Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B583C/5DF79C7C971511ED99F847B8F1222468/42D8842AC8B911EEB1A16678775412E6.roa
File:                     42D8842AC8B911EEB1A16678775412E6.roa (raw, json)
Hash identifier:          C3mZs5QHOXfC0IsvIIhi5X1Y2fyChZBjo50YoxUFcOU=
Subject key identifier:   96:C9:1C:B8:99:EB:83:CA:66:7B:5B:A5:28:48:55:29:B9:EA:E2:12
Certificate issuer:       /CN=F36B583CAF/serialNumber=293E5CFF530308B7F0F6B89E13F70C64F5E1099A
Certificate serial:       01AD
Authority key identifier: 29:3E:5C:FF:53:03:08:B7:F0:F6:B8:9E:13:F7:0C:64:F5:E1:09:9A
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/KT5c_1MDCLfw9rieE_cMZPXhCZo.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B583C/5DF79C7C971511ED99F847B8F1222468/42D8842AC8B911EEB1A16678775412E6.roa
Signing time:             Sun 11 Feb 2024 08:40:51 +0000
ROA not before:           Sun 11 Feb 2024 08:40:48 +0000
ROA not after:            Tue 31 Dec 2024 08:40:48 +0000
asID:                     37558
IP address blocks:        2c0f:3200::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B583C/5DF79C7C971511ED99F847B8F1222468/KT5c_1MDCLfw9rieE_cMZPXhCZo.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B583C/5DF79C7C971511ED99F847B8F1222468/KT5c_1MDCLfw9rieE_cMZPXhCZo.mft
                          rsync://rpki.afrinic.net/repository/afrinic/KT5c_1MDCLfw9rieE_cMZPXhCZo.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 429 (0x1ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B583CAF/serialNumber=293E5CFF530308B7F0F6B89E13F70C64F5E1099A
        Validity
            Not Before: Feb 11 08:40:48 2024 GMT
            Not After : Dec 31 08:40:48 2024 GMT
        Subject: CN=65c88813-5845
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f3:0b:cc:3a:87:ed:ac:aa:7d:36:c1:78:c4:
                    a9:1c:43:08:11:a3:a3:a0:ca:5f:9a:0a:19:8b:00:
                    58:b8:21:db:bd:31:a9:96:cf:87:5f:5f:ba:f1:67:
                    a1:ee:fd:4c:b8:82:02:91:84:4f:72:83:4e:45:61:
                    eb:f4:86:d1:99:22:73:d8:ab:33:9f:99:3c:3d:3a:
                    2b:b4:f5:f1:d8:be:cb:61:16:48:6f:e3:3c:5a:d9:
                    1d:b8:ab:34:39:8e:75:0b:0c:ae:0d:36:3e:ed:18:
                    68:7d:7d:e9:12:60:ca:dc:cd:94:1f:b7:21:e5:bd:
                    65:d6:03:c8:99:ea:85:6e:e7:9b:f0:4c:02:16:e7:
                    f9:85:b4:69:74:47:5e:1e:da:3f:b7:65:63:1f:32:
                    3a:8a:62:ad:98:05:a6:af:e4:37:4d:62:4d:6d:da:
                    92:32:44:29:3e:e1:c4:ec:d2:86:61:86:f4:53:56:
                    e4:81:21:d6:3a:97:64:27:d6:84:95:4f:ba:f5:70:
                    5f:e5:5d:cb:cd:c8:8e:b1:fb:27:ba:84:4c:72:37:
                    0a:c2:d1:bc:c8:22:fb:ad:1a:6a:cc:61:a8:34:93:
                    93:60:49:ba:59:2a:09:c4:9c:1e:fd:7f:bf:53:aa:
                    9f:f0:a4:74:f0:8a:38:3f:18:c7:1c:51:fd:2f:a1:
                    09:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:C9:1C:B8:99:EB:83:CA:66:7B:5B:A5:28:48:55:29:B9:EA:E2:12
            X509v3 Authority Key Identifier:
                keyid:29:3E:5C:FF:53:03:08:B7:F0:F6:B8:9E:13:F7:0C:64:F5:E1:09:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B583C/5DF79C7C971511ED99F847B8F1222468/KT5c_1MDCLfw9rieE_cMZPXhCZo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KT5c_1MDCLfw9rieE_cMZPXhCZo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B583C/5DF79C7C971511ED99F847B8F1222468/42D8842AC8B911EEB1A16678775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:3200::/32

    Signature Algorithm: sha256WithRSAEncryption
         85:d3:be:7c:38:1a:69:26:1b:1c:ea:b8:6a:ea:ee:08:54:41:
         51:1e:66:2a:7d:0b:94:0f:35:cb:f8:4b:c4:4e:8f:e1:7e:8c:
         6d:53:08:0c:2f:2c:5b:c0:74:ae:f2:e9:fd:88:3a:0c:e5:84:
         55:c7:be:0b:fe:d3:7a:c0:c8:ce:d3:0a:64:69:e5:2d:9b:24:
         9c:2f:4d:3f:58:61:a2:a7:14:c3:99:bc:7d:e1:da:89:c0:c0:
         8e:d1:1b:23:dc:a7:9f:49:2f:42:c0:49:88:f1:e5:6d:7f:54:
         04:13:4d:54:52:81:42:9d:7c:c2:cb:76:2b:5a:7a:96:80:73:
         97:fc:35:b3:fc:c3:86:78:f2:4c:26:e5:9c:c3:89:4c:3e:03:
         66:d9:9c:d4:c6:a9:fa:af:da:27:48:d4:4b:f1:af:0b:d5:90:
         14:d8:fb:7a:04:d7:1b:44:9d:25:ea:02:b5:50:05:7b:08:65:
         b4:34:7b:a6:01:72:0c:5f:97:e8:d2:9b:63:2f:a9:6e:a6:16:
         16:36:44:cd:a9:be:04:9c:33:b6:e9:89:c6:56:58:c6:27:b1:
         9b:ac:3e:48:a5:dc:40:54:46:c4:21:00:f5:c1:bf:94:97:ff:
         4a:3f:67:26:35:d1:19:55:ed:eb:a3:5f:e8:90:22:c6:d1:61:
         1f:2d:f4:d9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAa0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QjU4M0NBRjExMC8GA1UEBRMoMjkzRTVDRkY1MzAzMDhCN0YwRjZCODlFMTNGNzBD
NjRGNUUxMDk5QTAeFw0yNDAyMTEwODQwNDhaFw0yNDEyMzEwODQwNDhaMBgxFjAU
BgNVBAMTDTY1Yzg4ODEzLTU4NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDP8wvMOoftrKp9NsF4xKkcQwgRo6Ogyl+aChmLAFi4Idu9MamWz4dfX7rx
Z6Hu/Uy4ggKRhE9yg05FYev0htGZInPYqzOfmTw9Oiu09fHYvsthFkhv4zxa2R24
qzQ5jnULDK4NNj7tGGh9fekSYMrczZQftyHlvWXWA8iZ6oVu55vwTAIW5/mFtGl0
R14e2j+3ZWMfMjqKYq2YBaav5DdNYk1t2pIyRCk+4cTs0oZhhvRTVuSBIdY6l2Qn
1oSVT7r1cF/lXcvNyI6x+ye6hExyNwrC0bzIIvutGmrMYag0k5NgSbpZKgnEnB79
f79Tqp/wpHTwijg/GMccUf0voQkpAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUlskc
uJnrg8pme1ulKEhVKbnq4hIwHwYDVR0jBBgwFoAUKT5c/1MDCLfw9rieE/cMZPXh
CZowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI1ODNDLzVERjc5QzdDOTcxNTExRUQ5OUY4NDdCOEYxMjIyNDY4L0tUNWNf
MU1EQ0xmdzlyaWVFX2NNWlBYaENaby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0tUNWNfMU1EQ0xmdzlyaWVFX2NNWlBYaENaby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkI1ODNDLzVERjc5QzdDOTcxNTExRUQ5OUY4NDdCOEYx
MjIyNDY4LzQyRDg4NDJBQzhCOTExRUVCMUExNjY3ODc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAsDzIAMA0GCSqGSIb3DQEB
CwUAA4IBAQCF0758OBppJhsc6rhq6u4IVEFRHmYqfQuUDzXL+EvETo/hfoxtUwgM
LyxbwHSu8un9iDoM5YRVx74L/tN6wMjO0wpkaeUtmyScL00/WGGipxTDmbx94dqJ
wMCO0Rsj3KefSS9CwEmI8eVtf1QEE01UUoFCnXzCy3YrWnqWgHOX/DWz/MOGePJM
JuWcw4lMPgNm2ZzUxqn6r9onSNRL8a8L1ZAU2Pt6BNcbRJ0l6gK1UAV7CGW0NHum
AXIMX5fo0ptjL6luphYWNkTNqb4EnDO26YnGVljGJ7GbrD5IpdxAVEbEIQD1wb+U
l/9KP2cmNdEZVe3ro1/okCLG0WEfLfTZ
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:11 2024 by rpki-client on console-fra.rpki-client.org