Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BA3E3/826086642E3311ED9DD7C8EFF1222468/1B7E46CE2E3411EDA9B149F1F1222468.roa
File:                     1B7E46CE2E3411EDA9B149F1F1222468.roa (raw, json)
Hash identifier:          OsKqN0NQYr1W3bcA0JvKf2Po9JhfkhdyZ05bwYTd55Y=
Subject key identifier:   9A:61:1F:D9:19:A2:9A:F8:AF:20:ED:B7:4A:CF:C1:8A:AB:19:E6:68
Certificate issuer:       /CN=F36BA3E3AF/serialNumber=AFAC0AB31A4066808F00919F1D828ED7B41AC26A
Certificate serial:       02
Authority key identifier: AF:AC:0A:B3:1A:40:66:80:8F:00:91:9F:1D:82:8E:D7:B4:1A:C2:6A
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/r6wKsxpAZoCPAJGfHYKO17Qawmo.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BA3E3/826086642E3311ED9DD7C8EFF1222468/1B7E46CE2E3411EDA9B149F1F1222468.roa
Signing time:             Tue 06 Sep 2022 22:34:45 +0000
ROA not before:           Wed 07 Sep 2022 22:34:41 +0000
ROA not after:            Wed 30 Apr 2031 22:34:41 +0000
asID:                     327750
IP address blocks:        102.214.112.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BA3E3/826086642E3311ED9DD7C8EFF1222468/r6wKsxpAZoCPAJGfHYKO17Qawmo.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BA3E3/826086642E3311ED9DD7C8EFF1222468/r6wKsxpAZoCPAJGfHYKO17Qawmo.mft
                          rsync://rpki.afrinic.net/repository/afrinic/r6wKsxpAZoCPAJGfHYKO17Qawmo.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BA3E3AF/serialNumber=AFAC0AB31A4066808F00919F1D828ED7B41AC26A
        Validity
            Not Before: Sep  7 22:34:41 2022 GMT
            Not After : Apr 30 22:34:41 2031 GMT
        Subject: CN=6317cb05-f1f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:0d:57:2c:1a:f9:7f:d3:ce:13:72:a5:4e:ee:
                    6c:bb:f2:26:a9:fa:c7:5f:ac:bc:c5:06:9e:cc:75:
                    2a:ad:52:66:37:f6:28:ce:56:5c:3e:7f:ee:2c:f7:
                    6c:a9:b6:1d:33:ac:90:77:87:d5:7a:17:76:85:61:
                    09:3d:d6:25:9a:3e:e9:e7:e2:e9:4b:80:ea:11:55:
                    37:46:f5:00:b3:d3:3b:4c:15:4c:f4:4d:1d:24:15:
                    eb:39:ea:1e:1a:97:b0:98:c2:b6:e8:f8:2b:5a:f8:
                    1a:94:1c:de:90:b9:54:14:3d:62:29:18:6a:f2:84:
                    6a:57:61:a3:2d:4c:b9:f7:b8:83:a7:2a:80:83:11:
                    2d:58:91:f5:43:a5:b6:4e:a1:b2:f4:20:1c:4d:d0:
                    3b:eb:26:0c:3a:50:48:2f:29:8d:7a:26:3a:24:c0:
                    08:f4:10:89:40:b3:3d:43:88:9a:45:19:e6:6d:32:
                    31:fb:3a:47:77:57:a3:b9:7c:a0:e8:31:66:c2:72:
                    15:36:b7:bc:c0:d7:54:af:d1:51:65:e8:3f:7f:27:
                    0a:55:9a:02:62:50:d4:2b:3d:26:30:c3:ba:4a:ac:
                    c8:ef:d2:c1:f5:fb:35:c2:0d:1f:8c:ae:06:77:21:
                    b4:fe:20:b6:81:ce:b5:ca:03:e5:6f:86:c1:fd:ed:
                    e1:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:61:1F:D9:19:A2:9A:F8:AF:20:ED:B7:4A:CF:C1:8A:AB:19:E6:68
            X509v3 Authority Key Identifier:
                keyid:AF:AC:0A:B3:1A:40:66:80:8F:00:91:9F:1D:82:8E:D7:B4:1A:C2:6A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BA3E3/826086642E3311ED9DD7C8EFF1222468/r6wKsxpAZoCPAJGfHYKO17Qawmo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/r6wKsxpAZoCPAJGfHYKO17Qawmo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BA3E3/826086642E3311ED9DD7C8EFF1222468/1B7E46CE2E3411EDA9B149F1F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.214.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:51:20:c1:2f:cf:21:a4:ed:84:3f:b7:e9:38:75:b9:61:6f:
         0d:39:8b:d4:68:69:b1:91:7b:4a:0a:b5:2f:66:a0:a8:89:73:
         04:c5:8d:ff:16:c8:06:02:15:76:60:38:ee:b1:d8:cd:ec:ec:
         f7:9a:9b:9c:ac:01:62:5e:c0:ed:cc:b0:0b:3a:3a:f2:f0:a2:
         a1:f0:d7:c6:b1:52:c3:cc:32:a1:a1:7c:ef:8b:35:ce:84:94:
         cd:78:fe:2a:09:54:3a:e7:cb:bd:7e:a1:46:80:82:04:10:3e:
         c1:4b:41:d7:8d:fc:30:a3:a7:7f:d2:de:61:db:f0:45:0b:9b:
         f9:d8:3e:c6:30:90:42:e8:8e:7a:a5:3d:f2:4a:54:a6:b8:12:
         81:80:da:6f:de:03:4a:65:1a:9a:7b:4e:f4:df:8c:13:9f:ae:
         ca:0c:8f:0e:76:b4:35:36:d8:ab:f0:90:60:87:b0:1e:1b:3f:
         5f:d8:fc:0b:e9:19:1f:fc:9c:ce:09:b9:76:5a:bc:c8:aa:5e:
         69:ef:1e:13:0b:49:8f:46:ed:27:0a:98:c7:7f:df:75:96:57:
         ca:71:08:33:ff:78:45:d8:e9:b8:78:fb:e3:da:f1:b2:2e:2d:
         b5:c2:35:2d:dc:62:34:0f:82:42:31:06:4d:7b:88:6a:6f:34:
         cf:0a:9c:df
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZC
QTNFM0FGMTEwLwYDVQQFEyhBRkFDMEFCMzFBNDA2NjgwOEYwMDkxOUYxRDgyOEVE
N0I0MUFDMjZBMB4XDTIyMDkwNzIyMzQ0MVoXDTMxMDQzMDIyMzQ0MVowGDEWMBQG
A1UEAwwNNjMxN2NiMDUtZjFmOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOINVywa+X/TzhNypU7ubLvyJqn6x1+svMUGnsx1Kq1SZjf2KM5WXD5/7iz3
bKm2HTOskHeH1XoXdoVhCT3WJZo+6efi6UuA6hFVN0b1ALPTO0wVTPRNHSQV6znq
HhqXsJjCtuj4K1r4GpQc3pC5VBQ9YikYavKEaldhoy1Mufe4g6cqgIMRLViR9UOl
tk6hsvQgHE3QO+smDDpQSC8pjXomOiTACPQQiUCzPUOImkUZ5m0yMfs6R3dXo7l8
oOgxZsJyFTa3vMDXVK/RUWXoP38nClWaAmJQ1Cs9JjDDukqsyO/SwfX7NcINH4yu
BnchtP4gtoHOtcoD5W+Gwf3t4fcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSaYR/Z
GaKa+K8g7bdKz8GKqxnmaDAfBgNVHSMEGDAWgBSvrAqzGkBmgI8AkZ8dgo7XtBrC
ajAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkEzRTMvODI2MDg2NjQyRTMzMTFFRDlERDdDOEVGRjEyMjI0NjgvcjZ3S3N4
cEFab0NQQUpHZkhZS08xN1Fhd21vLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvcjZ3S3N4cEFab0NQQUpHZkhZS08xN1Fhd21vLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkEzRTMvODI2MDg2NjQyRTMzMTFFRDlERDdDOEVGRjEy
MjI0NjgvMUI3RTQ2Q0UyRTM0MTFFREE5QjE0OUYxRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbWcDANBgkqhkiG9w0BAQsF
AAOCAQEAO1EgwS/PIaTthD+36Th1uWFvDTmL1GhpsZF7Sgq1L2agqIlzBMWN/xbI
BgIVdmA47rHYzezs95qbnKwBYl7A7cywCzo68vCiofDXxrFSw8wyoaF874s1zoSU
zXj+KglUOufLvX6hRoCCBBA+wUtB1438MKOnf9LeYdvwRQub+dg+xjCQQuiOeqU9
8kpUprgSgYDab94DSmUamntO9N+ME5+uygyPDna0NTbYq/CQYIewHhs/X9j8C+kZ
H/yczgm5dlq8yKpeae8eEwtJj0btJwqYx3/fdZZXynEIM/94RdjpuHj749rxsi4t
tcI1LdxiNA+CQjEGTXuIam80zwqc3w==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:11 2024 by rpki-client on console-fra.rpki-client.org