Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/AACFEAD68C6311EB9983084EF8AEA228.roa
File:                     AACFEAD68C6311EB9983084EF8AEA228.roa (raw, json)
Hash identifier:          mp8Di5cQ+07cDSBUw2V+UWjzi83pjOROOh6G+eLkiaA=
Subject key identifier:   39:95:3F:46:DA:0E:AC:BD:10:B7:5D:CB:E6:B4:5D:F7:8D:4D:D2:E7
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       51
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/AACFEAD68C6311EB9983084EF8AEA228.roa
Signing time:             Wed 24 Mar 2021 05:42:06 +0000
ROA not before:           Wed 24 Mar 2021 05:42:00 +0000
ROA not after:            Mon 24 Mar 2031 05:42:00 +0000
asID:                     10474
IP address blocks:        196.41.128.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 81 (0x51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Mar 24 05:42:00 2021 GMT
            Not After : Mar 24 05:42:00 2031 GMT
        Subject: CN=605ad12e-d591
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:00:d3:5f:b2:db:ef:04:9e:17:58:0e:2c:9e:
                    aa:37:2e:01:c8:86:4e:91:01:a4:b9:46:84:74:ac:
                    ea:b9:5e:8a:37:de:ee:d1:c9:57:44:3a:c3:bc:16:
                    ac:fd:bb:68:7b:5f:0b:3c:d8:05:88:8e:9f:48:86:
                    ae:cd:21:c0:3a:d7:ef:3b:02:77:7d:ff:0a:3b:af:
                    47:61:c4:04:33:56:67:67:4d:3f:65:e9:04:a9:59:
                    0c:77:21:01:6a:b2:08:02:dc:bc:df:33:f0:8d:08:
                    86:fa:ad:f8:72:7a:92:91:77:7b:00:64:a8:00:af:
                    29:c9:3f:82:a1:ea:70:d4:41:33:89:2d:86:de:0f:
                    16:1b:7a:59:18:dc:3e:44:ff:0f:e1:e4:3e:2c:33:
                    0e:6a:9a:5b:45:a6:fd:38:cf:4f:8f:f3:18:43:0c:
                    a0:e4:50:fa:e0:7c:22:6d:61:74:1e:d1:80:29:e4:
                    64:b8:a3:4f:1a:b6:a6:4d:5f:e4:91:72:8a:43:9f:
                    6a:81:11:c0:ae:c1:1b:a9:33:c6:16:d3:c8:67:9a:
                    93:4c:fa:46:1f:c9:26:bc:18:86:b3:c8:ce:4d:ac:
                    77:09:e1:c2:97:32:a3:9c:40:f0:ae:b2:7d:65:68:
                    24:b0:2f:bb:26:1b:dc:50:ec:98:df:1d:23:27:58:
                    02:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:95:3F:46:DA:0E:AC:BD:10:B7:5D:CB:E6:B4:5D:F7:8D:4D:D2:E7
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/AACFEAD68C6311EB9983084EF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.41.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c2:40:ee:4c:d6:b4:2b:83:3a:3c:2f:10:c5:13:d8:75:16:e3:
         d0:67:1e:a5:b3:29:f6:a3:60:87:d7:c8:26:66:57:fc:98:d9:
         86:4d:4b:0e:e3:5b:44:15:3c:80:93:51:79:4b:15:40:11:0b:
         06:4a:d5:72:26:b4:67:71:23:f5:50:09:5a:ca:7a:d7:38:aa:
         43:32:74:d2:2b:17:24:4a:19:74:c1:5e:bf:68:a4:c9:c8:7e:
         f9:1e:0a:c6:71:4d:04:46:f8:b0:13:57:9b:76:61:67:e6:69:
         55:a9:c6:ea:eb:5a:9b:31:5e:92:31:e8:87:e7:de:ca:61:c1:
         9f:45:d4:95:f9:fe:73:0e:09:ad:c0:8a:dd:d3:95:c4:16:97:
         f8:5e:a7:c1:ec:5c:2d:a7:72:1e:50:dc:a1:cf:d5:cb:5e:db:
         ee:d8:3b:c1:9e:15:87:2b:96:5a:8f:3c:a0:30:07:d9:68:84:
         a5:9f:6b:d4:d6:7d:c3:3e:6f:91:a2:f0:75:fe:f5:32:a4:dd:
         7c:22:7b:10:c4:e9:75:58:33:b5:1e:b5:18:65:91:4a:72:c1:
         af:34:18:e7:f1:ef:d9:3b:08:1c:a3:06:db:bf:fa:48:1d:db:
         8a:5e:2b:ac:3a:d8:e5:ae:33:31:37:5b:fe:64:ce:27:2c:0a:
         21:4f:1b:59
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBUTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QjIxNkFGMTEwLwYDVQQFEygyRjQwN0ZFQ0Q4QjdERERDQTVENUI5MEE1RTE5NTg5
RDA2QzEwMURDMB4XDTIxMDMyNDA1NDIwMFoXDTMxMDMyNDA1NDIwMFowGDEWMBQG
A1UEAxMNNjA1YWQxMmUtZDU5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOcA01+y2+8EnhdYDiyeqjcuAciGTpEBpLlGhHSs6rleijfe7tHJV0Q6w7wW
rP27aHtfCzzYBYiOn0iGrs0hwDrX7zsCd33/CjuvR2HEBDNWZ2dNP2XpBKlZDHch
AWqyCALcvN8z8I0Ihvqt+HJ6kpF3ewBkqACvKck/gqHqcNRBM4ktht4PFht6WRjc
PkT/D+HkPiwzDmqaW0Wm/TjPT4/zGEMMoORQ+uB8Im1hdB7RgCnkZLijTxq2pk1f
5JFyikOfaoERwK7BG6kzxhbTyGeak0z6Rh/JJrwYhrPIzk2sdwnhwpcyo5xA8K6y
fWVoJLAvuyYb3FDsmN8dIydYAoMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ5lT9G
2g6svRC3XcvmtF33jU3S5zAfBgNVHSMEGDAWgBQvQH/s2Lfd3KXVuQpeGVidBsEB
3DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhBRUEyMjgvTDBCXzdO
aTMzZHlsMWJrS1hobFluUWJCQWR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTDBCXzdOaTMzZHlsMWJrS1hobFluUWJCQWR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0IyMTYvMzZBQzBGOTY4N0Q1MTFFQkFBRkYzNDQ3RjhB
RUEyMjgvQUFDRkVBRDY4QzYzMTFFQjk5ODMwODRFRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcQpgDANBgkqhkiG9w0BAQsF
AAOCAQEAwkDuTNa0K4M6PC8QxRPYdRbj0GcepbMp9qNgh9fIJmZX/JjZhk1LDuNb
RBU8gJNReUsVQBELBkrVcia0Z3Ej9VAJWsp61ziqQzJ00isXJEoZdMFev2ikych+
+R4KxnFNBEb4sBNXm3ZhZ+ZpVanG6utamzFekjHoh+feymHBn0XUlfn+cw4JrcCK
3dOVxBaX+F6nwexcLadyHlDcoc/Vy17b7tg7wZ4VhyuWWo88oDAH2WiEpZ9r1NZ9
wz5vkaLwdf71MqTdfCJ7EMTpdVgztR61GGWRSnLBrzQY5/Hv2TsIHKMG27/6SB3b
il4rrDrY5a4zMTdb/mTOJywKIU8bWQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org