Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D57E75F4A01011EE81945645D25BE465.roa
File:                     D57E75F4A01011EE81945645D25BE465.roa (raw, json)
Hash identifier:          Ct+3ruFOUMi8y0MXa4BvnqLVU+Rus4le7XtbzV/ShOU=
Subject key identifier:   20:0F:25:95:92:D0:A4:2B:3B:72:13:81:AA:BB:F0:22:7C:EC:EB:9C
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       13F0
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D57E75F4A01011EE81945645D25BE465.roa
Signing time:             Thu 21 Dec 2023 14:54:26 +0000
ROA not before:           Thu 21 Dec 2023 14:54:22 +0000
ROA not after:            Sun 21 Dec 2025 14:54:22 +0000
asID:                     400909
IP address blocks:        154.16.76.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 20 Jul 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5104 (0x13f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Dec 21 14:54:22 2023 GMT
            Not After : Dec 21 14:54:22 2025 GMT
        Subject: CN=658451a2-29d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4e:7a:0b:da:0a:88:b7:12:00:43:b1:98:e6:
                    0e:b7:34:b4:5c:0a:80:73:9e:36:46:2a:a6:03:96:
                    f6:73:ae:7c:22:10:4c:51:e0:6b:b6:02:14:b9:7a:
                    04:b4:dd:ef:14:ce:f8:42:1f:dc:ee:0a:5c:13:33:
                    ff:15:eb:f8:42:db:e9:b5:e5:82:41:ad:40:2e:5a:
                    8c:49:66:7f:03:2a:fc:55:6a:06:17:4a:4e:9d:47:
                    70:29:c0:09:56:3b:d1:61:62:f5:91:70:e8:80:79:
                    44:96:17:33:23:8e:86:e1:eb:36:9f:08:04:44:9b:
                    35:f0:43:4e:70:c8:92:65:6a:40:84:74:4a:f9:4b:
                    b9:b8:7b:f4:58:cf:ce:92:ee:13:2d:27:18:8d:13:
                    19:88:69:ef:f4:19:e7:27:9b:d8:20:39:cf:99:ba:
                    36:93:df:d7:b9:4f:3b:c4:af:b2:67:92:23:4e:bc:
                    be:5a:a2:41:e6:2c:a1:13:b0:e1:0b:a1:50:a8:8d:
                    19:0e:fb:0c:91:78:74:12:24:a3:95:aa:68:cd:1e:
                    53:a4:7f:b4:58:75:b6:b5:99:eb:61:d7:10:68:99:
                    38:2d:0d:eb:00:95:c5:cf:60:21:fb:eb:79:6a:04:
                    67:6f:93:22:78:d2:3b:ed:65:f4:d5:e4:fa:c6:f3:
                    82:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:0F:25:95:92:D0:A4:2B:3B:72:13:81:AA:BB:F0:22:7C:EC:EB:9C
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/D57E75F4A01011EE81945645D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:6f:91:f8:e0:f2:4b:58:f4:a5:e7:f8:40:8e:d1:39:42:2e:
         18:db:7a:ca:55:04:37:4a:d9:d0:08:0a:16:07:d5:d3:33:bb:
         9e:4c:b0:46:67:41:74:01:ae:ff:9f:02:c9:b5:24:fe:97:f4:
         5e:7a:7d:c8:3f:b9:5f:00:8b:58:75:65:1e:be:e7:28:1f:da:
         e8:5c:29:1b:14:4c:7e:5d:50:21:2d:55:c3:c5:03:29:c7:ea:
         26:b2:ce:e7:66:2f:82:8d:b6:83:2b:1c:91:2a:66:6e:40:c7:
         d0:c5:bb:92:f1:0e:e6:79:27:f9:c3:80:97:67:df:c7:0a:5e:
         bb:d3:5f:3a:57:e7:17:76:19:f9:0a:2b:b8:ea:53:72:7a:50:
         78:fe:56:00:e3:18:70:2a:f7:a6:21:a7:88:65:ee:23:9e:fc:
         a9:08:e6:3d:89:f0:4e:f9:f4:b5:27:12:fd:10:78:f7:2f:45:
         c3:3c:31:05:46:e2:2c:01:3a:53:8b:55:d7:12:56:03:5f:5a:
         c9:d0:31:cc:37:7b:c2:30:2f:d0:50:e6:9e:93:ce:1a:98:51:
         6b:9e:77:80:14:5f:31:04:c4:1f:37:04:af:ab:13:a0:84:01:
         37:d2:38:7d:79:63:be:ad:9b:92:45:46:6c:09:33:6f:00:bd:
         6f:60:9b:5b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICE/AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yMzEyMjExNDU0MjJaFw0yNTEyMjExNDU0MjJaMBgxFjAU
BgNVBAMTDTY1ODQ1MWEyLTI5ZDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9TnoL2gqItxIAQ7GY5g63NLRcCoBznjZGKqYDlvZzrnwiEExR4Gu2AhS5
egS03e8UzvhCH9zuClwTM/8V6/hC2+m15YJBrUAuWoxJZn8DKvxVagYXSk6dR3Ap
wAlWO9FhYvWRcOiAeUSWFzMjjobh6zafCAREmzXwQ05wyJJlakCEdEr5S7m4e/RY
z86S7hMtJxiNExmIae/0Gecnm9ggOc+ZujaT39e5TzvEr7JnkiNOvL5aokHmLKET
sOELoVCojRkO+wyReHQSJKOVqmjNHlOkf7RYdba1meth1xBomTgtDesAlcXPYCH7
63lqBGdvkyJ40jvtZfTV5PrG84JvAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUIA8l
lZLQpCs7chOBqrvwInzs65wwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0Q1N0U3NUY0QTAxMDExRUU4MTk0NTY0NUQyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEEwwDQYJKoZIhvcNAQEL
BQADggEBAKRvkfjg8ktY9KXn+ECO0TlCLhjbespVBDdK2dAIChYH1dMzu55MsEZn
QXQBrv+fAsm1JP6X9F56fcg/uV8Ai1h1ZR6+5ygf2uhcKRsUTH5dUCEtVcPFAynH
6iayzudmL4KNtoMrHJEqZm5Ax9DFu5LxDuZ5J/nDgJdn38cKXrvTXzpX5xd2GfkK
K7jqU3J6UHj+VgDjGHAq96Yhp4hl7iOe/KkI5j2J8E759LUnEv0QePcvRcM8MQVG
4iwBOlOLVdcSVgNfWsnQMcw3e8IwL9BQ5p6TzhqYUWued4AUXzEExB83BK+rE6CE
ATfSOH15Y76tm5JFRmwJM28AvW9gm1s=
-----END CERTIFICATE-----
Generated at Thu Jul 18 01:58:03 2024 by rpki-client on console-ams.rpki-client.org