Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7DE78276446711EFAE4D236C762E951A.roa
File:                     7DE78276446711EFAE4D236C762E951A.roa (raw, json)
Hash identifier:          qHQ4CyFsB7SHI8cxmpKXRoGvtT7ElaTdXWPk/vCnP6Q=
Subject key identifier:   5C:80:16:4D:B9:08:A5:2A:3B:C1:67:C1:C7:53:EF:EE:40:51:E0:F9
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1741
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7DE78276446711EFAE4D236C762E951A.roa
Signing time:             Wed 17 Jul 2024 18:07:56 +0000
ROA not before:           Wed 17 Jul 2024 18:07:51 +0000
ROA not after:            Fri 17 Jul 2026 18:07:51 +0000
asID:                     16611
IP address blocks:        154.16.41.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5953 (0x1741)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jul 17 18:07:51 2024 GMT
            Not After : Jul 17 18:07:51 2026 GMT
        Subject: CN=6698087c-413d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:89:b1:7b:ec:7c:d6:a5:2a:4b:bf:9b:f7:8a:
                    5c:24:77:60:82:c2:86:3f:9a:cb:55:8d:6b:11:fd:
                    f1:cc:e5:e2:1a:e9:21:ce:da:30:4e:6c:ba:91:0a:
                    cf:6b:4c:8e:04:f0:9a:b0:71:27:37:37:1e:99:90:
                    80:93:37:23:27:83:d8:ff:70:cf:4d:94:9e:7c:6a:
                    75:bc:61:4f:b7:ee:1a:0d:b3:86:76:61:86:ab:51:
                    05:37:9f:77:93:57:50:84:e8:5e:6e:de:ee:18:2e:
                    24:91:3f:63:f3:65:54:aa:c7:f3:47:2c:5b:39:39:
                    cb:3f:8e:fa:d8:34:f9:0c:85:03:fa:fd:56:ce:49:
                    05:a8:83:17:5a:21:f5:e5:65:13:2e:f5:80:c4:9b:
                    49:dc:79:c3:97:da:dc:89:06:b2:e4:18:82:70:29:
                    6b:5c:d2:5b:76:74:48:d6:95:79:1e:d9:ec:c3:44:
                    12:37:73:fb:5a:2c:46:02:1e:75:6a:78:3d:52:87:
                    49:5c:e8:77:d5:1c:9e:9f:68:1e:60:aa:55:fb:8f:
                    2a:5b:65:9a:a4:34:77:2f:ad:b6:4d:a0:dc:b2:95:
                    8b:05:fb:09:b5:d6:e2:e4:81:49:5f:92:85:a3:27:
                    49:6c:05:e5:68:d9:5c:60:96:76:ba:cd:bc:6d:26:
                    37:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:80:16:4D:B9:08:A5:2A:3B:C1:67:C1:C7:53:EF:EE:40:51:E0:F9
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/7DE78276446711EFAE4D236C762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:c1:59:fb:8d:58:fd:35:e4:69:19:ad:14:90:96:9b:e4:0b:
         70:b0:16:7c:b5:d1:ff:a7:f2:40:14:03:d5:54:8b:5e:76:11:
         6b:70:d2:60:8d:31:d5:36:66:42:76:f1:af:4f:30:7a:8f:89:
         b1:6d:81:c0:f2:04:49:f4:ed:28:89:6c:3d:29:86:71:fc:e3:
         82:0c:61:f7:c4:7c:27:17:ef:98:da:c5:a2:da:dd:82:4b:6a:
         54:d1:2e:96:01:9f:94:f8:2f:e2:e3:83:e6:cf:08:1c:8f:12:
         7f:6b:60:65:94:83:fe:05:ee:0b:23:a1:23:f7:d2:ba:a0:93:
         1c:9f:61:48:8e:99:53:a4:85:34:14:97:2a:c5:98:e2:3e:25:
         b3:71:ce:3f:f6:e2:6e:e7:e4:18:12:b1:41:d7:7d:75:2b:3f:
         ee:60:7c:83:36:17:37:bc:bb:c6:f7:62:6e:56:de:ee:ff:9f:
         a0:59:cc:38:f9:21:cf:d5:76:28:10:66:3e:8c:8e:ec:80:31:
         18:d4:2f:46:28:a9:f0:3a:30:af:3c:37:0d:d9:b1:19:e6:2d:
         b8:4e:bb:82:1c:c6:ca:0d:bd:7a:cf:30:03:77:e6:b2:8b:81:
         e5:e5:e0:7c:04:c9:1e:2f:05:5b:39:93:c5:4c:df:8c:4d:96:
         6d:39:98:06
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICF0EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA3MTcxODA3NTFaFw0yNjA3MTcxODA3NTFaMBgxFjAU
BgNVBAMTDTY2OTgwODdjLTQxM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCqibF77HzWpSpLv5v3ilwkd2CCwoY/mstVjWsR/fHM5eIa6SHO2jBObLqR
Cs9rTI4E8JqwcSc3Nx6ZkICTNyMng9j/cM9NlJ58anW8YU+37hoNs4Z2YYarUQU3
n3eTV1CE6F5u3u4YLiSRP2PzZVSqx/NHLFs5Ocs/jvrYNPkMhQP6/VbOSQWogxda
IfXlZRMu9YDEm0ncecOX2tyJBrLkGIJwKWtc0lt2dEjWlXke2ezDRBI3c/taLEYC
HnVqeD1Sh0lc6HfVHJ6faB5gqlX7jypbZZqkNHcvrbZNoNyylYsF+wm11uLkgUlf
koWjJ0lsBeVo2Vxglna6zbxtJjeTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUXIAW
TbkIpSo7wWfBx1Pv7kBR4PkwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzdERTc4Mjc2NDQ2NzExRUZBRTREMjM2Qzc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaECkwDQYJKoZIhvcNAQEL
BQADggEBAGHBWfuNWP015GkZrRSQlpvkC3CwFny10f+n8kAUA9VUi152EWtw0mCN
MdU2ZkJ28a9PMHqPibFtgcDyBEn07SiJbD0phnH844IMYffEfCcX75jaxaLa3YJL
alTRLpYBn5T4L+Ljg+bPCByPEn9rYGWUg/4F7gsjoSP30rqgkxyfYUiOmVOkhTQU
lyrFmOI+JbNxzj/24m7n5BgSsUHXfXUrP+5gfIM2Fze8u8b3Ym5W3u7/n6BZzDj5
Ic/VdigQZj6MjuyAMRjUL0YoqfA6MK88Nw3ZsRnmLbhOu4IcxsoNvXrPMAN35rKL
geXl4HwEyR4vBVs5k8VM34xNlm05mAY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:56 2024 by rpki-client on console-fra.rpki-client.org