Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/1E1654C4EEAA11EA8289771CF8AEA228.roa
File:                     1E1654C4EEAA11EA8289771CF8AEA228.roa (raw, json)
Hash identifier:          Dm82340uA0C690wn7sH2AhL9e6hsAhiXi6CDcAUcav4=
Subject key identifier:   B1:52:76:54:A1:30:BB:AB:40:EC:DB:AB:AC:D6:6C:D8:14:33:70:8F
Certificate issuer:       /CN=F369C738AF/serialNumber=01E61C3F96466A5909985476E88479BB7D4112F6
Certificate serial:       02
Authority key identifier: 01:E6:1C:3F:96:46:6A:59:09:98:54:76:E8:84:79:BB:7D:41:12:F6
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/AeYcP5ZGalkJmFR26IR5u31BEvY.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/1E1654C4EEAA11EA8289771CF8AEA228.roa
Signing time:             Fri 04 Sep 2020 12:28:21 +0000
ROA not before:           Fri 04 Sep 2020 12:28:14 +0000
ROA not after:            Fri 07 Sep 2029 12:28:14 +0000
asID:                     15706
IP address blocks:        2001:4228::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AeYcP5ZGalkJmFR26IR5u31BEvY.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AeYcP5ZGalkJmFR26IR5u31BEvY.mft
                          rsync://rpki.afrinic.net/repository/afrinic/AeYcP5ZGalkJmFR26IR5u31BEvY.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369C738AF/serialNumber=01E61C3F96466A5909985476E88479BB7D4112F6
        Validity
            Not Before: Sep  4 12:28:14 2020 GMT
            Not After : Sep  7 12:28:14 2029 GMT
        Subject: CN=5f5232e5-d279
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:4e:e8:7a:e7:51:f8:09:f1:1e:21:30:f7:33:
                    a4:3c:bd:25:74:ad:d8:34:82:79:06:ad:aa:46:98:
                    9e:2e:c1:1d:0a:4a:02:d8:d8:b6:16:76:b1:95:cc:
                    7d:62:d2:15:2c:26:1c:be:6a:89:8d:ec:6e:f2:27:
                    3c:82:d1:5d:12:19:42:81:3f:52:b5:16:b9:38:72:
                    7d:d0:56:6d:92:4a:b0:8f:e5:7a:9f:17:af:a8:3a:
                    30:24:0b:fd:6b:c1:e0:e1:c9:b9:27:80:dc:f9:02:
                    16:6f:57:26:06:b4:fe:a1:cd:3e:45:09:4c:9f:a7:
                    bd:fa:b6:2e:3a:5d:36:82:95:a5:e8:d7:a6:bb:d0:
                    c4:e3:48:4b:4c:24:8e:9b:99:bf:d6:b8:fe:1c:e3:
                    4d:93:93:66:08:3f:7c:68:ca:5e:31:82:0c:33:6a:
                    cc:35:82:18:6f:4e:18:40:ea:dc:bc:38:88:ce:b7:
                    f5:07:50:58:c7:bf:37:eb:b0:e5:9f:4c:8e:80:92:
                    16:54:e8:ab:a1:62:b5:2f:1e:f9:bb:1d:2a:7c:8f:
                    62:64:00:36:48:1b:ec:95:48:b1:c0:42:22:8a:1c:
                    8b:cb:b8:ec:cc:d5:05:9b:67:83:4a:9f:4d:9a:21:
                    c7:86:d3:b8:78:6d:0c:8a:ec:b6:1d:81:9e:9f:82:
                    5f:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:52:76:54:A1:30:BB:AB:40:EC:DB:AB:AC:D6:6C:D8:14:33:70:8F
            X509v3 Authority Key Identifier:
                keyid:01:E6:1C:3F:96:46:6A:59:09:98:54:76:E8:84:79:BB:7D:41:12:F6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/AeYcP5ZGalkJmFR26IR5u31BEvY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/AeYcP5ZGalkJmFR26IR5u31BEvY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369C738/7A0ABF00EEA911EAA287D91BF8AEA228/1E1654C4EEAA11EA8289771CF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:4228::/32

    Signature Algorithm: sha256WithRSAEncryption
         de:d8:72:17:04:0b:95:34:2d:f4:08:e1:71:5d:17:03:5c:aa:
         82:f2:0f:18:02:34:9b:9a:a8:8c:00:7b:99:ee:a0:87:16:5b:
         b2:27:c3:a6:6e:f9:15:2d:27:a1:44:46:89:82:84:a6:0e:d2:
         58:4a:fb:cc:f0:f5:c6:12:e4:0c:cf:12:b4:47:e1:7f:20:40:
         2b:c8:e6:c8:93:5f:c7:df:29:8f:cb:36:92:fa:e6:d5:c7:2e:
         cb:2d:8b:6a:a7:83:3f:08:4c:b2:1c:c1:d8:c5:78:1d:1f:f2:
         49:58:98:f8:bc:5b:f2:42:09:21:73:22:f7:f0:63:98:61:73:
         d5:e6:c4:b3:e2:09:46:49:99:31:a5:51:c6:70:fc:96:96:c5:
         68:b8:ad:93:ee:3f:1e:29:66:62:42:35:22:b1:0d:bd:1e:cf:
         9a:ec:6c:cf:be:26:86:ee:c3:c5:b4:70:03:64:5c:26:f5:29:
         e8:ef:b2:93:58:10:73:fc:6f:7f:28:53:e1:70:9d:d5:d4:08:
         c9:ab:1a:b8:7d:f2:55:c7:f6:32:fe:db:78:09:ab:1b:be:c6:
         af:7a:75:c4:19:23:74:e9:03:42:8e:bd:ae:6c:e2:1e:dc:d3:
         0b:2a:5f:7f:54:6b:e6:ff:6a:05:1e:1a:b0:98:3f:19:fe:84:
         b7:bb:48:dc
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
QzczOEFGMTEwLwYDVQQFEygwMUU2MUMzRjk2NDY2QTU5MDk5ODU0NzZFODg0NzlC
QjdENDExMkY2MB4XDTIwMDkwNDEyMjgxNFoXDTI5MDkwNzEyMjgxNFowGDEWMBQG
A1UEAxMNNWY1MjMyZTUtZDI3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlO6HrnUfgJ8R4hMPczpDy9JXSt2DSCeQatqkaYni7BHQpKAtjYthZ2sZXM
fWLSFSwmHL5qiY3sbvInPILRXRIZQoE/UrUWuThyfdBWbZJKsI/lep8Xr6g6MCQL
/WvB4OHJuSeA3PkCFm9XJga0/qHNPkUJTJ+nvfq2LjpdNoKVpejXprvQxONIS0wk
jpuZv9a4/hzjTZOTZgg/fGjKXjGCDDNqzDWCGG9OGEDq3Lw4iM639QdQWMe/N+uw
5Z9MjoCSFlToq6FitS8e+bsdKnyPYmQANkgb7JVIscBCIooci8u47MzVBZtng0qf
TZohx4bTuHhtDIrsth2Bnp+CXxsCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBSxUnZU
oTC7q0Ds26us1mzYFDNwjzAfBgNVHSMEGDAWgBQB5hw/lkZqWQmYVHbohHm7fUES
9jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUM3MzgvN0EwQUJGMDBFRUE5MTFFQUEyODdEOTFCRjhBRUEyMjgvQWVZY1A1
WkdhbGtKbUZSMjZJUjV1MzFCRXZZLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQWVZY1A1WkdhbGtKbUZSMjZJUjV1MzFCRXZZLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUM3MzgvN0EwQUJGMDBFRUE5MTFFQUEyODdEOTFCRjhB
RUEyMjgvMUUxNjU0QzRFRUFBMTFFQTgyODk3NzFDRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABQigwDQYJKoZIhvcNAQEL
BQADggEBAN7YchcEC5U0LfQI4XFdFwNcqoLyDxgCNJuaqIwAe5nuoIcWW7Inw6Zu
+RUtJ6FERomChKYO0lhK+8zw9cYS5AzPErRH4X8gQCvI5siTX8ffKY/LNpL65tXH
Lssti2qngz8ITLIcwdjFeB0f8klYmPi8W/JCCSFzIvfwY5hhc9XmxLPiCUZJmTGl
UcZw/JaWxWi4rZPuPx4pZmJCNSKxDb0ez5rsbM++Jobuw8W0cANkXCb1KejvspNY
EHP8b38oU+FwndXUCMmrGrh98lXH9jL+23gJqxu+xq96dcQZI3TpA0KOva5s4h7c
0wsqX39Ua+b/agUeGrCYPxn+hLe7SNw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:17 2024 by rpki-client on console-ams.rpki-client.org