Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/552CE1ECDAF811EEA4D99275775412E6.roa
File:                     552CE1ECDAF811EEA4D99275775412E6.roa (raw, json)
Hash identifier:          wkB1mtkJEugyp2iTJkAHBblJhG9DrZVheGxQf6n0VdM=
Subject key identifier:   CF:E4:0C:3D:7E:B7:FB:AD:AA:BE:71:E7:86:BA:9E:0C:6D:A9:3F:08
Certificate issuer:       /CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
Certificate serial:       07
Authority key identifier: E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/552CE1ECDAF811EEA4D99275775412E6.roa
Signing time:             Tue 05 Mar 2024 13:57:41 +0000
ROA not before:           Tue 05 Mar 2024 13:57:38 +0000
ROA not after:            Thu 05 Mar 2026 13:57:38 +0000
asID:                     25543
IP address blocks:        41.138.96.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C01B9AF/serialNumber=E2FB6437B4C94D5F51221B1650563A48FF54BE09
        Validity
            Not Before: Mar  5 13:57:38 2024 GMT
            Not After : Mar  5 13:57:38 2026 GMT
        Subject: CN=65e724d5-645b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b9:87:6a:21:0b:08:b9:90:8a:2a:47:d0:7b:
                    5c:cf:ac:8b:e6:a3:4f:30:8e:17:6a:8b:ab:ce:cc:
                    e4:84:c8:6c:32:8c:62:2b:29:2d:ff:68:53:e2:4c:
                    8f:2d:e6:a0:8d:9d:21:75:08:74:ff:19:16:44:05:
                    0d:4c:bf:97:d4:69:85:21:39:65:4f:ab:82:9f:ea:
                    0f:47:f4:57:ee:c9:de:99:ec:d9:f1:7a:d4:41:b7:
                    66:fd:c7:ec:43:ec:db:cf:a9:d8:5d:0b:e5:d9:83:
                    8f:fc:24:90:c6:87:f9:40:b6:2c:ae:6c:3c:c8:ee:
                    a8:0d:f3:e7:28:e1:42:a2:9e:cf:54:45:53:e1:2c:
                    32:9e:0e:dc:25:7f:ab:41:51:e4:a1:ba:fd:3d:60:
                    ad:82:ff:68:2e:4a:62:15:86:9b:fe:96:9f:fa:61:
                    6f:f3:cd:68:68:da:fe:53:db:88:36:4f:36:6b:25:
                    50:da:01:33:a5:72:fa:2d:b2:7a:0d:d9:b7:dc:42:
                    b9:04:4d:20:13:cd:b7:32:da:5f:8c:bb:95:5f:df:
                    e9:fe:8d:04:f1:25:93:3c:21:ab:55:6b:82:2a:c4:
                    60:f0:f4:7e:aa:f9:a0:a4:4d:61:30:6f:ad:0c:90:
                    56:e9:72:1e:d5:5d:67:d8:48:9a:d0:c5:a3:d7:a6:
                    de:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:E4:0C:3D:7E:B7:FB:AD:AA:BE:71:E7:86:BA:9E:0C:6D:A9:3F:08
            X509v3 Authority Key Identifier:
                keyid:E2:FB:64:37:B4:C9:4D:5F:51:22:1B:16:50:56:3A:48:FF:54:BE:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4vtkN7TJTV9RIhsWUFY6SP9Uvgk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C01B9/895D9300DA2E11EEA0B0C4A6775412E6/552CE1ECDAF811EEA4D99275775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.138.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         78:17:f2:15:70:c4:81:da:0b:7a:cc:19:2b:e0:fe:e6:fd:57:
         2c:69:46:f1:26:55:6e:2f:1f:c6:0b:4e:92:ce:4a:f9:c0:fe:
         f1:08:27:18:29:56:0d:53:c8:5b:6a:f2:2d:5a:86:78:67:d5:
         79:31:1e:52:33:b1:59:2c:fa:37:ed:d4:49:1a:59:b5:a4:50:
         0b:95:f3:81:9e:88:e1:76:66:d6:5a:bc:dd:a4:5f:e0:fd:0e:
         0a:05:43:39:90:f8:75:8a:de:c5:d8:5d:44:55:31:0e:fa:b8:
         99:d2:42:bf:4d:9f:c2:be:b6:0d:9a:f4:11:6a:95:73:c5:bc:
         d2:93:d5:c1:66:1f:bc:69:a6:39:c3:3a:86:2a:1d:54:27:3f:
         9c:83:ba:87:57:ec:0e:a6:9e:fa:fa:38:f1:62:a4:92:3b:67:
         65:30:23:af:3f:bc:72:13:e5:60:bf:ec:72:30:86:6b:d8:35:
         b8:04:b8:3d:cf:47:bb:3d:80:00:ff:1b:c7:e4:aa:0a:f9:58:
         10:b1:52:7e:8e:f0:a8:ce:bc:9e:d0:25:6b:78:22:0d:b5:1f:
         a8:a1:c4:d2:42:df:ee:82:44:bf:0b:9f:c4:b3:45:f4:c6:2a:
         53:92:fb:db:b2:4c:49:98:21:a9:33:0a:4f:c0:57:b9:96:e1:
         a1:48:7a:ab
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
MDFCOUFGMTEwLwYDVQQFEyhFMkZCNjQzN0I0Qzk0RDVGNTEyMjFCMTY1MDU2M0E0
OEZGNTRCRTA5MB4XDTI0MDMwNTEzNTczOFoXDTI2MDMwNTEzNTczOFowGDEWMBQG
A1UEAxMNNjVlNzI0ZDUtNjQ1YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa5h2ohCwi5kIoqR9B7XM+si+ajTzCOF2qLq87M5ITIbDKMYispLf9oU+JM
jy3moI2dIXUIdP8ZFkQFDUy/l9RphSE5ZU+rgp/qD0f0V+7J3pns2fF61EG3Zv3H
7EPs28+p2F0L5dmDj/wkkMaH+UC2LK5sPMjuqA3z5yjhQqKez1RFU+EsMp4O3CV/
q0FR5KG6/T1grYL/aC5KYhWGm/6Wn/phb/PNaGja/lPbiDZPNmslUNoBM6Vy+i2y
eg3Zt9xCuQRNIBPNtzLaX4y7lV/f6f6NBPElkzwhq1VrgirEYPD0fqr5oKRNYTBv
rQyQVulyHtVdZ9hImtDFo9em3tMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTP5Aw9
frf7raq+ceeGup4Mbak/CDAfBgNVHSMEGDAWgBTi+2Q3tMlNX1EiGxZQVjpI/1S+
CTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1NDEyRTYvNHZ0a043
VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNHZ0a043VEpUVjlSSWhzV1VGWTZTUDlVdmdrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzAxQjkvODk1RDkzMDBEQTJFMTFFRUEwQjBDNEE2Nzc1
NDEyRTYvNTUyQ0UxRUNEQUY4MTFFRUE0RDk5Mjc1Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBSmKYDANBgkqhkiG9w0BAQsF
AAOCAQEAeBfyFXDEgdoLeswZK+D+5v1XLGlG8SZVbi8fxgtOks5K+cD+8QgnGClW
DVPIW2ryLVqGeGfVeTEeUjOxWSz6N+3USRpZtaRQC5XzgZ6I4XZm1lq83aRf4P0O
CgVDOZD4dYrexdhdRFUxDvq4mdJCv02fwr62DZr0EWqVc8W80pPVwWYfvGmmOcM6
hiodVCc/nIO6h1fsDqae+vo48WKkkjtnZTAjrz+8chPlYL/scjCGa9g1uAS4Pc9H
uz2AAP8bx+SqCvlYELFSfo7wqM68ntAla3giDbUfqKHE0kLf7oJEvwufxLNF9MYq
U5L727JMSZghqTMKT8BXuZbhoUh6qw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org