Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/AB2935AABAAA11EE8414C26E775412E6.roa
File:                     AB2935AABAAA11EE8414C26E775412E6.roa (raw, json)
Hash identifier:          Iu2+/+G7SddrVYB5Y7vkvVDPbGK/WE8yZYIn/anr/us=
Subject key identifier:   CE:81:98:4D:D7:E7:94:03:CC:53:69:7D:61:9B:FD:BB:C4:19:65:6D
Certificate issuer:       /CN=F3675681AF/serialNumber=B21C666D9BCD98C01959107179483726840320D9
Certificate serial:       0F
Authority key identifier: B2:1C:66:6D:9B:CD:98:C0:19:59:10:71:79:48:37:26:84:03:20:D9
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/shxmbZvNmMAZWRBxeUg3JoQDINk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/AB2935AABAAA11EE8414C26E775412E6.roa
Signing time:             Wed 24 Jan 2024 11:21:07 +0000
ROA not before:           Wed 24 Jan 2024 11:21:04 +0000
ROA not after:            Fri 28 Feb 2025 11:21:04 +0000
asID:                     329360
IP address blocks:        2c0f:6940::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/shxmbZvNmMAZWRBxeUg3JoQDINk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/shxmbZvNmMAZWRBxeUg3JoQDINk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/shxmbZvNmMAZWRBxeUg3JoQDINk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15 (0xf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3675681AF/serialNumber=B21C666D9BCD98C01959107179483726840320D9
        Validity
            Not Before: Jan 24 11:21:04 2024 GMT
            Not After : Feb 28 11:21:04 2025 GMT
        Subject: CN=65b0f2a3-7466
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a7:9f:1a:43:ca:32:f6:30:dc:1d:28:62:72:
                    f7:54:18:9c:ab:e8:54:8b:b3:12:ca:52:49:df:ba:
                    ab:15:f4:0f:ba:44:67:15:d9:e8:4d:1b:e5:85:51:
                    e6:ad:13:59:82:6c:3f:d9:c6:d8:b8:f1:8a:ee:18:
                    62:f7:53:5a:cc:a1:5c:0f:9d:2b:55:55:52:84:a0:
                    38:3d:82:9f:fc:3f:a4:f4:d1:29:76:ff:72:9f:3b:
                    98:9a:bd:17:2e:5e:3c:08:1b:6a:b9:b2:26:29:60:
                    05:6a:44:d8:c8:fe:e1:2f:0e:f4:36:8b:27:66:1e:
                    52:9a:f9:77:34:6e:9d:a7:24:3a:de:f5:a3:31:db:
                    ad:4b:7e:08:d6:9c:96:a7:59:d0:6a:aa:f1:42:7a:
                    0c:fc:11:73:54:fc:1a:1c:86:f2:8c:63:e7:07:53:
                    21:8d:c2:62:8f:ea:22:62:b6:69:8a:9a:14:17:74:
                    b0:56:6a:84:bf:fa:61:a0:63:7e:f7:9b:e6:9b:24:
                    cd:5b:83:20:6a:58:21:57:4f:40:94:35:73:5d:b3:
                    f7:2d:cf:31:8c:56:d9:38:c0:f4:26:b5:03:05:eb:
                    43:8a:81:54:05:5c:de:bb:35:7f:96:42:06:b5:df:
                    3f:41:d9:cf:c4:56:57:86:20:2f:01:d6:8c:97:df:
                    d1:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:81:98:4D:D7:E7:94:03:CC:53:69:7D:61:9B:FD:BB:C4:19:65:6D
            X509v3 Authority Key Identifier:
                keyid:B2:1C:66:6D:9B:CD:98:C0:19:59:10:71:79:48:37:26:84:03:20:D9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/shxmbZvNmMAZWRBxeUg3JoQDINk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/shxmbZvNmMAZWRBxeUg3JoQDINk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3675681/3A811A06B37111EE992D23C5775412E6/AB2935AABAAA11EE8414C26E775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:6940::/32

    Signature Algorithm: sha256WithRSAEncryption
         47:12:27:7d:9b:2e:70:f3:b5:3e:07:20:9b:b3:ab:34:84:65:
         f9:73:28:3c:12:25:8b:ba:0f:f4:da:b5:12:b9:c4:d0:32:6b:
         a1:81:20:ed:85:8e:cc:b0:df:a4:d0:5d:1a:e1:0e:2d:e2:3e:
         2e:b0:23:aa:8b:88:c8:87:a3:7f:a4:e5:3c:e2:e4:5d:29:6b:
         dc:74:14:22:3c:ac:99:bf:82:1a:0c:61:56:f8:fd:44:0c:08:
         a3:a0:07:99:ca:51:4f:6a:e7:2b:18:d4:b0:32:a8:90:92:20:
         73:96:12:26:72:44:14:94:8f:29:f1:04:79:a8:6e:99:9b:dc:
         39:a0:37:7b:e7:91:d7:ec:53:f9:a4:38:80:a8:e6:50:59:8d:
         03:e8:52:fa:9d:80:6d:d1:04:01:0e:b0:0c:c2:ec:0b:c6:86:
         f8:bb:93:66:9e:df:d9:e5:63:05:13:61:a9:47:da:97:62:1e:
         64:77:1a:3d:1c:25:ea:72:ab:84:6d:61:4a:ff:23:10:a6:70:
         2f:b6:44:40:46:b3:9a:23:6a:81:cb:29:cd:2a:ce:2b:5b:07:
         b3:c2:2e:fd:e5:28:4f:c9:f6:fa:f2:6e:09:d6:53:fb:42:29:
         2e:75:fd:4f:cc:54:58:7f:75:cf:0d:c2:f2:20:65:26:1d:29:
         76:72:eb:85
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBDzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NTY4MUFGMTEwLwYDVQQFEyhCMjFDNjY2RDlCQ0Q5OEMwMTk1OTEwNzE3OTQ4Mzcy
Njg0MDMyMEQ5MB4XDTI0MDEyNDExMjEwNFoXDTI1MDIyODExMjEwNFowGDEWMBQG
A1UEAxMNNjViMGYyYTMtNzQ2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALinnxpDyjL2MNwdKGJy91QYnKvoVIuzEspSSd+6qxX0D7pEZxXZ6E0b5YVR
5q0TWYJsP9nG2Ljxiu4YYvdTWsyhXA+dK1VVUoSgOD2Cn/w/pPTRKXb/cp87mJq9
Fy5ePAgbarmyJilgBWpE2Mj+4S8O9DaLJ2YeUpr5dzRunackOt71ozHbrUt+CNac
lqdZ0Gqq8UJ6DPwRc1T8GhyG8oxj5wdTIY3CYo/qImK2aYqaFBd0sFZqhL/6YaBj
fveb5pskzVuDIGpYIVdPQJQ1c12z9y3PMYxW2TjA9Ca1AwXrQ4qBVAVc3rs1f5ZC
BrXfP0HZz8RWV4YgLwHWjJff0ekCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTOgZhN
1+eUA8xTaX1hm/27xBllbTAfBgNVHSMEGDAWgBSyHGZtm82YwBlZEHF5SDcmhAMg
2TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzU2ODEvM0E4MTFBMDZCMzcxMTFFRTk5MkQyM0M1Nzc1NDEyRTYvc2h4bWJa
dk5tTUFaV1JCeGVVZzNKb1FESU5rLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvc2h4bWJadk5tTUFaV1JCeGVVZzNKb1FESU5rLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzU2ODEvM0E4MTFBMDZCMzcxMTFFRTk5MkQyM0M1Nzc1
NDEyRTYvQUIyOTM1QUFCQUFBMTFFRTg0MTRDMjZFNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPaUAwDQYJKoZIhvcNAQEL
BQADggEBAEcSJ32bLnDztT4HIJuzqzSEZflzKDwSJYu6D/TatRK5xNAya6GBIO2F
jsyw36TQXRrhDi3iPi6wI6qLiMiHo3+k5Tzi5F0pa9x0FCI8rJm/ghoMYVb4/UQM
CKOgB5nKUU9q5ysY1LAyqJCSIHOWEiZyRBSUjynxBHmobpmb3DmgN3vnkdfsU/mk
OICo5lBZjQPoUvqdgG3RBAEOsAzC7AvGhvi7k2ae39nlYwUTYalH2pdiHmR3Gj0c
Jepyq4RtYUr/IxCmcC+2REBGs5ojaoHLKc0qzitbB7PCLv3lKE/J9vrybgnWU/tC
KS51/U/MVFh/dc8NwvIgZSYdKXZy64U=
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:28 2024 by rpki-client on console-fra.rpki-client.org