Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DEBCA6AF97011EEB6AD3364017001B1.roa
File:                     4DEBCA6AF97011EEB6AD3364017001B1.roa (raw, json)
Hash identifier:          Wwu8gjRYbS9+b9iZH/vvzDCsnEuFpJ80X0+0PvCDjMo=
Subject key identifier:   71:9A:F8:AC:D2:3D:6C:6C:A2:D8:B1:93:CE:3E:8C:99:DF:53:EE:37
Certificate issuer:       /CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
Certificate serial:       4A
Authority key identifier: E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DEBCA6AF97011EEB6AD3364017001B1.roa
Signing time:             Sat 13 Apr 2024 08:32:03 +0000
ROA not before:           Sat 13 Apr 2024 08:32:00 +0000
ROA not after:            Tue 01 Apr 2025 08:32:00 +0000
asID:                     37739
IP address blocks:        102.209.241.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74 (0x4a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BF59BAF/serialNumber=E036AE08FE03416F58887A9D195DBFD86A25603C
        Validity
            Not Before: Apr 13 08:32:00 2024 GMT
            Not After : Apr  1 08:32:00 2025 GMT
        Subject: CN=661a4303-4037
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:4f:09:5b:95:ce:81:e4:14:8d:fd:63:37:a2:
                    c8:e3:ad:33:2f:98:92:fc:c4:d1:7d:5a:70:ba:d5:
                    ca:e1:92:61:4f:84:75:bd:ca:0b:17:14:8a:17:b0:
                    44:c8:81:2c:69:a1:ea:b8:e4:92:83:5b:7f:1d:fd:
                    07:f8:3b:45:b1:2c:07:10:b3:b5:6d:9a:d2:03:95:
                    ba:64:50:20:9f:17:d7:92:f8:5d:bf:d8:b3:fe:46:
                    c0:df:44:a5:84:c1:83:76:40:82:0a:6e:03:b6:97:
                    98:e0:f5:33:d4:62:21:9a:37:ea:38:76:05:33:2c:
                    aa:33:48:2c:54:d2:8b:5c:3e:df:44:da:4b:f5:df:
                    c5:07:8f:8c:20:50:f9:99:b3:7e:d5:ad:bb:d3:8d:
                    9e:e1:65:1f:26:1d:2e:70:e4:6f:13:36:50:9d:28:
                    a8:87:88:6c:f1:99:04:9a:6c:f2:94:f5:86:b4:5e:
                    1c:04:39:2d:4e:df:53:2d:bb:a8:d3:32:0d:cf:4a:
                    6f:56:dc:05:b4:7c:1b:a1:0b:83:4f:24:b7:03:cb:
                    da:83:a6:19:58:a2:b2:29:9f:cd:38:61:71:1e:e7:
                    56:dd:fc:e6:db:c8:b6:d0:00:d0:0f:20:c4:66:72:
                    e8:93:82:a5:ef:bd:01:5f:f8:1b:68:4c:af:72:8c:
                    e3:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:9A:F8:AC:D2:3D:6C:6C:A2:D8:B1:93:CE:3E:8C:99:DF:53:EE:37
            X509v3 Authority Key Identifier:
                keyid:E0:36:AE:08:FE:03:41:6F:58:88:7A:9D:19:5D:BF:D8:6A:25:60:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DauCP4DQW9YiHqdGV2_2GolYDw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4DauCP4DQW9YiHqdGV2_2GolYDw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BF59B/4AAAA214C75111EEA02EB392775412E6/4DEBCA6AF97011EEB6AD3364017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:07:2c:cf:0a:49:de:4e:16:13:fa:8a:7a:f5:f0:9b:a6:f4:
         5d:1f:7a:12:1e:38:38:24:d7:f2:e0:5e:43:1f:9d:f1:33:ab:
         66:12:0a:68:76:88:52:8c:08:ae:b3:d9:65:4c:4b:2a:8f:89:
         7f:ea:26:6e:70:4c:f0:70:6f:90:da:c6:1c:1f:03:10:82:25:
         69:ab:03:71:ef:52:70:39:d1:68:0e:8a:cb:8e:f9:cc:1f:5b:
         04:13:e0:b1:fa:fe:e7:dc:d9:04:b1:b2:1c:12:70:cd:9a:01:
         84:56:f6:e0:bd:e2:79:fe:7e:fe:ca:af:55:7b:93:62:a9:ba:
         90:e6:b3:d5:87:61:1a:82:ab:a3:d0:48:b1:5c:df:60:12:ee:
         a7:8a:e5:f7:08:18:e0:86:cb:01:42:08:aa:56:5a:04:75:e5:
         a0:a0:6e:92:b9:63:f6:6f:74:da:c7:89:92:39:be:54:4a:7f:
         2a:a4:f3:09:36:c9:ee:a6:b3:37:7c:9b:f4:96:e3:1c:67:b3:
         bf:16:46:ec:12:9e:a0:3f:41:2c:59:ac:90:a5:32:63:1e:33:
         c9:6f:4e:5f:a2:bd:6f:76:c8:97:24:94:9c:30:e0:aa:85:47:
         b0:aa:18:4e:ce:16:1e:5f:e6:72:ee:b3:91:4c:f5:86:ff:6a:
         ff:db:5f:d0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBSjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZC
RjU5QkFGMTEwLwYDVQQFEyhFMDM2QUUwOEZFMDM0MTZGNTg4ODdBOUQxOTVEQkZE
ODZBMjU2MDNDMB4XDTI0MDQxMzA4MzIwMFoXDTI1MDQwMTA4MzIwMFowGDEWMBQG
A1UEAxMNNjYxYTQzMDMtNDAzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZPCVuVzoHkFI39YzeiyOOtMy+YkvzE0X1acLrVyuGSYU+Edb3KCxcUihew
RMiBLGmh6rjkkoNbfx39B/g7RbEsBxCztW2a0gOVumRQIJ8X15L4Xb/Ys/5GwN9E
pYTBg3ZAggpuA7aXmOD1M9RiIZo36jh2BTMsqjNILFTSi1w+30TaS/XfxQePjCBQ
+ZmzftWtu9ONnuFlHyYdLnDkbxM2UJ0oqIeIbPGZBJps8pT1hrReHAQ5LU7fUy27
qNMyDc9Kb1bcBbR8G6ELg08ktwPL2oOmGViisimfzThhcR7nVt385tvIttAA0A8g
xGZy6JOCpe+9AV/4G2hMr3KM4+UCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRxmvis
0j1sbKLYsZPOPoyZ31PuNzAfBgNVHSMEGDAWgBTgNq4I/gNBb1iIep0ZXb/YaiVg
PDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkY1OUIvNEFBQUEyMTRDNzUxMTFFRUEwMkVCMzkyNzc1NDEyRTYvNERhdUNQ
NERRVzlZaUhxZEdWMl8yR29sWUR3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNERhdUNQNERRVzlZaUhxZEdWMl8yR29sWUR3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkY1OUIvNEFBQUEyMTRDNzUxMTFFRUEwMkVCMzkyNzc1
NDEyRTYvNERFQkNBNkFGOTcwMTFFRUI2QUQzMzY0MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbR8TANBgkqhkiG9w0BAQsF
AAOCAQEALAcszwpJ3k4WE/qKevXwm6b0XR96Eh44OCTX8uBeQx+d8TOrZhIKaHaI
UowIrrPZZUxLKo+Jf+ombnBM8HBvkNrGHB8DEIIlaasDce9ScDnRaA6Ky475zB9b
BBPgsfr+59zZBLGyHBJwzZoBhFb24L3ief5+/sqvVXuTYqm6kOaz1YdhGoKro9BI
sVzfYBLup4rl9wgY4IbLAUIIqlZaBHXloKBukrlj9m902seJkjm+VEp/KqTzCTbJ
7qazN3yb9JbjHGezvxZG7BKeoD9BLFmskKUyYx4zyW9OX6K9b3bIlySUnDDgqoVH
sKoYTs4WHl/mcu6zkUz1hv9q/9tf0A==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:10 2024 by rpki-client on console-ams.rpki-client.org