Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/F71135A8967811EA89ED085BF8AEA228.roa
File:                     F71135A8967811EA89ED085BF8AEA228.roa (raw, json)
Hash identifier:          mQ+To7RHNAESk5YJPSceRlTNZT8t40xisQ1Ad1mdyds=
Subject key identifier:   D7:78:81:14:34:64:E0:9F:D0:7F:0E:CA:94:54:E4:ED:DA:D1:49:E1
Certificate issuer:       /CN=F366DC11AR/serialNumber=7F9EF436B31E592089063C1E6C437CD2C3FEA04B
Certificate serial:       02
Authority key identifier: 7F:9E:F4:36:B3:1E:59:20:89:06:3C:1E:6C:43:7C:D2:C3:FE:A0:4B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/f570NrMeWSCJBjwebEN80sP-oEs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/F71135A8967811EA89ED085BF8AEA228.roa
Signing time:             Fri 15 May 2020 06:54:48 +0000
ROA not before:           Fri 15 May 2020 06:54:34 +0000
ROA not after:            Tue 31 Dec 2030 06:54:34 +0000
asID:                     328638
IP address blocks:        160.226.160.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/f570NrMeWSCJBjwebEN80sP-oEs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/f570NrMeWSCJBjwebEN80sP-oEs.mft
                          rsync://rpki.afrinic.net/repository/arin/f570NrMeWSCJBjwebEN80sP-oEs.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:21:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366DC11AR/serialNumber=7F9EF436B31E592089063C1E6C437CD2C3FEA04B
        Validity
            Not Before: May 15 06:54:34 2020 GMT
            Not After : Dec 31 06:54:34 2030 GMT
        Subject: CN=5ebe3cb7-8bcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:1d:b4:cd:40:c5:18:eb:fe:24:7a:c1:5a:ed:
                    37:9e:6a:6d:ab:d1:a8:e6:94:b7:14:a6:53:d6:76:
                    29:7a:0b:86:81:42:d0:e6:ca:d8:e7:e5:10:53:01:
                    41:89:94:29:e4:9b:fb:2e:8d:a1:09:21:24:ee:05:
                    66:6d:10:48:13:37:3f:93:80:83:75:4e:ed:e5:07:
                    85:a8:9c:ae:95:21:fa:e5:47:c8:fa:db:35:80:77:
                    17:4a:b6:c1:c8:81:0e:ec:32:84:b5:d8:20:41:c9:
                    0c:5d:0d:ce:28:a0:c1:cd:c6:e2:48:08:7f:e0:82:
                    3d:b5:e3:82:62:f6:74:e7:41:e8:c1:5b:af:ea:1c:
                    5a:bd:73:10:e7:64:84:00:3d:a7:75:e1:aa:f3:e4:
                    62:53:22:f6:83:80:a6:79:99:bb:45:9b:47:68:e4:
                    6e:8b:00:eb:14:54:d4:22:d1:78:3d:43:d8:14:4a:
                    06:01:f0:7e:f4:39:24:9c:9d:7e:76:84:01:a2:5d:
                    b0:20:12:a2:6c:f7:f6:13:6f:11:2e:72:22:28:a0:
                    5a:d0:2f:e7:ae:00:83:4c:12:f8:33:d4:be:fd:5d:
                    e3:96:a9:b6:ee:dd:df:65:61:2b:7f:06:60:a1:24:
                    38:37:72:ff:11:67:60:d3:b0:e7:79:c9:3a:dd:43:
                    f1:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:78:81:14:34:64:E0:9F:D0:7F:0E:CA:94:54:E4:ED:DA:D1:49:E1
            X509v3 Authority Key Identifier:
                keyid:7F:9E:F4:36:B3:1E:59:20:89:06:3C:1E:6C:43:7C:D2:C3:FE:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/f570NrMeWSCJBjwebEN80sP-oEs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/f570NrMeWSCJBjwebEN80sP-oEs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/F71135A8967811EA89ED085BF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.226.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         01:5d:9f:f9:fe:5c:d4:11:c4:c7:0f:15:a1:3b:07:1e:e7:99:
         df:52:b7:19:55:3c:9d:74:3c:28:c9:a0:b8:90:f2:b9:79:26:
         c6:7a:d7:d5:79:a3:b7:31:93:84:2a:03:3e:b7:f6:50:7e:29:
         5e:c2:48:ef:6f:62:57:e7:f6:f2:e2:e9:20:19:97:2a:02:33:
         33:62:97:c7:b3:60:f4:39:00:65:f3:df:06:ae:e4:91:30:14:
         a9:cb:26:e2:f6:43:3e:1f:64:8c:e0:c7:24:6f:8e:ed:1d:5b:
         29:c0:d2:b6:d4:11:93:25:31:0e:d7:45:f4:3d:ae:d1:a2:f7:
         a9:88:af:f4:23:db:a9:71:24:96:51:49:31:8e:21:1c:cd:a6:
         65:fc:2d:97:b5:b0:27:34:d5:0c:40:15:d3:e1:3f:27:5e:12:
         b1:d0:03:f4:33:30:bd:d5:97:f0:51:09:44:32:23:f3:1c:72:
         bb:8e:5e:4c:fa:55:1e:10:9d:3f:57:b3:f1:61:60:bb:4a:5f:
         50:56:ad:cf:32:74:a5:cf:42:29:d5:76:f5:b7:50:30:b1:3c:
         e9:9a:7f:fc:7d:e4:a1:f1:b1:fc:cd:33:db:cb:2f:f1:c5:09:
         fe:25:6d:97:1f:f8:08:11:de:cd:5b:e8:23:04:a9:ec:57:95:
         3d:99:2e:ef
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
REMxMUFSMTEwLwYDVQQFEyg3RjlFRjQzNkIzMUU1OTIwODkwNjNDMUU2QzQzN0NE
MkMzRkVBMDRCMB4XDTIwMDUxNTA2NTQzNFoXDTMwMTIzMTA2NTQzNFowGDEWMBQG
A1UEAxMNNWViZTNjYjctOGJjZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIdtM1AxRjr/iR6wVrtN55qbavRqOaUtxSmU9Z2KXoLhoFC0ObK2OflEFMB
QYmUKeSb+y6NoQkhJO4FZm0QSBM3P5OAg3VO7eUHhaicrpUh+uVHyPrbNYB3F0q2
wciBDuwyhLXYIEHJDF0Nziigwc3G4kgIf+CCPbXjgmL2dOdB6MFbr+ocWr1zEOdk
hAA9p3XhqvPkYlMi9oOApnmZu0WbR2jkbosA6xRU1CLReD1D2BRKBgHwfvQ5JJyd
fnaEAaJdsCASomz39hNvES5yIiigWtAv564Ag0wS+DPUvv1d45aptu7d32VhK38G
YKEkODdy/xFnYNOw53nJOt1D8SkCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTXeIEU
NGTgn9B/DsqUVOTt2tFJ4TAfBgNVHSMEGDAWgBR/nvQ2sx5ZIIkGPB5sQ3zSw/6g
SzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkRDMTEvOTk1OTQ2QkM5Njc4MTFFQTg3OTk5NTVBRjhBRUEyMjgvZjU3ME5y
TWVXU0NKQmp3ZWJFTjgwc1Atb0VzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
ZjU3ME5yTWVXU0NKQmp3ZWJFTjgwc1Atb0VzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NkRDMTEvOTk1OTQ2QkM5Njc4MTFFQTg3OTk5NTVBRjhBRUEy
MjgvRjcxMTM1QTg5Njc4MTFFQTg5RUQwODVCRjhBRUEyMjgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBKDioDANBgkqhkiG9w0BAQsFAAOC
AQEAAV2f+f5c1BHExw8VoTsHHueZ31K3GVU8nXQ8KMmguJDyuXkmxnrX1XmjtzGT
hCoDPrf2UH4pXsJI729iV+f28uLpIBmXKgIzM2KXx7Ng9DkAZfPfBq7kkTAUqcsm
4vZDPh9kjODHJG+O7R1bKcDSttQRkyUxDtdF9D2u0aL3qYiv9CPbqXEkllFJMY4h
HM2mZfwtl7WwJzTVDEAV0+E/J14SsdAD9DMwvdWX8FEJRDIj8xxyu45eTPpVHhCd
P1ez8WFgu0pfUFatzzJ0pc9CKdV29bdQMLE86Zp//H3kofGx/M0z28sv8cUJ/iVt
lx/4CBHezVvoIwSp7FeVPZku7w==
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:21 2024 by rpki-client on console-ams.rpki-client.org