Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3654A44/2DA756809CA511EDB40FF399F1222468/955060049CA711ED9B17A5A0F1222468.roa
File:                     955060049CA711ED9B17A5A0F1222468.roa (raw, json)
Hash identifier:          W/eo8QwuX/Mbv5n4NVe4MAT10Y7BTjQFeMmh4OdRafc=
Subject key identifier:   C3:35:2E:21:32:2A:26:8B:26:99:87:EA:C3:9A:FC:42:44:12:19:81
Certificate issuer:       /CN=F3654A44AR/serialNumber=16C74E7395DC21DD844A22A0112816121A75F492
Certificate serial:       02
Authority key identifier: 16:C7:4E:73:95:DC:21:DD:84:4A:22:A0:11:28:16:12:1A:75:F4:92
Authority info access:    rsync://rpki.afrinic.net/repository/arin/FsdOc5XcId2ESiKgESgWEhp19JI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3654A44/2DA756809CA511EDB40FF399F1222468/955060049CA711ED9B17A5A0F1222468.roa
Signing time:             Wed 25 Jan 2023 11:58:30 +0000
ROA not before:           Wed 25 Jan 2023 11:58:26 +0000
ROA not after:            Sat 25 Jan 2025 11:58:26 +0000
asID:                     328035
IP address blocks:        45.222.96.0/22 maxlen: 22
                          45.222.96.0/23 maxlen: 23
                          45.222.98.0/23 maxlen: 23
                          45.222.100.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3654A44/2DA756809CA511EDB40FF399F1222468/FsdOc5XcId2ESiKgESgWEhp19JI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3654A44/2DA756809CA511EDB40FF399F1222468/FsdOc5XcId2ESiKgESgWEhp19JI.mft
                          rsync://rpki.afrinic.net/repository/arin/FsdOc5XcId2ESiKgESgWEhp19JI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3654A44AR/serialNumber=16C74E7395DC21DD844A22A0112816121A75F492
        Validity
            Not Before: Jan 25 11:58:26 2023 GMT
            Not After : Jan 25 11:58:26 2025 GMT
        Subject: CN=63d11966-8c70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9f:02:86:3c:dd:12:44:d7:5e:a6:b6:1a:65:
                    02:ed:cf:38:ef:cb:37:af:af:9e:c0:98:1a:97:ba:
                    3c:35:44:5a:87:d9:86:8a:dc:8d:11:a7:1a:ae:06:
                    ca:b8:31:39:66:dc:23:e4:17:c1:d9:34:0a:0e:18:
                    0b:19:40:31:9b:b3:16:4e:8f:de:bf:5a:7b:36:a5:
                    b5:be:dc:0f:61:3a:69:68:49:3f:6b:1e:cc:ad:ba:
                    5d:41:50:15:a7:4c:45:84:8e:ef:c5:77:11:83:a4:
                    f9:48:bf:f6:ea:4f:c3:86:9e:2b:48:87:52:8f:a3:
                    93:b0:d0:aa:dc:94:21:17:ab:c0:ee:db:54:9a:de:
                    8b:96:04:65:db:55:0c:9e:81:04:cf:77:8c:89:c5:
                    31:5f:a3:6f:db:16:67:6c:d5:3d:1b:57:5c:ec:31:
                    b5:06:24:a2:49:32:2c:1f:cb:1d:ed:fa:3a:a4:f1:
                    e7:a3:5e:25:03:ff:50:2f:23:51:b6:f5:27:c7:ff:
                    e9:3c:60:ac:26:e0:94:fc:ff:3d:d9:e8:e2:a6:3e:
                    27:8c:a8:88:02:f6:0a:0f:52:66:ba:61:cf:d1:c8:
                    1f:3e:db:5c:83:9e:ed:3d:e6:9e:ae:08:85:f7:74:
                    b5:20:c6:72:63:9a:77:2e:ef:34:7d:cc:b4:8b:42:
                    d6:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:35:2E:21:32:2A:26:8B:26:99:87:EA:C3:9A:FC:42:44:12:19:81
            X509v3 Authority Key Identifier:
                keyid:16:C7:4E:73:95:DC:21:DD:84:4A:22:A0:11:28:16:12:1A:75:F4:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3654A44/2DA756809CA511EDB40FF399F1222468/FsdOc5XcId2ESiKgESgWEhp19JI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/FsdOc5XcId2ESiKgESgWEhp19JI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3654A44/2DA756809CA511EDB40FF399F1222468/955060049CA711ED9B17A5A0F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.222.96.0-45.222.101.255

    Signature Algorithm: sha256WithRSAEncryption
         0f:7f:ba:97:05:e9:26:db:fa:18:0f:ca:0b:ee:8e:ca:9f:ce:
         ab:9e:22:ee:44:e4:70:c7:f4:ae:e5:05:8e:89:16:49:b5:da:
         d5:b9:c8:2f:8b:20:6b:82:84:13:d8:23:b7:a5:a9:22:60:66:
         0e:94:e5:42:f0:ff:59:60:df:0a:3c:0c:06:d7:73:0a:fd:d0:
         7b:e6:55:4c:b7:1d:0e:10:49:80:3e:2a:68:bd:18:6c:a0:b6:
         06:06:3d:00:9a:a1:78:07:54:d3:c3:aa:2f:a4:c6:c0:50:b0:
         70:32:ba:c2:eb:05:7c:5e:c7:f7:0f:9f:01:27:ff:59:44:9f:
         eb:a3:3a:b1:25:85:56:ea:c6:c7:1c:40:04:8f:fd:c2:78:ab:
         46:27:1d:a6:f6:92:ec:99:e2:c7:48:6d:71:8d:d0:e6:90:e1:
         d6:20:41:50:dc:37:27:98:a4:6a:b6:4d:34:49:0d:09:14:08:
         ce:00:4a:83:03:43:f0:db:0e:28:51:75:2f:1b:df:bb:ad:9a:
         00:4c:f7:7f:4f:83:f9:eb:92:7c:20:23:e1:37:e6:42:7b:56:
         70:8a:c5:60:37:38:4b:68:5b:49:1b:83:f0:2d:9a:e9:b9:cb:
         85:85:93:99:78:88:98:1b:9c:30:81:7b:31:66:25:cb:0f:e9:
         d8:98:76:a3
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY1
NEE0NEFSMTEwLwYDVQQFEygxNkM3NEU3Mzk1REMyMUREODQ0QTIyQTAxMTI4MTYx
MjFBNzVGNDkyMB4XDTIzMDEyNTExNTgyNloXDTI1MDEyNTExNTgyNlowGDEWMBQG
A1UEAwwNNjNkMTE5NjYtOGM3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGfAoY83RJE116mthplAu3POO/LN6+vnsCYGpe6PDVEWofZhorcjRGnGq4G
yrgxOWbcI+QXwdk0Cg4YCxlAMZuzFk6P3r9aezaltb7cD2E6aWhJP2sezK26XUFQ
FadMRYSO78V3EYOk+Ui/9upPw4aeK0iHUo+jk7DQqtyUIRerwO7bVJrei5YEZdtV
DJ6BBM93jInFMV+jb9sWZ2zVPRtXXOwxtQYkokkyLB/LHe36OqTx56NeJQP/UC8j
Ubb1J8f/6TxgrCbglPz/Pdno4qY+J4yoiAL2Cg9SZrphz9HIHz7bXIOe7T3mnq4I
hfd0tSDGcmOady7vNH3MtItC1qUCAwEAAaOCAqowggKmMB0GA1UdDgQWBBTDNS4h
MiomiyaZh+rDmvxCRBIZgTAfBgNVHSMEGDAWgBQWx05zldwh3YRKIqARKBYSGnX0
kjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTRBNDQvMkRBNzU2ODA5Q0E1MTFFREI0MEZGMzk5RjEyMjI0NjgvRnNkT2M1
WGNJZDJFU2lLZ0VTZ1dFaHAxOUpJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
RnNkT2M1WGNJZDJFU2lLZ0VTZ1dFaHAxOUpJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NTRBNDQvMkRBNzU2ODA5Q0E1MTFFREI0MEZGMzk5RjEyMjI0
NjgvOTU1MDYwMDQ5Q0E3MTFFRDlCMTdBNUEwRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQFLd5gAwQBLd5kMA0GCSqGSIb3
DQEBCwUAA4IBAQAPf7qXBekm2/oYD8oL7o7Kn86rniLuRORwx/Su5QWOiRZJtdrV
ucgviyBrgoQT2CO3pakiYGYOlOVC8P9ZYN8KPAwG13MK/dB75lVMtx0OEEmAPipo
vRhsoLYGBj0AmqF4B1TTw6ovpMbAULBwMrrC6wV8Xsf3D58BJ/9ZRJ/rozqxJYVW
6sbHHEAEj/3CeKtGJx2m9pLsmeLHSG1xjdDmkOHWIEFQ3DcnmKRqtk00SQ0JFAjO
AEqDA0Pw2w4oUXUvG9+7rZoATPd/T4P565J8ICPhN+ZCe1ZwisVgNzhLaFtJG4Pw
LZrpucuFhZOZeIiYG5wwgXsxZiXLD+nYmHaj
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org