Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C306DCE0308411EFBAF25DA4762E951A.roa
File:                     C306DCE0308411EFBAF25DA4762E951A.roa (raw, json)
Hash identifier:          HLzcu8wfrF80N9KkxQvLg+F5FqOQGmAg7aQtUXnSoGE=
Subject key identifier:   69:1D:8D:EC:A5:87:8A:C4:DE:C3:67:10:C2:29:C4:24:B8:0A:8D:E9
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1703
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C306DCE0308411EFBAF25DA4762E951A.roa
Signing time:             Sat 22 Jun 2024 10:47:04 +0000
ROA not before:           Sat 22 Jun 2024 10:47:00 +0000
ROA not after:            Mon 22 Jun 2026 10:47:00 +0000
asID:                     26548
IP address blocks:        154.16.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5891 (0x1703)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Jun 22 10:47:00 2024 GMT
            Not After : Jun 22 10:47:00 2026 GMT
        Subject: CN=6676aba8-fa00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:85:f6:b2:35:60:2c:49:5b:5b:d0:b9:5a:3a:
                    6f:81:6d:24:1c:2d:98:d3:e0:e7:cc:1d:61:7b:83:
                    ea:9b:a4:e0:5d:de:b0:9f:b1:55:fd:a2:97:1d:91:
                    7c:e9:30:8a:e2:f8:1d:d6:00:ce:65:45:b2:d5:68:
                    1e:61:2c:53:09:6c:2b:08:ae:fd:b6:e3:15:4f:59:
                    23:c5:92:f2:f6:9c:67:c9:b2:63:d5:d1:78:97:6c:
                    0b:bb:c2:3e:0b:d1:d8:c5:48:80:a6:98:f1:03:10:
                    2c:8d:9a:84:f9:43:76:1a:7b:d1:84:38:2d:88:e1:
                    30:89:ab:a8:2f:93:02:6a:62:56:cd:e1:20:cc:d5:
                    8a:0b:73:66:5e:0d:8d:1e:fb:5b:4b:2d:89:c8:7d:
                    c7:52:09:6e:24:03:41:68:76:b4:6a:53:38:99:ab:
                    f6:f0:2f:70:60:3f:18:00:5e:e5:71:c1:13:e0:11:
                    21:9c:57:dc:45:75:93:99:31:56:db:51:77:e6:1c:
                    87:d2:a5:2a:34:ce:4c:07:4a:04:2b:1d:8c:2c:de:
                    66:06:af:ba:3f:f8:5a:82:78:1d:bc:19:d3:14:12:
                    07:b2:60:03:7b:93:e1:5b:9b:cf:cc:f4:67:d0:ef:
                    a2:34:3c:8f:29:b7:23:4a:10:83:e5:d2:63:87:72:
                    96:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:1D:8D:EC:A5:87:8A:C4:DE:C3:67:10:C2:29:C4:24:B8:0A:8D:E9
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/C306DCE0308411EFBAF25DA4762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:fd:80:f5:98:d7:eb:98:2e:dc:6c:73:98:e8:18:99:6a:3e:
         84:78:8d:65:84:bb:38:c1:58:58:59:90:06:8d:9e:e9:ab:5d:
         09:07:cf:cf:67:d1:a8:d9:77:06:3d:13:80:e0:28:b8:93:db:
         10:78:cd:e5:06:21:f5:b7:2b:7f:07:1f:54:8a:8c:2b:35:a9:
         ae:de:78:92:83:15:03:e8:a9:96:e2:45:0d:c8:06:74:cd:56:
         67:31:00:56:02:c7:0e:4e:10:8b:69:f3:fe:35:a5:c2:9f:57:
         5b:cb:b1:b8:73:99:ae:e5:99:b0:04:48:41:ac:2c:26:5b:ee:
         13:e9:2c:f2:dc:95:a7:69:16:9f:a4:3d:b6:3e:11:b9:0a:d7:
         d7:27:99:12:81:03:b3:03:44:b3:7c:c6:fb:3b:07:07:5d:df:
         cd:47:de:40:09:15:94:24:7d:24:c0:c9:35:98:1c:d5:3a:70:
         51:13:f1:e5:7a:77:bc:d7:25:aa:44:f9:b1:db:c7:a8:68:79:
         37:42:ff:6f:26:71:80:e4:4e:a0:99:17:9d:63:9c:65:dc:c8:
         e1:58:c7:ec:b8:fe:89:81:68:3a:15:2b:f2:be:bb:e1:d2:98:
         4d:5d:e7:f5:06:d9:00:59:01:c7:0a:13:83:92:7c:8b:5e:43:
         39:69:71:c0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICFwMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNDA2MjIxMDQ3MDBaFw0yNjA2MjIxMDQ3MDBaMBgxFjAU
BgNVBAMTDTY2NzZhYmE4LWZhMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdhfayNWAsSVtb0LlaOm+BbSQcLZjT4OfMHWF7g+qbpOBd3rCfsVX9opcd
kXzpMIri+B3WAM5lRbLVaB5hLFMJbCsIrv224xVPWSPFkvL2nGfJsmPV0XiXbAu7
wj4L0djFSICmmPEDECyNmoT5Q3Yae9GEOC2I4TCJq6gvkwJqYlbN4SDM1YoLc2Ze
DY0e+1tLLYnIfcdSCW4kA0FodrRqUziZq/bwL3BgPxgAXuVxwRPgESGcV9xFdZOZ
MVbbUXfmHIfSpSo0zkwHSgQrHYws3mYGr7o/+FqCeB28GdMUEgeyYAN7k+Fbm8/M
9GfQ76I0PI8ptyNKEIPl0mOHcpbbAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUaR2N
7KWHisTew2cQwinEJLgKjekwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0MzMDZEQ0UwMzA4NDExRUZCQUYyNURBNDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEAcwDQYJKoZIhvcNAQEL
BQADggEBAJr9gPWY1+uYLtxsc5joGJlqPoR4jWWEuzjBWFhZkAaNnumrXQkHz89n
0ajZdwY9E4DgKLiT2xB4zeUGIfW3K38HH1SKjCs1qa7eeJKDFQPoqZbiRQ3IBnTN
VmcxAFYCxw5OEItp8/41pcKfV1vLsbhzma7lmbAESEGsLCZb7hPpLPLcladpFp+k
PbY+EbkK19cnmRKBA7MDRLN8xvs7Bwdd381H3kAJFZQkfSTAyTWYHNU6cFET8eV6
d7zXJapE+bHbx6hoeTdC/28mcYDkTqCZF51jnGXcyOFYx+y4/omBaDoVK/K+u+HS
mE1d5/UG2QBZAccKE4OSfIteQzlpccA=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org