Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/DD015D826CC111EE88677D734AD9E6FC.roa
File:                     DD015D826CC111EE88677D734AD9E6FC.roa (raw, json)
Hash identifier:          qWeL/3G03cESkK0lfpuTmBLiPLwBFByixPyVGD+RD2k=
Subject key identifier:   54:26:46:19:46:36:BA:AC:32:DF:4A:04:AE:51:20:CB:FC:D3:42:0B
Certificate issuer:       /CN=F365F086AF/serialNumber=02C44CED6B619AB1A404FCED3502B1D96848329E
Certificate serial:       02
Authority key identifier: 02:C4:4C:ED:6B:61:9A:B1:A4:04:FC:ED:35:02:B1:D9:68:48:32:9E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/AsRM7WthmrGkBPztNQKx2WhIMp4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/DD015D826CC111EE88677D734AD9E6FC.roa
Signing time:             Tue 17 Oct 2023 07:50:39 +0000
ROA not before:           Tue 17 Oct 2023 07:50:35 +0000
ROA not after:            Tue 17 Oct 2028 07:50:35 +0000
asID:                     37678
IP address blocks:        2c0f:f718::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/AsRM7WthmrGkBPztNQKx2WhIMp4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/AsRM7WthmrGkBPztNQKx2WhIMp4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/AsRM7WthmrGkBPztNQKx2WhIMp4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365F086AF/serialNumber=02C44CED6B619AB1A404FCED3502B1D96848329E
        Validity
            Not Before: Oct 17 07:50:35 2023 GMT
            Not After : Oct 17 07:50:35 2028 GMT
        Subject: CN=652e3ccf-c6cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3b:7c:5a:6e:4f:c3:a5:9f:ae:9c:f7:da:1f:
                    17:b6:5b:a1:dc:42:44:ac:50:44:68:be:a8:06:4e:
                    61:74:17:ab:22:ae:86:d7:2e:45:42:94:c9:10:cd:
                    77:21:8e:3d:d7:e1:67:81:64:ce:c9:12:6b:00:65:
                    7d:f5:ae:3e:d8:64:04:4d:84:13:e6:6e:3f:8f:6d:
                    81:6f:fa:88:28:ce:cb:4a:df:c0:4d:e6:60:a8:10:
                    b6:9e:b8:fd:e2:c1:68:94:07:f9:46:79:45:9a:ea:
                    5d:34:2a:61:6e:b8:55:68:b6:9d:62:e6:34:9d:7e:
                    64:f6:a5:76:cd:aa:05:95:a2:b0:b9:8b:de:1c:ff:
                    23:6c:ce:9b:d9:e3:58:78:39:b3:2c:f4:b4:9c:2c:
                    c9:c2:43:a7:eb:9f:e6:2a:4e:78:ee:70:98:3b:0b:
                    a3:1a:1c:2c:a3:9e:c9:45:51:96:01:f0:d2:d5:37:
                    cb:69:7f:0e:30:b1:2c:0a:16:6b:56:cb:30:17:43:
                    32:54:63:0e:f2:30:d4:63:56:0a:2d:ac:bc:a9:6d:
                    26:80:36:dc:91:e8:54:5a:13:07:1b:38:07:97:01:
                    c8:09:4f:6d:9a:ba:f4:6e:47:f2:7d:80:8c:44:2a:
                    d1:15:a1:0e:36:e3:3a:25:08:02:da:84:45:db:cc:
                    fa:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:26:46:19:46:36:BA:AC:32:DF:4A:04:AE:51:20:CB:FC:D3:42:0B
            X509v3 Authority Key Identifier:
                keyid:02:C4:4C:ED:6B:61:9A:B1:A4:04:FC:ED:35:02:B1:D9:68:48:32:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/AsRM7WthmrGkBPztNQKx2WhIMp4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/AsRM7WthmrGkBPztNQKx2WhIMp4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F086/DE7B16EE6CBC11EE9A59EE634AD9E6FC/DD015D826CC111EE88677D734AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f718::/32

    Signature Algorithm: sha256WithRSAEncryption
         51:80:45:d5:fe:90:f7:c6:75:56:a4:35:73:fa:73:93:97:48:
         63:85:f8:04:a3:20:75:69:6f:63:d8:64:ea:cf:cb:cd:77:6b:
         e7:90:2c:2b:5a:14:28:3a:32:71:91:f1:5e:fc:06:ef:e4:2b:
         6c:c9:5c:35:9b:0c:88:e2:5f:f7:2b:88:9c:42:4d:20:9e:9d:
         a5:e0:b1:fb:f5:15:b9:a5:9e:ff:3a:ac:fd:9c:97:14:91:10:
         66:51:de:45:6f:eb:c7:a1:a7:31:6d:35:2f:02:c5:b0:c0:7e:
         2d:ae:fa:f5:7a:08:bc:18:ab:9d:e2:3c:b8:1e:71:1b:cc:ea:
         98:22:56:44:5a:d6:bf:2c:60:5b:15:8c:b5:bb:f1:33:62:01:
         32:71:c7:87:72:08:bf:7b:b9:6d:9f:4a:8c:29:44:77:be:fb:
         d8:3e:29:fa:91:57:7a:fb:ae:9c:e3:ef:23:86:58:68:20:70:
         0a:06:1b:c5:96:1b:95:0c:00:6f:4a:cc:3d:3e:65:2b:0c:e7:
         11:d7:29:e4:f1:c5:90:44:dc:89:21:ba:8e:b9:62:bc:b6:b9:
         9f:c7:55:a6:26:a9:46:db:f5:cc:65:57:4d:32:54:ae:37:c6:
         d1:7c:a7:cc:74:f6:f0:0c:1c:35:4a:e0:f2:d1:02:13:77:ab:
         71:11:da:65
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RjA4NkFGMTEwLwYDVQQFEygwMkM0NENFRDZCNjE5QUIxQTQwNEZDRUQzNTAyQjFE
OTY4NDgzMjlFMB4XDTIzMTAxNzA3NTAzNVoXDTI4MTAxNzA3NTAzNVowGDEWMBQG
A1UEAxMNNjUyZTNjY2YtYzZjZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQ7fFpuT8Oln66c99ofF7ZbodxCRKxQRGi+qAZOYXQXqyKuhtcuRUKUyRDN
dyGOPdfhZ4FkzskSawBlffWuPthkBE2EE+ZuP49tgW/6iCjOy0rfwE3mYKgQtp64
/eLBaJQH+UZ5RZrqXTQqYW64VWi2nWLmNJ1+ZPalds2qBZWisLmL3hz/I2zOm9nj
WHg5syz0tJwsycJDp+uf5ipOeO5wmDsLoxocLKOeyUVRlgHw0tU3y2l/DjCxLAoW
a1bLMBdDMlRjDvIw1GNWCi2svKltJoA23JHoVFoTBxs4B5cByAlPbZq69G5H8n2A
jEQq0RWhDjbjOiUIAtqERdvM+u8CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBRUJkYZ
Rja6rDLfSgSuUSDL/NNCCzAfBgNVHSMEGDAWgBQCxEzta2GasaQE/O01ArHZaEgy
njAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUYwODYvREU3QjE2RUU2Q0JDMTFFRTlBNTlFRTYzNEFEOUU2RkMvQXNSTTdX
dGhtckdrQlB6dE5RS3gyV2hJTXA0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQXNSTTdXdGhtckdrQlB6dE5RS3gyV2hJTXA0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUYwODYvREU3QjE2RUU2Q0JDMTFFRTlBNTlFRTYzNEFE
OUU2RkMvREQwMTVEODI2Q0MxMTFFRTg4Njc3RDczNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwP9xgwDQYJKoZIhvcNAQEL
BQADggEBAFGARdX+kPfGdVakNXP6c5OXSGOF+ASjIHVpb2PYZOrPy813a+eQLCta
FCg6MnGR8V78Bu/kK2zJXDWbDIjiX/criJxCTSCenaXgsfv1Fbmlnv86rP2clxSR
EGZR3kVv68ehpzFtNS8CxbDAfi2u+vV6CLwYq53iPLgecRvM6pgiVkRa1r8sYFsV
jLW78TNiATJxx4dyCL97uW2fSowpRHe++9g+KfqRV3r7rpzj7yOGWGggcAoGG8WW
G5UMAG9KzD0+ZSsM5xHXKeTxxZBE3Ikhuo65Yry2uZ/HVaYmqUbb9cxlV00yVK43
xtF8p8x09vAMHDVK4PLRAhN3q3ER2mU=
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:56:09 2024 by rpki-client on console-fra.rpki-client.org