Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/CE307EFE6CC211EE939580764AD9E6FC.roa
File:                     CE307EFE6CC211EE939580764AD9E6FC.roa (raw, json)
Hash identifier:          91FMWaym5o112Upsz2ppnXK0BcnsGf6XXkO595t9JSk=
Subject key identifier:   B4:D2:A3:9C:95:52:A9:D8:31:F6:4A:AB:2A:C5:32:78:63:ED:11:A4
Certificate issuer:       /CN=F365F086AR/serialNumber=5AB4A9FE5832F6C24C042A371267F660C2955765
Certificate serial:       02
Authority key identifier: 5A:B4:A9:FE:58:32:F6:C2:4C:04:2A:37:12:67:F6:60:C2:95:57:65
Authority info access:    rsync://rpki.afrinic.net/repository/arin/WrSp_lgy9sJMBCo3Emf2YMKVV2U.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/CE307EFE6CC211EE939580764AD9E6FC.roa
Signing time:             Tue 17 Oct 2023 07:57:23 +0000
ROA not before:           Tue 17 Oct 2023 07:57:20 +0000
ROA not after:            Tue 17 Oct 2028 07:57:20 +0000
asID:                     37678
IP address blocks:        129.205.192.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/WrSp_lgy9sJMBCo3Emf2YMKVV2U.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/WrSp_lgy9sJMBCo3Emf2YMKVV2U.mft
                          rsync://rpki.afrinic.net/repository/arin/WrSp_lgy9sJMBCo3Emf2YMKVV2U.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:16:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365F086AR/serialNumber=5AB4A9FE5832F6C24C042A371267F660C2955765
        Validity
            Not Before: Oct 17 07:57:20 2023 GMT
            Not After : Oct 17 07:57:20 2028 GMT
        Subject: CN=652e3e63-da14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f2:3e:39:b3:8a:0d:63:9a:5f:27:2d:f8:28:
                    48:0d:01:ff:48:2b:49:18:7a:d2:47:28:ee:45:33:
                    3a:f4:88:39:7c:85:36:d6:71:2e:4f:06:d0:f8:a2:
                    35:9b:2f:32:37:7d:71:44:a0:37:cd:1a:73:c8:c4:
                    ec:2b:c6:cd:ba:37:8a:6f:d3:c2:a2:29:1c:3e:1b:
                    42:96:30:e5:e3:89:07:61:6a:f9:f7:43:f4:fd:1b:
                    25:47:98:f0:4c:e2:f1:6f:e3:ed:1e:29:9b:b7:31:
                    07:f6:9b:ea:26:06:7f:48:43:39:16:25:57:e9:66:
                    a8:39:6a:b8:be:34:b0:50:86:73:bc:99:73:86:ae:
                    96:b2:5a:f0:90:5d:fb:5c:be:a8:2f:82:60:a8:47:
                    40:2c:78:8f:8d:96:67:b8:3b:cc:c1:da:95:3b:c9:
                    58:95:bf:4e:81:f4:48:5c:25:ca:97:c3:6e:59:fa:
                    8a:b5:e4:65:7f:05:26:5d:af:10:5f:0f:af:bd:51:
                    ae:c6:6d:0f:49:55:bd:2e:f9:aa:51:e3:1a:93:93:
                    c8:8d:50:f9:5b:7d:9e:c6:84:c7:40:e0:f1:93:0b:
                    33:39:c1:21:48:19:33:b7:60:84:e7:e5:40:f1:da:
                    df:d4:43:f3:ff:f3:68:d9:67:70:da:67:c1:96:97:
                    17:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:D2:A3:9C:95:52:A9:D8:31:F6:4A:AB:2A:C5:32:78:63:ED:11:A4
            X509v3 Authority Key Identifier:
                keyid:5A:B4:A9:FE:58:32:F6:C2:4C:04:2A:37:12:67:F6:60:C2:95:57:65

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/WrSp_lgy9sJMBCo3Emf2YMKVV2U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/WrSp_lgy9sJMBCo3Emf2YMKVV2U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/CE307EFE6CC211EE939580764AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.205.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         7b:6d:14:cb:d8:96:c4:2a:35:dc:c4:0a:8f:ff:50:d2:61:2e:
         09:bb:1b:d4:d0:d3:cc:ed:e2:7c:d0:17:c0:6f:4d:a4:76:ba:
         07:50:8f:5c:43:5b:fd:05:0b:80:b4:f9:95:08:e5:15:b6:a9:
         49:56:de:fe:a0:bc:f3:18:24:70:c9:7a:f3:46:91:4e:00:03:
         a3:e0:76:4a:a0:20:66:8d:6d:fd:a8:aa:96:b1:b7:c8:fe:31:
         b3:2e:36:ae:73:03:12:4d:41:b5:63:eb:2d:cc:f7:9b:a5:ad:
         6a:d1:46:2b:c9:79:b8:e5:ca:18:06:69:27:6b:e2:a5:62:5e:
         c8:e8:a5:1a:96:c3:89:b3:80:bc:0b:b2:f4:26:81:5c:dc:21:
         34:20:b0:13:00:3f:ac:d7:8c:2e:25:e0:f2:65:84:59:01:e2:
         a6:91:7a:ce:04:86:2d:4e:4a:e4:65:d2:66:94:7d:dc:77:69:
         02:53:12:33:28:1d:e2:ac:bb:b1:46:b7:8f:02:50:f3:c4:0d:
         cd:3a:e2:05:9b:bd:7b:07:54:80:a9:35:7d:e0:62:ec:6d:f0:
         1d:65:6b:cc:cb:cc:99:7e:5a:11:b8:ea:c3:99:b1:38:10:60:
         21:d9:d1:fa:b9:de:90:b1:30:f1:5a:8b:93:bd:ce:ca:6b:19:
         47:3b:49:cf
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RjA4NkFSMTEwLwYDVQQFEyg1QUI0QTlGRTU4MzJGNkMyNEMwNDJBMzcxMjY3RjY2
MEMyOTU1NzY1MB4XDTIzMTAxNzA3NTcyMFoXDTI4MTAxNzA3NTcyMFowGDEWMBQG
A1UEAxMNNjUyZTNlNjMtZGExNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/yPjmzig1jml8nLfgoSA0B/0grSRh60kco7kUzOvSIOXyFNtZxLk8G0Pii
NZsvMjd9cUSgN80ac8jE7CvGzbo3im/TwqIpHD4bQpYw5eOJB2Fq+fdD9P0bJUeY
8Ezi8W/j7R4pm7cxB/ab6iYGf0hDORYlV+lmqDlquL40sFCGc7yZc4aulrJa8JBd
+1y+qC+CYKhHQCx4j42WZ7g7zMHalTvJWJW/ToH0SFwlypfDbln6irXkZX8FJl2v
EF8Pr71RrsZtD0lVvS75qlHjGpOTyI1Q+Vt9nsaEx0Dg8ZMLMznBIUgZM7dghOfl
QPHa39RD8//zaNlncNpnwZaXFzECAwEAAaOCAqIwggKeMB0GA1UdDgQWBBS00qOc
lVKp2DH2SqsqxTJ4Y+0RpDAfBgNVHSMEGDAWgBRatKn+WDL2wkwEKjcSZ/ZgwpVX
ZTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUYwODYvRjIxMTZGMEE2Q0JDMTFFRUJDRUUzQzY0NEFEOUU2RkMvV3JTcF9s
Z3k5c0pNQkNvM0VtZjJZTUtWVjJVLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
V3JTcF9sZ3k5c0pNQkNvM0VtZjJZTUtWVjJVLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NUYwODYvRjIxMTZGMEE2Q0JDMTFFRUJDRUUzQzY0NEFEOUU2
RkMvQ0UzMDdFRkU2Q0MyMTFFRTkzOTU4MDc2NEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBoHNwDANBgkqhkiG9w0BAQsFAAOC
AQEAe20Uy9iWxCo13MQKj/9Q0mEuCbsb1NDTzO3ifNAXwG9NpHa6B1CPXENb/QUL
gLT5lQjlFbapSVbe/qC88xgkcMl680aRTgADo+B2SqAgZo1t/aiqlrG3yP4xsy42
rnMDEk1BtWPrLcz3m6WtatFGK8l5uOXKGAZpJ2vipWJeyOilGpbDibOAvAuy9CaB
XNwhNCCwEwA/rNeMLiXg8mWEWQHippF6zgSGLU5K5GXSZpR93HdpAlMSMygd4qy7
sUa3jwJQ88QNzTriBZu9ewdUgKk1feBi7G3wHWVrzMvMmX5aEbjqw5mxOBBgIdnR
+rnekLEw8VqLk73OymsZRztJzw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:28 2024 by rpki-client on console-fra.rpki-client.org