Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/A3334908B75911ED9D1DD491F1222468.roa
File:                     A3334908B75911ED9D1DD491F1222468.roa (raw, json)
Hash identifier:          kfeGWGsJ8YUWnbsW+Omh/kxV1I9agx30BHnCONag860=
Subject key identifier:   F2:C3:4D:86:C4:44:CB:BC:FB:AF:25:9B:90:17:AB:B1:E5:BF:44:54
Certificate issuer:       /CN=F36432B6AF/serialNumber=1C91B5AF9B60EA3F1C1DB87EAEC6DA7C2EA0A877
Certificate serial:       03
Authority key identifier: 1C:91:B5:AF:9B:60:EA:3F:1C:1D:B8:7E:AE:C6:DA:7C:2E:A0:A8:77
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/A3334908B75911ED9D1DD491F1222468.roa
Signing time:             Tue 28 Feb 2023 11:18:34 +0000
ROA not before:           Tue 28 Feb 2023 11:18:29 +0000
ROA not after:            Thu 28 Feb 2030 11:18:29 +0000
asID:                     36992
IP address blocks:        41.152.0.0/15 maxlen: 24
                          41.222.128.0/21 maxlen: 24
                          102.56.0.0/13 maxlen: 24
                          105.80.0.0/12 maxlen: 24
                          105.200.0.0/13 maxlen: 24
                          197.120.0.0/13 maxlen: 24
                          197.192.0.0/13 maxlen: 24
                          2c0f:fc88::/31 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36432B6AF/serialNumber=1C91B5AF9B60EA3F1C1DB87EAEC6DA7C2EA0A877
        Validity
            Not Before: Feb 28 11:18:29 2023 GMT
            Not After : Feb 28 11:18:29 2030 GMT
        Subject: CN=63fde30a-dfc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:42:f4:8d:3b:c9:1f:a3:66:cd:bd:d3:e3:9e:
                    b5:c3:c8:81:9b:ff:0a:4a:28:69:8b:1c:27:9c:ad:
                    ae:3f:89:00:ae:40:87:b1:a5:ba:8a:76:4f:c4:5a:
                    b9:24:13:17:27:8c:7d:a6:64:4f:40:76:0f:c7:41:
                    d1:2f:36:5d:27:db:8b:31:76:3b:7f:3d:cd:da:3e:
                    72:61:01:e7:e7:e3:83:a8:f6:a2:86:43:e7:cb:88:
                    5b:75:17:81:ad:76:d9:b3:9a:89:48:87:81:56:65:
                    60:8f:70:41:62:9b:3f:a1:e7:93:a6:e1:9e:24:5b:
                    d6:5e:c8:78:39:ad:5e:43:0f:63:d9:4a:6e:82:d0:
                    2d:12:88:8c:f7:0e:f9:9d:be:dd:41:10:33:06:c9:
                    41:6a:dd:73:ee:5b:c3:d5:fc:53:ab:fd:38:22:40:
                    61:b7:b9:fb:c2:28:2c:d7:cc:54:d2:7f:98:cf:55:
                    fa:f2:8b:24:d6:b1:69:2d:f0:69:33:2c:7f:8b:93:
                    43:bf:e3:a6:2f:95:f4:e8:8e:18:bf:27:1d:62:3b:
                    99:71:d5:d8:e6:e5:24:11:2c:d7:d4:22:5f:35:c6:
                    4d:09:82:1d:bc:df:10:3b:b0:80:a0:f3:42:26:d7:
                    40:bd:81:18:d4:e4:75:4d:88:75:55:93:10:32:6b:
                    6b:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:C3:4D:86:C4:44:CB:BC:FB:AF:25:9B:90:17:AB:B1:E5:BF:44:54
            X509v3 Authority Key Identifier:
                keyid:1C:91:B5:AF:9B:60:EA:3F:1C:1D:B8:7E:AE:C6:DA:7C:2E:A0:A8:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/HJG1r5tg6j8cHbh-rsbafC6gqHc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/HJG1r5tg6j8cHbh-rsbafC6gqHc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36432B6/F3AB7302B75811ED8B42AC8FF1222468/A3334908B75911ED9D1DD491F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.152.0.0/15
                  41.222.128.0/21
                  102.56.0.0/13
                  105.80.0.0/12
                  105.200.0.0/13
                  197.120.0.0/13
                  197.192.0.0/13
                IPv6:
                  2c0f:fc88::/31

    Signature Algorithm: sha256WithRSAEncryption
         72:f0:cc:ca:4c:a2:00:33:69:26:a1:a6:d0:21:1b:3a:95:b7:
         84:47:db:f8:d7:c1:5d:c0:e2:59:f5:88:4c:7f:9c:07:44:9f:
         32:44:44:2c:e3:23:b0:cd:18:e5:11:4f:c0:e8:5f:13:05:19:
         ca:05:9a:7f:31:61:8d:60:2f:d4:55:03:3e:f3:f0:39:6d:a9:
         f1:80:48:f9:f7:18:b2:5b:5a:34:33:8c:96:4a:ad:a3:57:3b:
         bf:2f:1f:3b:ea:4e:b9:9e:28:f9:bd:10:fb:be:d5:99:8c:ea:
         c2:eb:c9:4a:ac:14:30:ca:ea:ee:82:e9:59:d1:4d:14:12:44:
         96:06:4c:ad:fe:0c:bc:14:e7:70:c9:80:26:49:26:57:d2:de:
         89:84:4b:62:77:8e:ec:56:6b:21:0b:f8:d9:cd:23:10:92:2e:
         02:7e:b8:3a:39:f5:d5:df:95:8f:54:9c:0e:8f:e8:fd:ac:e7:
         85:dc:64:45:bf:1a:69:36:84:7d:9f:d9:67:a8:30:a8:34:9b:
         18:02:28:2b:54:70:31:98:15:19:b2:2c:77:46:8f:ef:5b:63:
         be:ea:97:18:ff:5a:de:0e:ec:5b:73:19:36:6f:0f:3e:ee:af:
         b9:18:6c:5d:b4:12:bf:4a:7f:18:37:43:bb:30:00:58:aa:ab:
         3a:20:a7:45
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY0
MzJCNkFGMTEwLwYDVQQFEygxQzkxQjVBRjlCNjBFQTNGMUMxREI4N0VBRUM2REE3
QzJFQTBBODc3MB4XDTIzMDIyODExMTgyOVoXDTMwMDIyODExMTgyOVowGDEWMBQG
A1UEAwwNNjNmZGUzMGEtZGZjOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlC9I07yR+jZs290+OetcPIgZv/CkooaYscJ5ytrj+JAK5Ah7Gluop2T8Ra
uSQTFyeMfaZkT0B2D8dB0S82XSfbizF2O389zdo+cmEB5+fjg6j2ooZD58uIW3UX
ga122bOaiUiHgVZlYI9wQWKbP6Hnk6bhniRb1l7IeDmtXkMPY9lKboLQLRKIjPcO
+Z2+3UEQMwbJQWrdc+5bw9X8U6v9OCJAYbe5+8IoLNfMVNJ/mM9V+vKLJNaxaS3w
aTMsf4uTQ7/jpi+V9OiOGL8nHWI7mXHV2OblJBEs19QiXzXGTQmCHbzfEDuwgKDz
QibXQL2BGNTkdU2IdVWTEDJra40CAwEAAaOCAtIwggLOMB0GA1UdDgQWBBTyw02G
xETLvPuvJZuQF6ux5b9EVDAfBgNVHSMEGDAWgBQckbWvm2DqPxwduH6uxtp8LqCo
dzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDMyQjYvRjNBQjczMDJCNzU4MTFFRDhCNDJBQzhGRjEyMjI0NjgvSEpHMXI1
dGc2ajhjSGJoLXJzYmFmQzZncUhjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvSEpHMXI1dGc2ajhjSGJoLXJzYmFmQzZncUhjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDMyQjYvRjNBQjczMDJCNzU4MTFFRDhCNDJBQzhGRjEy
MjI0NjgvQTMzMzQ5MDhCNzU5MTFFRDlEMURENDkxRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMDASmYAwQDKd6AAwMDZjgDAwRp
UAMDA2nIAwMDxXgDAwPFwDANBAIAAjAHAwUBLA/8iDANBgkqhkiG9w0BAQsFAAOC
AQEAcvDMykyiADNpJqGm0CEbOpW3hEfb+NfBXcDiWfWITH+cB0SfMkRELOMjsM0Y
5RFPwOhfEwUZygWafzFhjWAv1FUDPvPwOW2p8YBI+fcYsltaNDOMlkqto1c7vy8f
O+pOuZ4o+b0Q+77VmYzqwuvJSqwUMMrq7oLpWdFNFBJElgZMrf4MvBTncMmAJkkm
V9LeiYRLYneO7FZrIQv42c0jEJIuAn64Ojn11d+Vj1ScDo/o/aznhdxkRb8aaTaE
fZ/ZZ6gwqDSbGAIoK1RwMZgVGbIsd0aP71tjvuqXGP9a3g7sW3MZNm8PPu6vuRhs
XbQSv0p/GDdDuzAAWKqrOiCnRQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:03 2024 by rpki-client on console-ams.rpki-client.org