Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/B4ABD18CA48E11EEB808FE65D25BE465.roa
File:                     B4ABD18CA48E11EEB808FE65D25BE465.roa (raw, json)
Hash identifier:          S5XSL+t01DymTgJeqFWNkxH4TrI/NWZhOLYNwLD+7Qs=
Subject key identifier:   3A:61:36:57:2A:09:67:5E:89:EE:CF:6E:33:B6:7E:88:0B:00:7B:89
Certificate issuer:       /CN=F36C4A3BAF/serialNumber=CEBE99EEB0BE3CE8DB19BA44766CA3E3C807A989
Certificate serial:       03
Authority key identifier: CE:BE:99:EE:B0:BE:3C:E8:DB:19:BA:44:76:6C:A3:E3:C8:07:A9:89
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/zr6Z7rC-POjbGbpEdmyj48gHqYk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/B4ABD18CA48E11EEB808FE65D25BE465.roa
Signing time:             Wed 27 Dec 2023 08:05:32 +0000
ROA not before:           Wed 27 Dec 2023 08:05:28 +0000
ROA not after:            Thu 31 Dec 2043 08:05:28 +0000
asID:                     328728
IP address blocks:        102.222.25.0/24 maxlen: 24
                          2c0f:5140::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/zr6Z7rC-POjbGbpEdmyj48gHqYk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/zr6Z7rC-POjbGbpEdmyj48gHqYk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/zr6Z7rC-POjbGbpEdmyj48gHqYk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C4A3BAF/serialNumber=CEBE99EEB0BE3CE8DB19BA44766CA3E3C807A989
        Validity
            Not Before: Dec 27 08:05:28 2023 GMT
            Not After : Dec 31 08:05:28 2043 GMT
        Subject: CN=658bdacc-ef06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6d:22:77:65:21:83:fa:e0:cb:da:f4:ce:e1:
                    e2:75:44:c7:6b:07:fa:51:d2:68:d2:18:88:06:43:
                    f4:4d:51:62:c9:17:c7:3e:65:fb:e3:f6:c3:8b:e8:
                    fa:58:81:77:ae:ca:27:a1:6f:8f:fe:f0:58:57:68:
                    17:81:49:22:b2:8d:1d:2d:a9:49:e6:10:f4:1f:24:
                    5c:91:58:b6:ab:58:2a:5c:7a:83:de:dc:cd:5e:dd:
                    37:43:3f:6e:5b:ce:2c:38:32:9a:c1:6b:fc:f8:19:
                    ce:4c:cd:a4:e1:60:b6:34:c8:e4:68:c9:18:29:55:
                    9b:bc:9c:a9:f0:d5:e0:39:0c:a1:fa:93:50:6b:ea:
                    32:1f:48:b2:68:7d:c5:c0:f5:e6:f1:cb:7a:1f:b3:
                    99:11:c4:25:8b:30:13:8a:cd:bd:33:0a:0a:a4:55:
                    87:d3:4a:73:94:12:95:2e:42:c0:32:4a:e9:3c:cd:
                    78:b8:d9:8d:72:cf:a8:7a:e5:bc:38:0e:ff:03:29:
                    0f:8b:ef:fe:6e:da:ba:5f:66:2e:d8:f8:8a:34:c3:
                    e6:12:cf:9c:9b:a2:46:be:19:4b:a5:1a:24:36:14:
                    21:02:2b:ae:cb:da:b0:eb:3d:c2:26:cc:43:1b:22:
                    56:13:0a:ac:e2:f4:62:2c:87:2e:67:35:fe:2c:d9:
                    8d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:61:36:57:2A:09:67:5E:89:EE:CF:6E:33:B6:7E:88:0B:00:7B:89
            X509v3 Authority Key Identifier:
                keyid:CE:BE:99:EE:B0:BE:3C:E8:DB:19:BA:44:76:6C:A3:E3:C8:07:A9:89

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/zr6Z7rC-POjbGbpEdmyj48gHqYk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zr6Z7rC-POjbGbpEdmyj48gHqYk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C4A3B/4FAFFDAEA48D11EE88CB8763D25BE465/B4ABD18CA48E11EEB808FE65D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.222.25.0/24
                IPv6:
                  2c0f:5140::/32

    Signature Algorithm: sha256WithRSAEncryption
         76:d7:3f:79:48:b3:58:83:ca:f3:20:85:f2:cd:71:2d:6e:c6:
         cf:6e:a1:2f:52:85:39:a9:e9:c7:c3:d1:44:ba:35:e4:21:69:
         6b:d6:d6:d2:a0:25:55:2d:52:78:ff:15:a6:df:bb:ad:f0:27:
         44:aa:bd:68:0a:33:15:88:24:1e:dd:63:30:23:da:42:df:36:
         14:5e:cb:cc:09:71:87:c6:1f:6b:61:b3:8c:a7:e5:e8:d1:0f:
         83:0a:23:f2:c4:76:55:a4:8d:e9:d7:bf:96:93:ca:be:6b:49:
         bc:02:53:51:2b:ab:b2:44:46:e9:58:7e:04:f8:cb:99:a7:2b:
         40:d4:28:d2:54:36:2a:a0:bf:52:7f:31:63:5a:30:c1:71:f6:
         a8:de:b8:95:c7:d3:b4:b3:fe:fd:f6:8a:51:57:91:43:d2:d7:
         79:0c:cb:5d:80:57:c5:57:3f:5a:b5:a5:a4:dd:fc:ad:eb:bd:
         f8:20:eb:44:77:85:d7:30:51:0b:03:8a:bb:9f:34:e8:fd:c3:
         7c:08:f0:12:d6:e3:d5:eb:0a:01:f3:2a:40:d9:30:96:72:71:
         4f:c9:49:55:c2:d6:aa:74:6f:06:73:1d:1a:3b:9b:5d:8b:82:
         d9:ee:53:bb:8b:3b:6e:b0:e5:4b:f1:fc:cf:65:0e:10:56:7a:
         48:37:77:fa
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
NEEzQkFGMTEwLwYDVQQFEyhDRUJFOTlFRUIwQkUzQ0U4REIxOUJBNDQ3NjZDQTNF
M0M4MDdBOTg5MB4XDTIzMTIyNzA4MDUyOFoXDTQzMTIzMTA4MDUyOFowGDEWMBQG
A1UEAxMNNjU4YmRhY2MtZWYwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1tIndlIYP64Mva9M7h4nVEx2sH+lHSaNIYiAZD9E1RYskXxz5l++P2w4vo
+liBd67KJ6Fvj/7wWFdoF4FJIrKNHS2pSeYQ9B8kXJFYtqtYKlx6g97czV7dN0M/
blvOLDgymsFr/PgZzkzNpOFgtjTI5GjJGClVm7ycqfDV4DkMofqTUGvqMh9Ismh9
xcD15vHLeh+zmRHEJYswE4rNvTMKCqRVh9NKc5QSlS5CwDJK6TzNeLjZjXLPqHrl
vDgO/wMpD4vv/m7aul9mLtj4ijTD5hLPnJuiRr4ZS6UaJDYUIQIrrsvasOs9wibM
QxsiVhMKrOL0YiyHLmc1/izZjVECAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ6YTZX
KglnXonuz24ztn6ICwB7iTAfBgNVHSMEGDAWgBTOvpnusL486NsZukR2bKPjyAep
iTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzRBM0IvNEZBRkZEQUVBNDhEMTFFRTg4Q0I4NzYzRDI1QkU0NjUvenI2Wjdy
Qy1QT2piR2JwRWRteWo0OGdIcVlrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvenI2WjdyQy1QT2piR2JwRWRteWo0OGdIcVlrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QzRBM0IvNEZBRkZEQUVBNDhEMTFFRTg4Q0I4NzYzRDI1
QkU0NjUvQjRBQkQxOENBNDhFMTFFRUI4MDhGRTY1RDI1QkU0NjUucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAGbeGTANBAIAAjAHAwUALA9R
QDANBgkqhkiG9w0BAQsFAAOCAQEAdtc/eUizWIPK8yCF8s1xLW7Gz26hL1KFOanp
x8PRRLo15CFpa9bW0qAlVS1SeP8Vpt+7rfAnRKq9aAozFYgkHt1jMCPaQt82FF7L
zAlxh8Yfa2GzjKfl6NEPgwoj8sR2VaSN6de/lpPKvmtJvAJTUSurskRG6Vh+BPjL
macrQNQo0lQ2KqC/Un8xY1owwXH2qN64lcfTtLP+/faKUVeRQ9LXeQzLXYBXxVc/
WrWlpN38reu9+CDrRHeF1zBRCwOKu5806P3DfAjwEtbj1esKAfMqQNkwlnJxT8lJ
VcLWqnRvBnMdGjubXYuC2e5Tu4s7brDlS/H8z2UOEFZ6SDd3+g==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:10 2024 by rpki-client on console-ams.rpki-client.org