Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/00B7F584BC6F11EBA8E6F87BF8AEA228.roa
File:                     00B7F584BC6F11EBA8E6F87BF8AEA228.roa (raw, json)
Hash identifier:          oRUitkfYnOVYrWm7gAhhJm5N84mBlmPx2xGVbvpcz1g=
Subject key identifier:   40:37:C9:C1:84:8F:DB:BE:52:EF:0A:5A:DC:60:58:80:73:8F:1A:BB
Certificate issuer:       /CN=F3682C09AF/serialNumber=D447431327ABE8B6A66030848FFD0D969C570ABD
Certificate serial:       04
Authority key identifier: D4:47:43:13:27:AB:E8:B6:A6:60:30:84:8F:FD:0D:96:9C:57:0A:BD
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/1EdDEyer6LamYDCEj_0NlpxXCr0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/00B7F584BC6F11EBA8E6F87BF8AEA228.roa
Signing time:             Mon 24 May 2021 09:04:10 +0000
ROA not before:           Mon 24 May 2021 09:04:07 +0000
ROA not after:            Fri 24 May 2030 09:04:07 +0000
asID:                     328848
IP address blocks:        2c0f:2600::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/1EdDEyer6LamYDCEj_0NlpxXCr0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/1EdDEyer6LamYDCEj_0NlpxXCr0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/1EdDEyer6LamYDCEj_0NlpxXCr0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682C09AF/serialNumber=D447431327ABE8B6A66030848FFD0D969C570ABD
        Validity
            Not Before: May 24 09:04:07 2021 GMT
            Not After : May 24 09:04:07 2030 GMT
        Subject: CN=60ab6c0a-ffe4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:b4:77:99:d0:14:90:cf:1e:7c:75:a6:17:aa:
                    2e:b9:54:42:3c:52:39:0b:78:e6:4a:0b:ce:ec:a3:
                    85:84:88:35:38:74:12:dc:e8:17:69:a6:74:fb:56:
                    26:80:50:b5:6f:7f:e9:f7:fd:c9:1f:8f:7b:f7:18:
                    5b:b4:b5:64:55:09:7d:4b:3f:97:5d:b8:d6:56:60:
                    98:76:64:f9:96:15:a6:10:1f:6f:b4:41:12:51:62:
                    ae:77:99:c7:9e:a0:b2:e3:dc:de:9f:af:a4:6e:14:
                    af:e1:db:51:70:27:f9:b7:f2:f6:9c:1c:26:57:17:
                    24:b0:36:34:31:53:b2:63:ab:42:1f:1a:6a:ba:5d:
                    e3:b5:dc:6f:30:74:51:de:c4:7b:91:05:ec:21:2c:
                    b5:ab:28:de:90:28:33:97:f4:ff:ce:df:37:4a:10:
                    17:c2:45:7c:ef:5f:4e:6b:75:12:df:eb:d8:73:ba:
                    8d:93:3d:10:51:a4:c4:54:16:cc:41:71:10:43:4f:
                    6f:c9:4b:3b:09:c2:9c:41:a5:42:83:ea:e2:b3:72:
                    fc:76:96:34:16:02:96:65:fd:b5:4e:b2:e1:aa:59:
                    64:59:d7:6c:07:1b:6d:d9:ba:25:72:a1:4d:83:07:
                    80:b4:fd:77:d1:0b:77:41:3c:7c:f0:f1:26:8f:3e:
                    c6:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:37:C9:C1:84:8F:DB:BE:52:EF:0A:5A:DC:60:58:80:73:8F:1A:BB
            X509v3 Authority Key Identifier:
                keyid:D4:47:43:13:27:AB:E8:B6:A6:60:30:84:8F:FD:0D:96:9C:57:0A:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/1EdDEyer6LamYDCEj_0NlpxXCr0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/1EdDEyer6LamYDCEj_0NlpxXCr0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682C09/A543F2ACBC6E11EBB372737BF8AEA228/00B7F584BC6F11EBA8E6F87BF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:2600::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:93:d0:a3:6e:dc:96:8d:83:81:58:0a:e5:49:9f:60:2a:80:
         c0:34:d6:5f:04:c0:9c:1d:2f:fd:74:53:a0:ee:6d:48:a0:29:
         17:3e:61:70:a6:6c:fc:ea:a8:1f:1f:fc:32:05:47:6f:b6:f8:
         78:d7:86:d4:8c:eb:2b:43:84:af:e1:87:25:32:22:eb:08:52:
         93:0c:e9:de:3c:e9:44:02:97:6a:4a:75:3d:05:e7:a0:05:52:
         2e:ed:30:34:5c:74:18:b1:f9:0e:1b:a2:0b:0f:29:3c:f7:26:
         f6:5c:c9:b3:e2:a4:1f:56:75:eb:f8:24:64:15:e3:a4:df:e7:
         d8:40:55:4a:35:a3:f7:68:3f:0d:e7:a9:27:de:a4:db:43:1d:
         62:af:94:fd:a9:de:0b:85:e4:92:f0:ef:c9:08:d0:40:d8:47:
         0d:bb:e5:7a:be:a9:2d:97:99:8d:72:53:ce:6e:83:8a:d6:80:
         70:08:84:da:99:e8:00:0d:a0:6f:55:cb:55:19:a8:9b:16:3f:
         22:87:0a:cd:8b:0e:b5:39:f4:1d:8e:5e:b6:45:f9:e6:04:cb:
         cf:29:16:0d:b4:ef:23:17:e7:c7:ed:d7:d2:a9:6c:e5:db:ed:
         11:cf:ec:e7:81:7a:1e:8a:86:d6:ef:5c:09:51:6a:59:f2:b4:
         d3:60:18:23
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
MkMwOUFGMTEwLwYDVQQFEyhENDQ3NDMxMzI3QUJFOEI2QTY2MDMwODQ4RkZEMEQ5
NjlDNTcwQUJEMB4XDTIxMDUyNDA5MDQwN1oXDTMwMDUyNDA5MDQwN1owGDEWMBQG
A1UEAxMNNjBhYjZjMGEtZmZlNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPm0d5nQFJDPHnx1pheqLrlUQjxSOQt45koLzuyjhYSINTh0EtzoF2mmdPtW
JoBQtW9/6ff9yR+Pe/cYW7S1ZFUJfUs/l1241lZgmHZk+ZYVphAfb7RBElFirneZ
x56gsuPc3p+vpG4Ur+HbUXAn+bfy9pwcJlcXJLA2NDFTsmOrQh8aarpd47XcbzB0
Ud7Ee5EF7CEstaso3pAoM5f0/87fN0oQF8JFfO9fTmt1Et/r2HO6jZM9EFGkxFQW
zEFxEENPb8lLOwnCnEGlQoPq4rNy/HaWNBYClmX9tU6y4apZZFnXbAcbbdm6JXKh
TYMHgLT9d9ELd0E8fPDxJo8+xqkCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBRAN8nB
hI/bvlLvClrcYFiAc48auzAfBgNVHSMEGDAWgBTUR0MTJ6votqZgMISP/Q2WnFcK
vTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODJDMDkvQTU0M0YyQUNCQzZFMTFFQkIzNzI3MzdCRjhBRUEyMjgvMUVkREV5
ZXI2TGFtWURDRWpfME5scHhYQ3IwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMUVkREV5ZXI2TGFtWURDRWpfME5scHhYQ3IwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODJDMDkvQTU0M0YyQUNCQzZFMTFFQkIzNzI3MzdCRjhB
RUEyMjgvMDBCN0Y1ODRCQzZGMTFFQkE4RTZGODdCRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACwPJgAwDQYJKoZIhvcNAQEL
BQADggEBAK6T0KNu3JaNg4FYCuVJn2AqgMA01l8EwJwdL/10U6DubUigKRc+YXCm
bPzqqB8f/DIFR2+2+HjXhtSM6ytDhK/hhyUyIusIUpMM6d486UQCl2pKdT0F56AF
Ui7tMDRcdBix+Q4bogsPKTz3JvZcybPipB9Wdev4JGQV46Tf59hAVUo1o/doPw3n
qSfepNtDHWKvlP2p3guF5JLw78kI0EDYRw275Xq+qS2XmY1yU85ug4rWgHAIhNqZ
6AANoG9Vy1UZqJsWPyKHCs2LDrU59B2OXrZF+eYEy88pFg207yMX58ft19KpbOXb
7RHP7OeBeh6KhtbvXAlRalnytNNgGCM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org