Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/E769688C782D11EF8476D37A762E951A.roa
File:                     E769688C782D11EF8476D37A762E951A.roa (raw, json)
Hash identifier:          thC6FZeaZiOSMFn9F9KF2EnTdtaLKjgNCq4/9EPu+tU=
Subject key identifier:   62:24:99:B9:FE:33:DF:66:DB:84:99:06:C6:27:33:C8:5C:84:DE:D4
Certificate issuer:       /CN=F3644574AR/serialNumber=F608628A4682F553804AF3AB2E58A19C30A8ADD2
Certificate serial:       11
Authority key identifier: F6:08:62:8A:46:82:F5:53:80:4A:F3:AB:2E:58:A1:9C:30:A8:AD:D2
Authority info access:    rsync://rpki.afrinic.net/repository/arin/9ghiikaC9VOASvOrLlihnDCordI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/E769688C782D11EF8476D37A762E951A.roa
Signing time:             Sat 21 Sep 2024 15:26:42 +0000
ROA not before:           Sat 21 Sep 2024 15:26:39 +0000
ROA not after:            Fri 21 Sep 2029 15:26:39 +0000
asID:                     40065
IP address blocks:        45.221.108.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/9ghiikaC9VOASvOrLlihnDCordI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/9ghiikaC9VOASvOrLlihnDCordI.mft
                          rsync://rpki.afrinic.net/repository/arin/9ghiikaC9VOASvOrLlihnDCordI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17 (0x11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3644574AR/serialNumber=F608628A4682F553804AF3AB2E58A19C30A8ADD2
        Validity
            Not Before: Sep 21 15:26:39 2024 GMT
            Not After : Sep 21 15:26:39 2029 GMT
        Subject: CN=66eee5b2-6d6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:72:fd:d0:5b:1c:31:2b:ae:33:c2:97:e3:bd:
                    8d:83:27:b1:7e:07:76:a2:8b:25:06:de:ba:94:b3:
                    f9:f7:56:20:14:a3:77:c0:40:df:9b:92:bb:d5:a0:
                    32:20:73:30:b6:64:39:7f:b3:c8:12:53:74:ab:5d:
                    13:7b:e5:f2:45:c3:8e:01:40:1e:5d:dc:3f:e8:56:
                    8e:81:75:10:44:9c:f0:e9:1a:44:17:9d:db:dc:aa:
                    ce:4d:6b:4b:40:93:93:05:90:1d:61:7b:da:93:62:
                    2f:35:7e:13:f1:41:b7:5a:d5:47:a0:3c:d9:be:f9:
                    d1:28:65:22:dd:b5:b8:b6:81:b6:6f:ba:b2:8a:0b:
                    38:3b:4d:1d:dd:35:df:be:72:53:a6:98:8d:e7:a8:
                    a0:96:cf:73:42:46:79:f9:09:43:22:03:39:6d:e8:
                    77:f7:1b:bc:a9:a0:03:cb:f4:ae:e7:6f:65:e4:e1:
                    72:f3:cd:f0:3c:a4:4a:4c:80:a4:5f:ec:84:22:e3:
                    7c:b6:c0:1f:c8:78:72:78:f2:2c:d0:a6:3f:51:0a:
                    ed:33:e3:40:6d:a7:94:9e:16:dd:f6:c6:aa:57:63:
                    ba:6e:5e:42:d2:93:25:a5:be:90:32:46:4f:bf:0f:
                    93:bf:7b:18:ec:a3:b8:b7:56:52:73:5d:65:fe:c1:
                    5e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:24:99:B9:FE:33:DF:66:DB:84:99:06:C6:27:33:C8:5C:84:DE:D4
            X509v3 Authority Key Identifier:
                keyid:F6:08:62:8A:46:82:F5:53:80:4A:F3:AB:2E:58:A1:9C:30:A8:AD:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/9ghiikaC9VOASvOrLlihnDCordI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/9ghiikaC9VOASvOrLlihnDCordI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/E769688C782D11EF8476D37A762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.221.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b8:23:59:ff:c2:84:70:8b:09:40:77:f1:86:50:22:d8:cf:1d:
         c1:0d:68:55:5e:bd:61:46:4d:a7:06:24:78:53:4c:53:1c:e7:
         67:78:0e:94:86:a0:0a:62:b6:b3:6d:fe:84:5a:52:bc:12:5b:
         8e:9f:5f:a5:e3:67:5b:b3:06:8a:e5:e8:e4:81:a0:fa:f0:54:
         d1:83:83:3a:f4:cf:f2:c1:da:fd:77:dc:81:8b:c0:f7:e3:52:
         f6:22:36:69:0f:1c:1f:f6:de:44:10:1c:08:c4:f8:00:d6:59:
         fb:cb:51:92:4f:2b:1c:0b:2b:b7:7e:37:32:b6:f2:8b:27:e1:
         9b:d9:ae:5f:ca:42:83:43:da:ab:88:fc:4b:6e:8a:ec:8f:46:
         7f:b3:da:57:e4:66:18:ed:7b:25:83:e9:b0:1a:4a:b6:28:99:
         b4:cf:fe:a5:96:ac:fe:70:bc:cc:7b:c0:4c:8d:cf:ae:75:30:
         5e:ce:af:c5:4f:27:24:13:74:1e:24:90:08:bb:74:1c:d3:71:
         86:a9:5f:8c:4f:7b:1f:22:2f:96:ee:2e:7a:86:46:69:a6:5f:
         04:62:90:83:57:79:57:c2:bf:13:f7:85:bf:5c:2e:2d:2d:44:
         70:b2:07:8a:ad:65:b7:23:ca:da:16:5a:73:6b:34:ec:01:bf:
         ae:d5:6e:8c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBETANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
NDU3NEFSMTEwLwYDVQQFEyhGNjA4NjI4QTQ2ODJGNTUzODA0QUYzQUIyRTU4QTE5
QzMwQThBREQyMB4XDTI0MDkyMTE1MjYzOVoXDTI5MDkyMTE1MjYzOVowGDEWMBQG
A1UEAxMNNjZlZWU1YjItNmQ2YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANly/dBbHDErrjPCl+O9jYMnsX4HdqKLJQbeupSz+fdWIBSjd8BA35uSu9Wg
MiBzMLZkOX+zyBJTdKtdE3vl8kXDjgFAHl3cP+hWjoF1EESc8OkaRBed29yqzk1r
S0CTkwWQHWF72pNiLzV+E/FBt1rVR6A82b750ShlIt21uLaBtm+6sooLODtNHd01
375yU6aYjeeooJbPc0JGefkJQyIDOW3od/cbvKmgA8v0rudvZeThcvPN8DykSkyA
pF/shCLjfLbAH8h4cnjyLNCmP1EK7TPjQG2nlJ4W3fbGqldjum5eQtKTJaW+kDJG
T78Pk797GOyjuLdWUnNdZf7BXo8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRiJJm5
/jPfZtuEmQbGJzPIXITe1DAfBgNVHSMEGDAWgBT2CGKKRoL1U4BK86suWKGcMKit
0jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDQ1NzQvMzdEQjkyQjI3NzgwMTFFRkE2RDcyRUIyNzYyRTk1MUEvOWdoaWlr
YUM5Vk9BU3ZPckxsaWhuRENvcmRJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
OWdoaWlrYUM5Vk9BU3ZPckxsaWhuRENvcmRJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NDQ1NzQvMzdEQjkyQjI3NzgwMTFFRkE2RDcyRUIyNzYyRTk1
MUEvRTc2OTY4OEM3ODJEMTFFRjg0NzZEMzdBNzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi3dbDANBgkqhkiG9w0BAQsFAAOC
AQEAuCNZ/8KEcIsJQHfxhlAi2M8dwQ1oVV69YUZNpwYkeFNMUxznZ3gOlIagCmK2
s23+hFpSvBJbjp9fpeNnW7MGiuXo5IGg+vBU0YODOvTP8sHa/XfcgYvA9+NS9iI2
aQ8cH/beRBAcCMT4ANZZ+8tRkk8rHAsrt343Mrbyiyfhm9muX8pCg0Paq4j8S26K
7I9Gf7PaV+RmGO17JYPpsBpKtiiZtM/+pZas/nC8zHvATI3PrnUwXs6vxU8nJBN0
HiSQCLt0HNNxhqlfjE97HyIvlu4ueoZGaaZfBGKQg1d5V8K/E/eFv1wuLS1EcLIH
iq1ltyPK2hZac2s07AG/rtVujA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org