Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/182AE820E86811EEB837739A775412E6.roa
File:                     182AE820E86811EEB837739A775412E6.roa (raw, json)
Hash identifier:          NsHELgbmwb6ohE2cl+ER1zAEWcC0xyiLuLtjB3nd2JI=
Subject key identifier:   F2:71:B2:02:DB:AC:3E:1A:FE:FF:20:44:25:26:46:87:34:1E:AC:99
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1567
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/182AE820E86811EEB837739A775412E6.roa
Signing time:             Fri 22 Mar 2024 16:20:28 +0000
ROA not before:           Fri 22 Mar 2024 16:20:24 +0000
ROA not after:            Sun 22 Mar 2026 16:20:24 +0000
asID:                     29802
IP address blocks:        154.16.57.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5479 (0x1567)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Mar 22 16:20:24 2024 GMT
            Not After : Mar 22 16:20:24 2026 GMT
        Subject: CN=65fdafcb-ec95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:d4:28:50:63:4f:ec:a8:39:5a:0a:29:29:36:
                    cc:5b:2b:e9:c5:f4:00:1a:8a:9f:63:52:1b:47:b5:
                    c4:7c:5e:a5:77:59:88:4d:d4:ed:97:6c:2b:4c:4e:
                    2f:a0:b1:9c:bb:9d:e4:4f:a9:1c:e0:18:53:35:ff:
                    00:bd:12:99:52:8f:ce:e3:b5:d6:0a:1e:34:02:9b:
                    3c:88:cf:d3:f4:65:51:31:96:8f:b5:b0:67:df:7a:
                    e6:78:cb:05:32:0d:bb:03:dd:17:46:5e:5d:77:be:
                    c3:b5:94:44:14:d0:10:1a:2a:ad:5d:95:11:55:18:
                    2d:40:5d:fe:ac:9f:49:85:8a:fd:30:7f:23:d0:58:
                    d0:c9:a6:6a:2c:55:4d:f5:7c:0a:c1:bb:f8:4a:d1:
                    6b:bc:46:87:03:8a:d4:bb:57:91:dd:64:e8:fd:23:
                    da:1b:ee:f1:3d:e5:79:03:9d:aa:dd:7b:73:d6:25:
                    c1:4c:8a:38:53:d5:11:20:79:2a:ac:42:73:f4:55:
                    6b:67:c6:9c:9a:ca:63:51:a2:e5:04:78:45:bd:5f:
                    84:35:ca:b6:aa:b8:fb:68:03:21:a8:40:b2:29:4e:
                    33:09:bd:1c:0c:25:73:96:ad:e1:ba:d6:33:33:f0:
                    98:ae:6d:35:49:da:3c:dd:98:d8:7d:bc:9e:86:bc:
                    9b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:71:B2:02:DB:AC:3E:1A:FE:FF:20:44:25:26:46:87:34:1E:AC:99
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/182AE820E86811EEB837739A775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:6a:90:99:7f:dd:13:a4:49:f6:4e:60:c9:3e:d8:88:81:9f:
         82:39:2c:5f:bb:17:18:ac:2a:ea:04:29:80:ab:29:16:e4:70:
         f1:f9:ef:d1:d9:56:85:5c:33:57:41:fe:e5:ac:ea:6f:81:6f:
         0d:cf:96:30:62:ee:34:2f:69:1e:25:0e:a8:ae:e3:a7:0e:d5:
         e6:b7:ac:24:f2:15:3d:e3:e9:4c:54:69:24:a5:bf:5c:df:14:
         be:d0:bf:2c:5f:d8:7c:4e:80:1b:71:58:f8:39:83:0a:3f:c0:
         0b:66:90:1f:dc:49:4b:a9:38:10:1d:36:5f:1d:9e:4c:e6:47:
         d7:5b:1f:d2:e8:68:cc:c9:54:d4:16:b2:fc:63:55:ba:a6:8e:
         a0:f5:4e:ac:5b:4f:42:47:44:f1:98:56:ff:55:88:4a:87:a0:
         64:56:96:cf:0d:3d:3b:56:4a:94:9b:63:d6:32:00:8c:2d:48:
         f2:5b:58:7d:c0:79:05:56:2a:67:1f:14:97:d6:a4:b2:3d:0d:
         ed:f8:e5:3e:4d:54:70:50:0f:1f:de:99:8d:40:be:eb:dc:7b:
         08:4c:6d:0c:34:83:38:7d:88:2f:6c:78:fd:d7:20:23:63:17:
         79:81:d1:8d:62:9f:00:f6:a3:45:e0:32:64:67:90:f6:9c:7d:
         45:93:19:28
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFWcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDAzMjIxNjIwMjRaFw0yNjAzMjIxNjIwMjRaMBgxFjAU
BgNVBAMTDTY1ZmRhZmNiLWVjOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDF1ChQY0/sqDlaCikpNsxbK+nF9AAaip9jUhtHtcR8XqV3WYhN1O2XbCtM
Ti+gsZy7neRPqRzgGFM1/wC9EplSj87jtdYKHjQCmzyIz9P0ZVExlo+1sGffeuZ4
ywUyDbsD3RdGXl13vsO1lEQU0BAaKq1dlRFVGC1AXf6sn0mFiv0wfyPQWNDJpmos
VU31fArBu/hK0Wu8RocDitS7V5HdZOj9I9ob7vE95XkDnarde3PWJcFMijhT1REg
eSqsQnP0VWtnxpyaymNRouUEeEW9X4Q1yraquPtoAyGoQLIpTjMJvRwMJXOWreG6
1jMz8JiubTVJ2jzdmNh9vJ6GvJulAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8nGy
AtusPhr+/yBEJSZGhzQerJkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzE4MkFFODIwRTg2ODExRUVCODM3NzM5QTc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEDkwDQYJKoZIhvcNAQEL
BQADggEBAK9qkJl/3ROkSfZOYMk+2IiBn4I5LF+7FxisKuoEKYCrKRbkcPH579HZ
VoVcM1dB/uWs6m+Bbw3PljBi7jQvaR4lDqiu46cO1ea3rCTyFT3j6UxUaSSlv1zf
FL7Qvyxf2HxOgBtxWPg5gwo/wAtmkB/cSUupOBAdNl8dnkzmR9dbH9LoaMzJVNQW
svxjVbqmjqD1TqxbT0JHRPGYVv9ViEqHoGRWls8NPTtWSpSbY9YyAIwtSPJbWH3A
eQVWKmcfFJfWpLI9De345T5NVHBQDx/emY1AvuvcewhMbQw0gzh9iC9seP3XICNj
F3mB0Y1inwD2o0XgMmRnkPacfUWTGSg=
-----END CERTIFICATE-----
Generated at Sun Jul 14 01:34:43 2024 by rpki-client on console-fra.rpki-client.org