Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369EC27/F804A1AADD1C11ED9D7CEDCD2F6D8C1D/28E4C952DD1E11ED9DD29CD12F6D8C1D.roa
File:                     28E4C952DD1E11ED9DD29CD12F6D8C1D.roa (raw, json)
Hash identifier:          89V7HDkOzxSFZWW4ZtjKFLvYB7+OW1sQEP+YyD51Nf8=
Subject key identifier:   F0:94:3F:B7:A5:18:C6:D2:AF:2A:10:F9:45:14:0D:04:CC:48:DA:9C
Certificate issuer:       /CN=F369EC27AF/serialNumber=15E713FD7B620CE3C99354A07D37BA8371329B47
Certificate serial:       02
Authority key identifier: 15:E7:13:FD:7B:62:0C:E3:C9:93:54:A0:7D:37:BA:83:71:32:9B:47
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/FecT_XtiDOPJk1SgfTe6g3Eym0c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369EC27/F804A1AADD1C11ED9D7CEDCD2F6D8C1D/28E4C952DD1E11ED9DD29CD12F6D8C1D.roa
Signing time:             Mon 17 Apr 2023 12:48:32 +0000
ROA not before:           Mon 17 Apr 2023 12:48:30 +0000
ROA not after:            Sat 30 Apr 2033 12:48:30 +0000
asID:                     0
IP address blocks:        196.49.90.0/24 maxlen: 24
                          2001:43f8:1690::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369EC27/F804A1AADD1C11ED9D7CEDCD2F6D8C1D/FecT_XtiDOPJk1SgfTe6g3Eym0c.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369EC27/F804A1AADD1C11ED9D7CEDCD2F6D8C1D/FecT_XtiDOPJk1SgfTe6g3Eym0c.mft
                          rsync://rpki.afrinic.net/repository/afrinic/FecT_XtiDOPJk1SgfTe6g3Eym0c.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369EC27AF/serialNumber=15E713FD7B620CE3C99354A07D37BA8371329B47
        Validity
            Not Before: Apr 17 12:48:30 2023 GMT
            Not After : Apr 30 12:48:30 2033 GMT
        Subject: CN=643d4020-986e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:c5:e4:37:72:18:db:5c:c1:28:c0:da:e4:29:
                    57:b8:b5:47:12:c0:6c:58:e2:ae:d2:4c:fe:e3:e7:
                    e4:2b:da:39:2e:c6:46:fc:94:54:e9:da:4e:44:72:
                    29:3b:b9:9f:80:1b:d3:99:8b:28:46:ad:1c:d1:ec:
                    a6:d3:88:f8:9e:17:28:72:1a:90:9c:8a:b1:c5:c7:
                    da:7c:3b:63:a8:5c:0e:c8:8e:b2:0d:0c:0a:4e:ff:
                    19:71:5d:dc:28:76:39:27:c4:83:7c:67:3d:9d:b5:
                    5e:77:46:a6:9e:e4:28:e8:e9:1f:75:38:f0:ce:58:
                    d2:b3:47:18:5a:0c:c5:cc:81:cf:4a:ad:23:25:81:
                    bf:fc:06:6d:64:ca:cb:24:bd:92:fc:f7:c3:32:f1:
                    8a:44:47:77:11:f1:ad:5b:1d:35:10:24:24:02:35:
                    3d:0e:d0:b6:89:a0:dd:c1:ef:65:0d:6a:70:27:81:
                    a5:5a:68:8b:68:70:f6:c2:a0:fc:cd:5c:f6:97:c8:
                    72:08:bd:13:48:b3:7d:42:8f:a2:8a:76:ef:67:3c:
                    0f:b4:bb:e2:eb:b2:db:06:ea:fd:b6:31:6a:c2:de:
                    80:33:8b:4b:1e:1a:73:c1:a5:9d:87:54:c5:72:01:
                    d6:74:d1:b4:83:1f:3c:1a:79:e4:f1:74:16:40:b2:
                    2e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:94:3F:B7:A5:18:C6:D2:AF:2A:10:F9:45:14:0D:04:CC:48:DA:9C
            X509v3 Authority Key Identifier:
                keyid:15:E7:13:FD:7B:62:0C:E3:C9:93:54:A0:7D:37:BA:83:71:32:9B:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369EC27/F804A1AADD1C11ED9D7CEDCD2F6D8C1D/FecT_XtiDOPJk1SgfTe6g3Eym0c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/FecT_XtiDOPJk1SgfTe6g3Eym0c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369EC27/F804A1AADD1C11ED9D7CEDCD2F6D8C1D/28E4C952DD1E11ED9DD29CD12F6D8C1D.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.49.90.0/24
                IPv6:
                  2001:43f8:1690::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:df:79:a6:f8:36:ef:f8:c0:36:80:31:c2:c7:4a:1f:0d:3a:
         52:f8:f2:43:20:6f:ff:ac:1d:9f:13:35:5b:18:05:4c:b7:9b:
         9a:98:bf:23:10:23:89:c7:15:e7:b6:15:a0:d0:5d:87:42:3e:
         4c:ba:53:11:ec:3b:ff:4c:3c:2c:c8:cf:c3:42:84:72:ee:5b:
         32:95:e0:9f:68:8a:61:8b:48:17:d5:43:d2:e4:60:1d:93:27:
         ed:dd:d2:81:da:59:28:6e:63:26:76:0b:0c:27:c7:4c:ab:17:
         ea:e1:c5:1e:b1:e1:bb:98:aa:6c:33:7c:aa:f2:aa:e3:4d:5f:
         05:73:ab:47:81:4a:05:2d:04:b2:4e:6e:ca:6c:7d:6d:b3:88:
         9f:3b:c7:0a:33:82:98:12:fc:59:25:0a:00:9a:04:ea:6c:4d:
         f9:f7:2b:5e:3f:1a:18:fe:3e:09:5b:89:69:af:02:db:ac:32:
         e1:85:bf:b9:71:7c:95:01:a2:43:a5:1e:72:ee:ac:d0:08:2b:
         88:ce:f2:d7:19:8e:d0:d5:da:18:09:42:2e:fa:b0:84:67:3d:
         bf:84:62:35:bc:c0:2d:ba:9d:0f:87:14:f4:cf:b2:0f:6d:71:
         e4:59:aa:9a:06:a1:82:59:03:7e:20:f5:a1:35:c7:a9:cd:8d:
         27:77:84:43
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY5
RUMyN0FGMTEwLwYDVQQFEygxNUU3MTNGRDdCNjIwQ0UzQzk5MzU0QTA3RDM3QkE4
MzcxMzI5QjQ3MB4XDTIzMDQxNzEyNDgzMFoXDTMzMDQzMDEyNDgzMFowGDEWMBQG
A1UEAwwNNjQzZDQwMjAtOTg2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXF5DdyGNtcwSjA2uQpV7i1RxLAbFjirtJM/uPn5CvaOS7GRvyUVOnaTkRy
KTu5n4Ab05mLKEatHNHsptOI+J4XKHIakJyKscXH2nw7Y6hcDsiOsg0MCk7/GXFd
3Ch2OSfEg3xnPZ21XndGpp7kKOjpH3U48M5Y0rNHGFoMxcyBz0qtIyWBv/wGbWTK
yyS9kvz3wzLxikRHdxHxrVsdNRAkJAI1PQ7Qtomg3cHvZQ1qcCeBpVpoi2hw9sKg
/M1c9pfIcgi9E0izfUKPoop272c8D7S74uuy2wbq/bYxasLegDOLSx4ac8GlnYdU
xXIB1nTRtIMfPBp55PF0FkCyLtMCAwEAAaOCArYwggKyMB0GA1UdDgQWBBTwlD+3
pRjG0q8qEPlFFA0EzEjanDAfBgNVHSMEGDAWgBQV5xP9e2IM48mTVKB9N7qDcTKb
RzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUVDMjcvRjgwNEExQUFERDFDMTFFRDlEN0NFRENEMkY2RDhDMUQvRmVjVF9Y
dGlET1BKazFTZ2ZUZTZnM0V5bTBjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvRmVjVF9YdGlET1BKazFTZ2ZUZTZnM0V5bTBjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUVDMjcvRjgwNEExQUFERDFDMTFFRDlEN0NFRENEMkY2
RDhDMUQvMjhFNEM5NTJERDFFMTFFRDlERDI5Q0QxMkY2RDhDMUQucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMQxWjAPBAIAAjAJAwcAIAFD
+BaQMA0GCSqGSIb3DQEBCwUAA4IBAQB/33mm+Dbv+MA2gDHCx0ofDTpS+PJDIG//
rB2fEzVbGAVMt5uamL8jECOJxxXnthWg0F2HQj5MulMR7Dv/TDwsyM/DQoRy7lsy
leCfaIphi0gX1UPS5GAdkyft3dKB2lkobmMmdgsMJ8dMqxfq4cUeseG7mKpsM3yq
8qrjTV8Fc6tHgUoFLQSyTm7KbH1ts4ifO8cKM4KYEvxZJQoAmgTqbE359ytePxoY
/j4JW4lprwLbrDLhhb+5cXyVAaJDpR5y7qzQCCuIzvLXGY7Q1doYCUIu+rCEZz2/
hGI1vMAtup0PhxT0z7IPbXHkWaqaBqGCWQN+IPWhNcepzY0nd4RD
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:11:38 2024 by rpki-client on console-fra.rpki-client.org