Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/648C3F8CC4CF11EEB00B3061775412E6.roa
File:                     648C3F8CC4CF11EEB00B3061775412E6.roa (raw, json)
Hash identifier:          FDVWcr2ZaAbCYXZ2KHJUxLsk/2sFqJr/Vx9+VGbIRJ4=
Subject key identifier:   30:F4:E3:27:A7:8B:C7:DB:EC:17:83:ED:30:AC:B2:99:8D:2C:27:76
Certificate issuer:       /CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
Certificate serial:       25
Authority key identifier: FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/648C3F8CC4CF11EEB00B3061775412E6.roa
Signing time:             Tue 06 Feb 2024 09:09:12 +0000
ROA not before:           Tue 06 Feb 2024 09:09:09 +0000
ROA not after:            Sat 06 Feb 2027 09:09:09 +0000
asID:                     36905
IP address blocks:        154.126.176.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 37 (0x25)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3655D2CAF/serialNumber=FDF4BF0013B1F1AACA39551BA626CA24683DAE66
        Validity
            Not Before: Feb  6 09:09:09 2024 GMT
            Not After : Feb  6 09:09:09 2027 GMT
        Subject: CN=65c1f738-426e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:89:7e:43:db:c3:d1:6b:d7:05:d7:0b:45:3f:
                    4e:70:c7:38:8f:16:44:98:00:af:fb:9c:71:46:c3:
                    07:d7:bc:b7:e1:51:6e:5c:68:c9:24:8c:49:c4:da:
                    57:82:c5:f5:c7:0f:5e:78:e3:01:5c:e6:da:41:ac:
                    59:57:ad:29:17:73:3c:5a:13:8b:73:f7:b2:82:b3:
                    61:bb:33:d1:75:ba:ff:db:a2:ab:5b:11:52:f2:02:
                    81:ec:75:bb:af:fd:12:ae:e2:b4:cd:89:9b:7c:2d:
                    4d:cb:63:56:d2:ff:82:bc:99:21:b4:bb:66:b1:d3:
                    bf:78:0d:73:e0:fc:1a:1a:ed:87:91:4c:73:14:70:
                    1b:7f:32:cb:81:e8:18:30:47:05:54:47:a3:1a:64:
                    61:e4:a1:ad:ce:3d:4f:3a:e6:04:20:56:39:eb:64:
                    02:ac:29:e1:1f:d9:8d:f9:e8:cb:d8:c9:47:f5:8d:
                    5a:a8:f1:c1:5e:bf:71:7e:f9:ef:37:51:6c:fc:52:
                    06:9d:9e:90:11:44:c9:86:15:14:f4:13:12:64:28:
                    9d:61:74:93:cf:fd:0e:13:8d:ce:04:91:14:47:83:
                    21:97:a9:68:f3:dc:30:50:b4:03:61:0d:23:21:93:
                    4c:ca:8c:b2:90:c1:cd:14:17:37:e4:58:9b:19:83:
                    bb:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:F4:E3:27:A7:8B:C7:DB:EC:17:83:ED:30:AC:B2:99:8D:2C:27:76
            X509v3 Authority Key Identifier:
                keyid:FD:F4:BF:00:13:B1:F1:AA:CA:39:55:1B:A6:26:CA:24:68:3D:AE:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/_fS_ABOx8arKOVUbpibKJGg9rmY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/_fS_ABOx8arKOVUbpibKJGg9rmY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3655D2C/1D64C2FCC4C311EE9C41994C775412E6/648C3F8CC4CF11EEB00B3061775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.126.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c5:e3:5b:9e:3a:95:0a:ba:8c:e7:94:ff:b2:79:fd:6b:97:a2:
         2b:8e:60:26:48:e3:14:6b:89:c4:19:77:62:b2:fc:6b:eb:4f:
         5e:df:2e:22:d7:0c:f8:dc:0c:64:32:64:65:df:8a:82:44:0b:
         bd:07:f9:c5:75:05:e6:3e:74:b1:d5:53:e4:2e:cd:ec:51:c6:
         dd:53:87:ad:65:0a:7e:03:61:ed:ba:32:b4:00:20:b1:3a:65:
         f4:09:fd:fb:16:a2:46:ff:66:cf:19:ce:5f:a0:ae:32:d4:78:
         1c:57:20:c0:7b:19:2a:ad:66:c0:83:9d:ba:a5:82:33:8e:4f:
         b3:d3:f0:2f:c1:19:26:4b:65:1a:00:15:ef:97:1d:76:ad:ff:
         f1:ae:3e:64:ca:80:99:68:dd:85:28:35:4a:b7:86:a2:b2:bb:
         ea:a4:1c:11:e7:54:72:43:ee:21:00:4c:2f:40:0b:8c:ec:96:
         bc:2b:ba:70:f8:8d:e8:de:86:ce:42:32:a8:64:74:f0:04:80:
         f0:52:18:63:c4:08:a1:32:d1:90:2e:b9:91:72:fb:87:04:8f:
         ec:fd:08:c3:57:35:36:a4:cf:8c:d8:f6:45:ba:19:cc:3b:1f:
         60:39:74:58:20:ba:8a:56:92:97:b8:21:47:0a:25:29:3a:83:
         bc:ae:9c:d2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NUQyQ0FGMTEwLwYDVQQFEyhGREY0QkYwMDEzQjFGMUFBQ0EzOTU1MUJBNjI2Q0Ey
NDY4M0RBRTY2MB4XDTI0MDIwNjA5MDkwOVoXDTI3MDIwNjA5MDkwOVowGDEWMBQG
A1UEAxMNNjVjMWY3MzgtNDI2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiJfkPbw9Fr1wXXC0U/TnDHOI8WRJgAr/uccUbDB9e8t+FRblxoySSMScTa
V4LF9ccPXnjjAVzm2kGsWVetKRdzPFoTi3P3soKzYbsz0XW6/9uiq1sRUvICgex1
u6/9Eq7itM2Jm3wtTctjVtL/gryZIbS7ZrHTv3gNc+D8Ghrth5FMcxRwG38yy4Ho
GDBHBVRHoxpkYeShrc49TzrmBCBWOetkAqwp4R/Zjfnoy9jJR/WNWqjxwV6/cX75
7zdRbPxSBp2ekBFEyYYVFPQTEmQonWF0k8/9DhONzgSRFEeDIZepaPPcMFC0A2EN
IyGTTMqMspDBzRQXN+RYmxmDu8MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQw9OMn
p4vH2+wXg+0wrLKZjSwndjAfBgNVHSMEGDAWgBT99L8AE7Hxqso5VRumJsokaD2u
ZjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1NDEyRTYvX2ZTX0FC
T3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvX2ZTX0FCT3g4YXJLT1ZVYnBpYktKR2c5cm1ZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTVEMkMvMUQ2NEMyRkNDNEMzMTFFRTlDNDE5OTRDNzc1
NDEyRTYvNjQ4QzNGOENDNENGMTFFRUIwMEIzMDYxNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJp+sDANBgkqhkiG9w0BAQsF
AAOCAQEAxeNbnjqVCrqM55T/snn9a5eiK45gJkjjFGuJxBl3YrL8a+tPXt8uItcM
+NwMZDJkZd+KgkQLvQf5xXUF5j50sdVT5C7N7FHG3VOHrWUKfgNh7boytAAgsTpl
9An9+xaiRv9mzxnOX6CuMtR4HFcgwHsZKq1mwIOduqWCM45Ps9PwL8EZJktlGgAV
75cddq3/8a4+ZMqAmWjdhSg1SreGorK76qQcEedUckPuIQBML0ALjOyWvCu6cPiN
6N6GzkIyqGR08ASA8FIYY8QIoTLRkC65kXL7hwSP7P0Iw1c1NqTPjNj2RboZzDsf
YDl0WCC6ilaSl7ghRwolKTqDvK6c0g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org