Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/644326BE8B8411EEA447F8144AD9E6FC.roa
File:                     644326BE8B8411EEA447F8144AD9E6FC.roa (raw, json)
Hash identifier:          eV2wWn8NZ25Qvc897aeZLrPsR0zDTox9HGuT75vkP24=
Subject key identifier:   D9:BC:17:E4:E0:7D:11:62:0E:7F:A0:F8:91:28:16:46:59:EC:57:7B
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1357
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/644326BE8B8411EEA447F8144AD9E6FC.roa
Signing time:             Sat 25 Nov 2023 11:18:43 +0000
ROA not before:           Sat 25 Nov 2023 11:18:40 +0000
ROA not after:            Tue 25 Nov 2025 11:18:40 +0000
asID:                     212238
IP address blocks:        154.16.21.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 16 Jul 2024 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4951 (0x1357)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Nov 25 11:18:40 2023 GMT
            Not After : Nov 25 11:18:40 2025 GMT
        Subject: CN=6561d813-d757
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:0e:5f:0e:af:35:7a:3e:ee:6a:0c:bd:18:a3:
                    8f:3c:9c:62:5b:1a:3c:39:ab:23:3b:4b:1e:24:ab:
                    01:f2:e9:60:b9:03:17:ef:16:22:3c:c1:4b:0d:ef:
                    27:07:e8:a1:b0:c8:ac:ee:ba:ae:b8:d1:7b:0b:01:
                    d1:dc:ea:af:74:12:74:d0:29:fb:4a:4f:9a:4d:da:
                    b4:01:cc:37:a3:03:a4:74:f3:57:ed:6f:62:4a:48:
                    1f:c9:17:86:be:ab:6b:ab:22:2f:b6:d9:dc:60:de:
                    c4:cc:4a:27:50:f3:ec:7e:30:a2:33:32:17:6b:c3:
                    24:10:3f:19:99:5a:15:87:ba:4d:16:4c:eb:11:6e:
                    a3:1b:ca:b8:91:bc:6e:f2:40:f9:bd:f2:c6:be:b4:
                    2a:1e:8e:db:89:9d:30:18:86:57:69:15:fd:16:40:
                    5b:c6:50:e7:6d:15:7d:0c:3b:8b:85:17:d8:45:4c:
                    be:70:ec:f4:fa:2c:b3:22:63:6c:97:67:5b:c5:25:
                    d8:7e:95:0a:73:b6:81:0f:25:87:ba:0e:95:73:3e:
                    cf:a5:89:bc:b2:ef:53:e8:b3:0f:bb:32:ed:7c:f3:
                    5a:f7:58:78:76:97:13:0d:9f:2d:5f:85:1a:38:52:
                    8d:bf:df:b6:1c:df:45:96:2f:64:a8:9e:94:2b:ec:
                    b3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:BC:17:E4:E0:7D:11:62:0E:7F:A0:F8:91:28:16:46:59:EC:57:7B
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/644326BE8B8411EEA447F8144AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:72:4c:a9:81:27:3d:d1:58:0f:80:d1:55:11:29:bd:c9:27:
         85:32:0f:8e:f8:f7:46:df:d7:dd:ef:cb:39:18:70:ca:33:7f:
         d3:cf:7d:98:a1:1f:6e:2a:ba:5c:d2:70:a2:53:b2:b4:80:80:
         e6:a9:58:c7:87:10:92:66:3c:97:7a:4e:e4:92:fd:1c:8d:ab:
         08:21:58:b1:4f:ad:ae:f6:bf:5c:92:d9:6a:92:28:36:51:8a:
         67:1c:4b:1f:8d:55:c1:18:8b:59:be:2e:ac:8a:55:c5:d5:9d:
         23:52:46:36:53:9d:e6:9f:84:28:be:e6:5d:f1:b9:77:d4:8f:
         9a:2d:d8:03:43:ea:57:8d:f2:2f:eb:41:56:fb:c0:6c:97:f0:
         94:5c:55:61:79:d2:5d:ea:4d:81:a5:c2:9e:48:12:a8:f7:45:
         3a:5d:5c:54:4d:2d:9c:74:7f:5f:4a:c2:d4:20:b7:a8:dd:10:
         16:18:19:3d:89:35:c0:d5:0d:9b:75:37:f3:ad:98:24:d0:6d:
         1b:2f:70:8a:b3:e4:bd:b2:4a:d9:12:a4:91:0c:e5:6a:4d:8a:
         2b:a6:af:0c:76:b7:5f:f6:cf:a2:52:9d:b7:67:38:f1:4c:0d:
         2e:16:ad:36:ef:d0:7d:24:f2:aa:9f:35:27:95:a0:be:60:ea:
         42:0f:2f:5f
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE1cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzExMjUxMTE4NDBaFw0yNTExMjUxMTE4NDBaMBgxFjAU
BgNVBAMTDTY1NjFkODEzLWQ3NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkDl8OrzV6Pu5qDL0Yo488nGJbGjw5qyM7Sx4kqwHy6WC5AxfvFiI8wUsN
7ycH6KGwyKzuuq640XsLAdHc6q90EnTQKftKT5pN2rQBzDejA6R081ftb2JKSB/J
F4a+q2urIi+22dxg3sTMSidQ8+x+MKIzMhdrwyQQPxmZWhWHuk0WTOsRbqMbyriR
vG7yQPm98sa+tCoejtuJnTAYhldpFf0WQFvGUOdtFX0MO4uFF9hFTL5w7PT6LLMi
Y2yXZ1vFJdh+lQpztoEPJYe6DpVzPs+libyy71Posw+7Mu1881r3WHh2lxMNny1f
hRo4Uo2/37Yc30WWL2SonpQr7LPvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2bwX
5OB9EWIOf6D4kSgWRlnsV3swHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzY0NDMyNkJFOEI4NDExRUVBNDQ3RjgxNDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEBUwDQYJKoZIhvcNAQEL
BQADggEBAKNyTKmBJz3RWA+A0VURKb3JJ4UyD47490bf193vyzkYcMozf9PPfZih
H24qulzScKJTsrSAgOapWMeHEJJmPJd6TuSS/RyNqwghWLFPra72v1yS2WqSKDZR
imccSx+NVcEYi1m+LqyKVcXVnSNSRjZTneafhCi+5l3xuXfUj5ot2AND6leN8i/r
QVb7wGyX8JRcVWF50l3qTYGlwp5IEqj3RTpdXFRNLZx0f19KwtQgt6jdEBYYGT2J
NcDVDZt1N/OtmCTQbRsvcIqz5L2yStkSpJEM5WpNiiumrwx2t1/2z6JSnbdnOPFM
DS4WrTbv0H0k8qqfNSeVoL5g6kIPL18=
-----END CERTIFICATE-----
Generated at Sun Jul 14 02:50:28 2024 by rpki-client on console-ams.rpki-client.org