Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AFA76EC6C1C11EFB462BBBE762E951A.roa
File:                     0AFA76EC6C1C11EFB462BBBE762E951A.roa (raw, json)
Hash identifier:          k5spwHpnCqag3ymEjBHCeSWzQpBFcxQplOsOXUXqOts=
Subject key identifier:   40:17:EA:A3:D0:CB:61:2C:5A:0D:F3:53:59:74:35:46:55:26:71:19
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       EB41
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AFA76EC6C1C11EFB462BBBE762E951A.roa
Signing time:             Fri 06 Sep 2024 06:48:37 +0000
ROA not before:           Fri 06 Sep 2024 06:48:34 +0000
ROA not after:            Tue 16 Sep 2025 06:48:34 +0000
asID:                     21859
IP address blocks:        154.201.1.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 08:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60225 (0xeb41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Sep  6 06:48:34 2024 GMT
            Not After : Sep 16 06:48:34 2025 GMT
        Subject: CN=66daa5c5-3c20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:45:d7:42:c0:13:61:46:a6:0b:01:f3:03:4e:
                    6a:ea:11:5e:5a:21:53:f0:77:ea:39:24:0e:7a:19:
                    54:ac:db:b2:dd:31:5b:ef:6c:f6:4c:f9:86:be:64:
                    23:95:b8:c0:3f:61:d2:bd:ac:4b:21:30:ca:fa:aa:
                    5a:ed:ed:4c:6a:ed:aa:1d:38:fb:32:04:38:b2:a9:
                    58:5c:fc:b7:48:20:ec:01:6f:f4:4a:c8:28:b8:a4:
                    b1:28:d9:b2:5e:2d:bc:d4:3c:18:01:95:3b:d4:57:
                    49:4b:1c:b8:80:ab:95:e9:b8:ef:30:e0:97:5e:f5:
                    b2:fe:4a:74:df:eb:5d:03:d3:1e:c7:6e:fa:0d:00:
                    f7:da:1c:29:74:58:ef:a2:b7:53:ce:a1:32:ae:80:
                    8e:3d:33:a3:cf:59:b0:f8:c3:c1:70:ff:8f:3f:fd:
                    03:f1:6e:c2:cc:8a:71:94:3b:35:6e:b9:3e:89:0e:
                    fe:12:ac:d0:51:0e:40:12:74:08:28:94:6c:d1:42:
                    65:34:a1:c1:44:68:b2:ed:ee:75:f2:35:f7:57:5f:
                    3d:7e:04:4e:a8:bb:96:30:9f:84:d3:96:6e:cd:c6:
                    b5:50:70:de:7d:77:f7:aa:fa:52:4a:aa:d1:b3:6e:
                    1e:22:e8:f7:84:b7:1c:d4:83:c0:51:c4:e9:91:53:
                    23:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:17:EA:A3:D0:CB:61:2C:5A:0D:F3:53:59:74:35:46:55:26:71:19
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0AFA76EC6C1C11EFB462BBBE762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.201.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:4e:3d:6b:94:cf:85:11:45:af:cb:d0:5c:44:e5:df:b1:52:
         66:fa:4a:e9:20:c6:09:ae:8f:19:dd:62:12:d1:ff:70:31:54:
         b6:65:da:46:4d:94:4a:67:53:b0:99:65:81:ef:51:e1:99:c0:
         ca:94:24:38:1f:be:9f:22:5d:57:f7:dd:d4:be:a1:05:45:0a:
         18:d9:4f:ff:e3:92:f6:81:6a:e7:7b:9b:5b:61:6e:39:b0:7d:
         ad:ce:4c:a3:64:66:25:22:33:c6:8d:f3:4c:8a:57:60:aa:da:
         f8:17:93:ca:bf:9f:0a:c8:04:ac:b3:c3:d5:bb:ef:25:81:c0:
         a9:f7:45:ab:0f:ef:1c:76:42:c6:87:3e:b7:dd:7d:3b:10:67:
         7f:4f:cb:f3:ac:8d:28:3d:f9:4d:92:c0:d5:5d:08:75:a1:75:
         b8:13:10:9a:7f:b4:00:2e:bd:e4:73:aa:a8:70:30:98:50:48:
         fe:82:c4:e2:ba:2e:4f:41:92:ba:b0:cb:74:52:24:a3:4e:47:
         49:9b:83:8f:43:bb:13:54:18:fb:e1:b3:5b:70:90:52:e9:89:
         4e:2e:b5:50:21:d1:9d:8f:12:43:b4:53:46:60:c2:16:54:1e:
         75:2f:36:08:d9:70:b4:d6:cb:f0:16:7d:1a:fd:23:e8:31:5f:
         3d:92:2b:21
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAOtBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQwOTA2MDY0ODM0WhcNMjUwOTE2MDY0ODM0WjAYMRYw
FAYDVQQDEw02NmRhYTVjNS0zYzIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3kXXQsATYUamCwHzA05q6hFeWiFT8HfqOSQOehlUrNuy3TFb72z2TPmG
vmQjlbjAP2HSvaxLITDK+qpa7e1Mau2qHTj7MgQ4sqlYXPy3SCDsAW/0SsgouKSx
KNmyXi281DwYAZU71FdJSxy4gKuV6bjvMOCXXvWy/kp03+tdA9Mex276DQD32hwp
dFjvordTzqEyroCOPTOjz1mw+MPBcP+PP/0D8W7CzIpxlDs1brk+iQ7+EqzQUQ5A
EnQIKJRs0UJlNKHBRGiy7e518jX3V189fgROqLuWMJ+E05Zuzca1UHDefXf3qvpS
SqrRs24eIuj3hLcc1IPAUcTpkVMjaQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEAX
6qPQy2EsWg3zU1l0NUZVJnEZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wQUZBNzZFQzZDMUMxMUVGQjQ2MkJCQkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmskBMA0GCSqGSIb3DQEB
CwUAA4IBAQAVTj1rlM+FEUWvy9BcROXfsVJm+krpIMYJro8Z3WIS0f9wMVS2ZdpG
TZRKZ1OwmWWB71HhmcDKlCQ4H76fIl1X993UvqEFRQoY2U//45L2gWrne5tbYW45
sH2tzkyjZGYlIjPGjfNMildgqtr4F5PKv58KyASss8PVu+8lgcCp90WrD+8cdkLG
hz633X07EGd/T8vzrI0oPflNksDVXQh1oXW4ExCaf7QALr3kc6qocDCYUEj+gsTi
ui5PQZK6sMt0UiSjTkdJm4OPQ7sTVBj74bNbcJBS6YlOLrVQIdGdjxJDtFNGYMIW
VB51LzYI2XC01svwFn0a/SPoMV89kish
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:04:36 2024 by rpki-client on console-fra.rpki-client.org