Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/46E3DC1EBDC211EFB94F817C762E951A.roa
File:                     46E3DC1EBDC211EFB94F817C762E951A.roa (raw, json)
Hash identifier:          DIQZg9hTqE6G22LlYkgmn0pRqy81IOENor2f9OjRgAI=
Subject key identifier:   21:EE:B6:93:80:38:37:7A:82:1C:F2:D1:3A:50:ED:9E:E9:C9:C3:BB
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       E57D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/46E3DC1EBDC211EFB94F817C762E951A.roa
Signing time:             Thu 19 Dec 2024 04:32:38 +0000
ROA not before:           Thu 19 Dec 2024 04:32:35 +0000
ROA not after:            Wed 10 Dec 2025 04:32:35 +0000
asID:                     984
IP address blocks:        45.206.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58749 (0xe57d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Dec 19 04:32:35 2024 GMT
            Not After : Dec 10 04:32:35 2025 GMT
        Subject: CN=6763a1e6-f8f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:3d:82:3c:64:5f:bb:26:9a:33:d7:46:2f:0d:
                    6d:12:1b:11:d9:88:9f:32:ac:9d:c8:d6:2f:47:1c:
                    34:16:5c:07:89:92:f7:e3:64:1f:d3:2f:ea:8e:73:
                    50:9a:b2:2c:43:63:77:81:c1:0e:0d:ed:e1:08:b2:
                    d6:9e:8b:53:3b:74:37:66:74:42:22:a4:40:6a:da:
                    d0:87:65:a8:f4:2c:31:f1:3c:be:e7:b9:16:fe:e8:
                    f9:43:77:81:ec:72:0d:86:e1:8c:08:6e:8e:72:f6:
                    1b:ff:d1:1c:cb:fb:12:35:49:dc:78:6d:dc:c0:d7:
                    b0:7f:5a:1d:32:d5:e1:9d:f6:6f:5b:2d:3b:de:d4:
                    2e:79:73:67:31:13:4a:eb:3a:47:42:db:f7:92:ce:
                    f0:fd:1e:ee:bb:aa:15:22:a2:ee:a6:57:34:29:2b:
                    56:1f:e7:03:2b:42:d0:cc:3a:64:09:16:a9:1c:99:
                    e7:32:61:f0:d9:6f:2b:f1:6a:a1:cb:f6:87:e6:60:
                    cb:50:d7:45:86:a4:1f:c7:a2:47:69:43:11:2d:13:
                    4a:85:b6:bf:7b:5f:0f:32:51:0f:d0:a9:1f:66:a9:
                    3f:ee:dd:03:8d:4d:a3:5d:a1:f7:28:9d:18:f2:0b:
                    4e:90:34:60:9f:a4:3d:a0:84:53:26:fd:c9:e1:7b:
                    61:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:EE:B6:93:80:38:37:7A:82:1C:F2:D1:3A:50:ED:9E:E9:C9:C3:BB
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/46E3DC1EBDC211EFB94F817C762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.206.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:c7:04:c9:80:4d:83:26:11:54:3b:0c:85:c9:0f:da:22:3d:
         14:4a:e0:0b:4e:ea:c8:c4:ea:eb:f9:bc:cf:6a:0c:e5:18:5c:
         b9:c1:2c:7c:15:18:40:17:58:d3:6c:e1:a5:95:d3:a1:2a:2a:
         8f:27:3a:54:c9:29:b5:cc:bc:c8:d4:ef:9d:fb:6d:d7:f9:75:
         bd:11:f0:aa:39:dd:0b:33:96:78:b6:a5:e9:4c:5c:c8:6d:5a:
         88:74:17:37:a4:05:fd:49:c7:7b:c7:db:62:19:b4:4a:a7:52:
         06:b2:45:76:2f:b8:f6:86:2d:a3:84:39:26:06:8e:18:4a:95:
         0a:6b:bd:22:e4:73:00:25:0d:cd:5e:4d:84:47:de:00:e8:d1:
         67:b7:f8:a3:df:24:63:be:67:f6:c9:bb:77:a8:ba:a5:62:f9:
         40:93:60:05:5e:3e:49:61:bc:f1:11:d7:a9:de:31:44:6b:0b:
         b9:86:e8:6f:31:1a:3f:b7:5e:85:34:d8:da:1e:b9:db:35:4e:
         bd:66:06:44:2f:38:4a:1a:b6:c8:28:ab:b7:74:a4:bb:90:c3:
         a7:77:ee:1b:71:ad:a5:79:05:9b:1f:a6:46:12:d0:68:9f:9e:
         14:a0:08:fa:3b:b6:a0:21:bc:35:88:16:de:39:07:fc:89:bc:
         2a:b4:55:17
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOV9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE5MDQzMjM1WhcNMjUxMjEwMDQzMjM1WjAYMRYw
FAYDVQQDEw02NzYzYTFlNi1mOGYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApD2CPGRfuyaaM9dGLw1tEhsR2YifMqydyNYvRxw0FlwHiZL342Qf0y/q
jnNQmrIsQ2N3gcEODe3hCLLWnotTO3Q3ZnRCIqRAatrQh2Wo9Cwx8Ty+57kW/uj5
Q3eB7HINhuGMCG6OcvYb/9Ecy/sSNUnceG3cwNewf1odMtXhnfZvWy073tQueXNn
MRNK6zpHQtv3ks7w/R7uu6oVIqLuplc0KStWH+cDK0LQzDpkCRapHJnnMmHw2W8r
8Wqhy/aH5mDLUNdFhqQfx6JHaUMRLRNKhba/e18PMlEP0KkfZqk/7t0DjU2jXaH3
KJ0Y8gtOkDRgn6Q9oIRTJv3J4XthowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCHu
tpOAODd6ghzy0TpQ7Z7pycO7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NkUzREMxRUJEQzIxMUVGQjk0RjgxN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc5hMA0GCSqGSIb3DQEBCwUA
A4IBAQA4xwTJgE2DJhFUOwyFyQ/aIj0USuALTurIxOrr+bzPagzlGFy5wSx8FRhA
F1jTbOGlldOhKiqPJzpUySm1zLzI1O+d+23X+XW9EfCqOd0LM5Z4tqXpTFzIbVqI
dBc3pAX9Scd7x9tiGbRKp1IGskV2L7j2hi2jhDkmBo4YSpUKa70i5HMAJQ3NXk2E
R94A6NFnt/ij3yRjvmf2ybt3qLqlYvlAk2AFXj5JYbzxEdep3jFEawu5huhvMRo/
t16FNNjaHrnbNU69ZgZELzhKGrbIKKu3dKS7kMOnd+4bca2leQWbH6ZGEtBon54U
oAj6O7agIbw1iBbeOQf8ibwqtFUX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:07 2025 by rpki-client