d4:87:c4:fe:fa:2d:e9:88:45:84:0b:a2:28:9f:
         f7:ad:e5:18:11:29:a2:dc:49:a5:69:cd:b3:3d:28:d6:1a:52:
         6c:d4:7c:87:54:52:aa:c2:a9:32:8a:e7:00:8c:1d:7f:de:2a:
         e6:cd:43:a1:22:ef:98:ce:f6:c1:34:c6:a4:9b:f6:33:78:d1:
         a9:b5:63:1e:03:08:94:04:c7:6e:ab:b1:c9:05:82:4c:8d:28:
         e8:36:55:10:da:e4:5b:4d:12:5d:34:c1:f1:3c:55:f1:f2:a0:
         ea:57:2d:0e
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgICBS8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDI5QkJBRjExMC8GA1UEBRMoNkJDRDJGNkFCNzkzREFEMTc2NDkwODEwNDRBRkIw
MzJENUZCNDk1NzAeFw0xOTA1MjAxMDUwMjhaFw0zOTA1MjAxMDUwMjhaMBgxFjAU
BgNVBAMTDTVjZTI4NjdiLTk0NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCY2MJtQ33IajxTkMoB0J+ZDGhLA01A5wHmv5+9o7W3AwPlF04uCzWwbx2T
+vm9EpgredQCWbjVkzqUYowEJoRLiMyyTZ68v1GDcu4YME8xB+Qs5UMas1XCoIP4
wNhVZNz9l/3nV8VZoNEO/MS6V+LOLIAx5Eja5FxMQoewAhLNrfwsKfTtNocbL38J
0i0ZvcE/ohLnpbmoGzB/5QHyKLZYQ+gUVA3+siEqwUKKFH/wmp3WhsSkJxF0h8Vu
bLVwv85p/w8gIjLWuQgvNieYb5HDwUkm2WxR1S26e6pRsqUMHAy+3fiSg8VTu9sY
6ju8/j24fzGKN/dsOrvxEylcE+/dAgMBAAGjggKPMIICizAdBgNVHQ4EFgQUFNXp
sxZMkLGhz1v62WhiM3x/xRYwHwYDVR0jBBgwFoAUa80vareT2tF2SQgQRK+wMtX7
SVcwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQyOUJCLzVGNEUxQkM4NzhBQTExRTVBQjRFREUyOEY4QUVBMjI4L2E4MHZh
cmVUMnRGMlNRZ1FSSy13TXRYN1NWYy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2E4MHZhcmVUMnRGMlNRZ1FSSy13TXRYN1NWYy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQyOUJCLzVGNEUxQkM4NzhBQTExRTVBQjRFREUyOEY4
QUVBMjI4LzE4N0VERDlDN0FFRDExRTk4NEM4QzMzMkY4QUVBMjI4LnJvYTBABggr
BgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAilPlAMEAynemAMEAynyKAMEBcT7wDAN
BAIAAjAHAwUALA/6+DANBgkqhkiG9w0BAQsFAAOCAQEAJR4poHMvng6jTDoAgXSj
FC1ZrSn9ZNM2PGvxOUETJimQ+QpvWCc0TnvSOE64Eofq2oHx/Kw9uZfa73R+Cm3P
2YhzYJARYaldw/Pwz1/nYj7TPrQjdegVRHv3pDHdJHLTpsQYQnSCs0LlZSU/qwBT
7ecQKehJU0I24Xns2ajDkR2ZUr8gnao2k7Pk8zHjkSDwmkztZtSHxP76LemIRYQL
oiif963lGBEpotxJpWnNsz0o1hpSbNR8h1RSqsKpMornAIwdf94q5s1DoSLvmM72
wTTGpJv2M3jRqbVjHgMIlATHbquxyQWCTI0o6DZVENrkW00SXTTB8TxV8fKg6lct
Dg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 01:45:18 2024 by rpki-client on console-fra.rpki-client.org