Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/D163C3CA3E8F11EF8DD4EA8B762E951A.roa
File:                     D163C3CA3E8F11EF8DD4EA8B762E951A.roa (raw, json)
Hash identifier:          Lkyx7ebIaCWwNF9O0UmMDuhIt39SWodpuHBtJiZV85g=
Subject key identifier:   B6:55:06:B7:19:52:EE:49:1F:9F:A3:D1:C7:D1:59:CA:7D:DF:40:D3
Certificate issuer:       /CN=F367FC8BAF/serialNumber=77412D7CC1053CE19D379CCC6007B925A1E74CA1
Certificate serial:       0195
Authority key identifier: 77:41:2D:7C:C1:05:3C:E1:9D:37:9C:CC:60:07:B9:25:A1:E7:4C:A1
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/d0EtfMEFPOGdN5zMYAe5JaHnTKE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/D163C3CA3E8F11EF8DD4EA8B762E951A.roa
Signing time:             Wed 10 Jul 2024 07:41:29 +0000
ROA not before:           Wed 10 Jul 2024 07:41:24 +0000
ROA not after:            Wed 10 Jul 2030 07:41:24 +0000
asID:                     9129
IP address blocks:        2001:4368::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/d0EtfMEFPOGdN5zMYAe5JaHnTKE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/d0EtfMEFPOGdN5zMYAe5JaHnTKE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/d0EtfMEFPOGdN5zMYAe5JaHnTKE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 405 (0x195)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367FC8BAF/serialNumber=77412D7CC1053CE19D379CCC6007B925A1E74CA1
        Validity
            Not Before: Jul 10 07:41:24 2024 GMT
            Not After : Jul 10 07:41:24 2030 GMT
        Subject: CN=668e3b29-646c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:73:7d:7a:01:64:b7:1f:2a:1b:24:31:88:b7:
                    cd:c7:ba:af:df:3a:e5:32:99:93:01:fb:68:3c:32:
                    9c:16:5b:14:ed:dd:1d:14:91:cf:3b:4a:a7:b4:99:
                    24:60:8e:ae:ae:fa:7a:3a:d5:65:91:23:17:5d:3d:
                    c1:66:be:6d:f6:ac:3e:a3:3a:5b:42:4d:e7:ab:b1:
                    81:21:b3:a7:1f:bf:32:69:4b:23:af:54:55:2f:17:
                    89:20:d7:eb:85:c6:dd:31:a8:50:f9:a4:44:e4:a3:
                    46:c1:09:57:41:6d:0e:c0:ac:f4:b0:52:30:2c:a4:
                    f1:32:86:06:3e:6a:e4:de:a1:bd:c8:68:21:ad:cf:
                    77:5f:10:6a:4c:a4:e1:0b:88:b1:b9:41:b2:65:21:
                    32:1d:95:04:c0:a8:01:29:95:75:d5:ca:5c:75:9f:
                    b4:2f:cd:ca:a6:0f:2e:d8:c4:e6:f2:2d:69:5a:89:
                    d7:2f:6c:4f:99:68:01:7a:fd:7b:96:73:30:dc:bc:
                    10:f5:96:9c:6a:c5:86:6d:5a:b0:4c:8d:91:ce:20:
                    65:64:f7:71:0e:4d:da:70:82:42:55:80:d8:93:8c:
                    5c:92:2d:d2:b8:8b:76:d1:d8:88:6b:c0:0e:d9:52:
                    24:33:b7:2c:38:74:5b:9e:a3:59:bf:2f:95:af:28:
                    90:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:55:06:B7:19:52:EE:49:1F:9F:A3:D1:C7:D1:59:CA:7D:DF:40:D3
            X509v3 Authority Key Identifier:
                keyid:77:41:2D:7C:C1:05:3C:E1:9D:37:9C:CC:60:07:B9:25:A1:E7:4C:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/d0EtfMEFPOGdN5zMYAe5JaHnTKE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/d0EtfMEFPOGdN5zMYAe5JaHnTKE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367FC8B/7B5474960EA911EE99CD2B764AD9E6FC/D163C3CA3E8F11EF8DD4EA8B762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4368::/32

    Signature Algorithm: sha256WithRSAEncryption
         93:79:87:bd:9d:97:86:58:34:97:81:24:a6:36:8e:58:5b:65:
         90:30:91:4a:1b:f1:77:ea:90:ad:36:ba:40:b1:60:c1:a2:43:
         12:4a:3d:5b:98:d8:2a:29:ef:0a:9b:eb:b3:0b:86:0c:4d:6a:
         74:df:a2:e7:0c:1f:76:ee:51:a6:6a:4e:d2:6c:af:dd:60:dc:
         9a:07:ca:66:83:d4:c7:ea:bb:61:7f:57:51:e3:97:4b:7c:7b:
         b9:dc:66:01:b9:22:74:4d:f2:48:ac:ad:76:a6:44:35:fb:4e:
         a2:3a:28:bc:af:da:c3:a7:b6:04:45:e3:a7:1b:33:7d:01:05:
         cc:4d:4d:c6:9b:bd:3f:e3:b0:69:32:e7:d7:0f:94:5d:fa:98:
         ee:b1:12:d1:0d:67:42:08:88:69:67:71:d4:bd:0c:75:30:b2:
         24:dd:75:83:0e:a0:ac:b5:7f:72:23:af:31:4c:b3:df:c1:dc:
         fa:fe:db:e2:57:2c:ec:27:95:9d:26:c9:f9:de:f1:e3:5e:3f:
         1b:f2:a8:7b:d2:57:7c:3d:ed:6a:75:57:20:06:6f:b4:59:27:
         a9:a3:70:1a:75:33:48:10:4b:b4:7c:52:11:b1:44:7c:b6:4b:
         ac:b4:fc:45:b0:2f:d1:08:72:e1:d2:c7:4e:62:88:f2:d7:48:
         05:15:fc:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAZUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0ZDOEJBRjExMC8GA1UEBRMoNzc0MTJEN0NDMTA1M0NFMTlEMzc5Q0NDNjAwN0I5
MjVBMUU3NENBMTAeFw0yNDA3MTAwNzQxMjRaFw0zMDA3MTAwNzQxMjRaMBgxFjAU
BgNVBAMTDTY2OGUzYjI5LTY0NmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCUc316AWS3HyobJDGIt83Huq/fOuUymZMB+2g8MpwWWxTt3R0Ukc87Sqe0
mSRgjq6u+no61WWRIxddPcFmvm32rD6jOltCTeersYEhs6cfvzJpSyOvVFUvF4kg
1+uFxt0xqFD5pETko0bBCVdBbQ7ArPSwUjAspPEyhgY+auTeob3IaCGtz3dfEGpM
pOELiLG5QbJlITIdlQTAqAEplXXVylx1n7QvzcqmDy7YxObyLWlaidcvbE+ZaAF6
/XuWczDcvBD1lpxqxYZtWrBMjZHOIGVk93EOTdpwgkJVgNiTjFySLdK4i3bR2Ihr
wA7ZUiQztyw4dFueo1m/L5WvKJCHAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUtlUG
txlS7kkfn6PRx9FZyn3fQNMwHwYDVR0jBBgwFoAUd0EtfMEFPOGdN5zMYAe5JaHn
TKEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdGQzhCLzdCNTQ3NDk2MEVBOTExRUU5OUNEMkI3NjRBRDlFNkZDL2QwRXRm
TUVGUE9HZE41ek1ZQWU1SmFIblRLRS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2QwRXRmTUVGUE9HZE41ek1ZQWU1SmFIblRLRS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdGQzhCLzdCNTQ3NDk2MEVBOTExRUU5OUNEMkI3NjRB
RDlFNkZDL0QxNjNDM0NBM0U4RjExRUY4REQ0RUE4Qjc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAgAUNoMA0GCSqGSIb3DQEB
CwUAA4IBAQCTeYe9nZeGWDSXgSSmNo5YW2WQMJFKG/F36pCtNrpAsWDBokMSSj1b
mNgqKe8Km+uzC4YMTWp036LnDB927lGmak7SbK/dYNyaB8pmg9TH6rthf1dR45dL
fHu53GYBuSJ0TfJIrK12pkQ1+06iOii8r9rDp7YEReOnGzN9AQXMTU3Gm70/47Bp
MufXD5Rd+pjusRLRDWdCCIhpZ3HUvQx1MLIk3XWDDqCstX9yI68xTLPfwdz6/tvi
VyzsJ5WdJsn53vHjXj8b8qh70ld8Pe1qdVcgBm+0WSepo3AadTNIEEu0fFIRsUR8
tkustPxFsC/RCHLh0sdOYojy10gFFfwd
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org