Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/1FECC31AB90411EDABCE3C9AF1222468.roa
File:                     1FECC31AB90411EDABCE3C9AF1222468.roa (raw, json)
Hash identifier:          6Uqqk7kzConxMnvXRs+CVD9wVfEepdxTtUAqdhrHQ0g=
Subject key identifier:   0A:98:B8:89:89:76:66:B1:7C:71:44:A7:A6:61:E2:8C:5F:8A:6C:80
Certificate issuer:       /CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
Certificate serial:       0C
Authority key identifier: 3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/1FECC31AB90411EDABCE3C9AF1222468.roa
Signing time:             Thu 02 Mar 2023 14:11:29 +0000
ROA not before:           Thu 02 Mar 2023 14:11:25 +0000
ROA not after:            Mon 02 Mar 2026 14:11:25 +0000
asID:                     33763
IP address blocks:        41.218.80.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.mft
                          rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12 (0xc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36886B3AF/serialNumber=3D6ED905037C83C573780B0CCDC70D5D8CEF038B
        Validity
            Not Before: Mar  2 14:11:25 2023 GMT
            Not After : Mar  2 14:11:25 2026 GMT
        Subject: CN=6400ae90-32ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a4:4a:ee:ba:85:47:34:8d:0c:b4:8e:21:ab:
                    26:5d:45:ab:c9:45:84:c0:77:25:97:28:7f:a5:b3:
                    bc:f2:43:9c:a5:20:e9:c5:ec:62:4c:a1:a8:33:a5:
                    ff:46:24:c9:63:8b:27:6f:7d:50:03:4a:cd:bd:b5:
                    bd:39:06:30:c1:62:83:4c:fa:f3:2f:64:af:79:14:
                    1d:11:22:62:62:19:36:1c:4c:67:32:c2:b8:00:9e:
                    ce:f1:78:fb:b6:62:a1:bd:dd:25:c9:53:c2:3d:9d:
                    dc:33:61:18:84:fe:d2:76:30:95:a8:d9:18:0e:de:
                    4e:93:c6:d8:a0:46:1c:d4:76:31:1a:7d:73:1a:9f:
                    97:c6:51:04:ab:4f:07:a4:3d:f9:48:ba:a6:56:cb:
                    4e:64:36:69:45:61:2b:db:76:05:03:8b:ee:3f:c8:
                    11:b9:6e:df:5f:49:d8:2a:70:b2:41:eb:a1:8b:dc:
                    67:fd:7d:8b:95:26:90:49:10:55:90:0a:69:23:61:
                    c8:4d:b5:f9:b1:30:4c:0f:24:7e:ab:73:36:21:83:
                    06:46:4d:f8:62:bf:e4:28:23:46:8a:08:fd:8c:7e:
                    e0:2d:ff:7f:f4:b5:58:ff:01:f7:0d:bd:2c:b2:f7:
                    c1:e0:71:ba:89:20:17:58:f4:c8:d2:33:6a:c0:29:
                    4e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:98:B8:89:89:76:66:B1:7C:71:44:A7:A6:61:E2:8C:5F:8A:6C:80
            X509v3 Authority Key Identifier:
                keyid:3D:6E:D9:05:03:7C:83:C5:73:78:0B:0C:CD:C7:0D:5D:8C:EF:03:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/PW7ZBQN8g8VzeAsMzccNXYzvA4s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/PW7ZBQN8g8VzeAsMzccNXYzvA4s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/3535CA1AB8EF11EDA9B341DAF1222468/1FECC31AB90411EDABCE3C9AF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.218.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         83:f0:b9:cc:0a:e7:2c:fa:4d:3f:21:4b:44:29:8d:46:78:c8:
         f1:bb:4e:f2:1d:55:0b:a1:77:d7:50:37:e3:92:7f:f5:88:ca:
         24:b9:5b:33:71:cf:32:19:5e:31:2b:54:8c:fe:e4:02:27:87:
         cb:8a:71:be:9b:ec:d1:66:18:a0:3c:ed:93:6d:31:70:5f:31:
         20:f0:1d:a2:6a:08:83:35:16:d9:9e:57:36:d1:0d:ef:b8:63:
         3b:b5:bb:28:cb:7b:c0:6f:68:f1:8d:ef:64:de:fe:9c:5b:9c:
         05:f0:4a:48:34:de:a0:50:69:24:f9:32:fe:e7:fd:05:f7:26:
         51:aa:ca:bf:6b:89:c5:a6:13:a2:f0:38:81:a9:ab:2f:44:fa:
         d9:5a:25:50:9d:b0:c4:d2:00:1f:1f:93:c2:9a:02:f6:0f:51:
         77:c1:23:00:7b:a8:e5:24:e8:eb:1a:49:bc:fc:b3:4e:b5:3f:
         57:cc:06:c8:28:57:77:24:07:b1:29:ae:bc:15:f6:28:35:0c:
         2e:b3:f8:6c:15:bc:fb:fb:97:fe:9b:e3:7f:b1:cb:1f:59:a3:
         7d:a9:bd:3e:03:12:ae:eb:c0:10:11:49:01:09:22:50:21:43:
         cd:f6:63:ae:bb:b4:98:90:82:47:4c:44:a7:c6:85:f1:df:5c:
         65:83:2c:b4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FGMTEwLwYDVQQFEygzRDZFRDkwNTAzN0M4M0M1NzM3ODBCMENDREM3MEQ1
RDhDRUYwMzhCMB4XDTIzMDMwMjE0MTEyNVoXDTI2MDMwMjE0MTEyNVowGDEWMBQG
A1UEAwwNNjQwMGFlOTAtMzJhZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2kSu66hUc0jQy0jiGrJl1Fq8lFhMB3JZcof6WzvPJDnKUg6cXsYkyhqDOl
/0YkyWOLJ299UANKzb21vTkGMMFig0z68y9kr3kUHREiYmIZNhxMZzLCuACezvF4
+7Ziob3dJclTwj2d3DNhGIT+0nYwlajZGA7eTpPG2KBGHNR2MRp9cxqfl8ZRBKtP
B6Q9+Ui6plbLTmQ2aUVhK9t2BQOL7j/IEblu319J2CpwskHroYvcZ/19i5UmkEkQ
VZAKaSNhyE21+bEwTA8kfqtzNiGDBkZN+GK/5CgjRooI/Yx+4C3/f/S1WP8B9w29
LLL3weBxuokgF1j0yNIzasApTkMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQKmLiJ
iXZmsXxxRKemYeKMX4psgDAfBgNVHSMEGDAWgBQ9btkFA3yDxXN4CwzNxw1djO8D
izAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEyMjI0NjgvUFc3WkJR
TjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvUFc3WkJRTjhnOFZ6ZUFzTXpjY05YWXp2QTRzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODg2QjMvMzUzNUNBMUFCOEVGMTFFREE5QjM0MURBRjEy
MjI0NjgvMUZFQ0MzMUFCOTA0MTFFREFCQ0UzQzlBRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAynaUDANBgkqhkiG9w0BAQsF
AAOCAQEAg/C5zArnLPpNPyFLRCmNRnjI8btO8h1VC6F311A345J/9YjKJLlbM3HP
MhleMStUjP7kAieHy4pxvpvs0WYYoDztk20xcF8xIPAdomoIgzUW2Z5XNtEN77hj
O7W7KMt7wG9o8Y3vZN7+nFucBfBKSDTeoFBpJPky/uf9BfcmUarKv2uJxaYTovA4
gamrL0T62VolUJ2wxNIAHx+TwpoC9g9Rd8EjAHuo5STo6xpJvPyzTrU/V8wGyChX
dyQHsSmuvBX2KDUMLrP4bBW8+/uX/pvjf7HLH1mjfam9PgMSruvAEBFJAQkiUCFD
zfZjrru0mJCCR0xEp8aF8d9cZYMstA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org