Route Origin Authorization 

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/48577586FE1C11E8BD980782F8AEA228.roa
File:                     48577586FE1C11E8BD980782F8AEA228.roa (raw, json)
Hash identifier:          H3dWHGNGyzufXdXyAcUTICFJNlUoK78HWc23kkq1F/s=
Subject key identifier:   4C:C7:9F:EF:4E:29:12:F0:AE:AE:87:41:93:59:AE:2F:EB:51:AF:17
Certificate issuer:       /CN=F36D9B5BAF/serialNumber=23F814BB47D5C3AEDD5103F36F5DB8A29BE3D71D
Certificate serial:       0529
Authority key identifier: 23:F8:14:BB:47:D5:C3:AE:DD:51:03:F3:6F:5D:B8:A2:9B:E3:D7:1D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/48577586FE1C11E8BD980782F8AEA228.roa
Signing time:             Wed 12 Dec 2018 14:43:26 +0000
ROA not before:           Wed 12 Dec 2018 14:43:22 +0000
ROA not after:            Tue 12 Dec 2028 14:43:22 +0000
asID:                     32653
IP address blocks:        41.222.48.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1321 (0x529)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D9B5BAF/serialNumber=23F814BB47D5C3AEDD5103F36F5DB8A29BE3D71D
        Validity
            Not Before: Dec 12 14:43:22 2018 GMT
            Not After : Dec 12 14:43:22 2028 GMT
        Subject: CN=5c111e8e-03f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e3:03:07:3b:3a:c6:29:78:e9:43:06:9c:84:
                    5c:99:d2:1e:9e:30:45:63:f8:21:32:b5:a4:e4:17:
                    11:11:4b:c0:1c:d0:cf:79:c7:e3:99:cd:d0:38:95:
                    2e:c1:e2:d3:99:19:d8:8e:2c:a7:40:21:ea:fc:26:
                    df:38:3e:6d:2e:1d:6e:1e:77:64:f9:02:1a:ee:bf:
                    08:fe:cf:67:62:af:f7:ac:e4:25:76:af:1b:4f:fc:
                    ad:e5:8e:8a:6b:ce:f4:f2:c7:f3:65:48:9c:9c:3b:
                    f6:ca:ce:f3:a7:2c:2a:51:ea:40:7e:ec:a3:ac:73:
                    a8:a0:f2:95:48:b8:c0:2c:8e:47:69:08:d3:8b:49:
                    9f:b9:1c:88:0d:53:d2:55:76:1e:ca:96:d8:55:26:
                    cf:39:aa:5e:41:57:d7:ed:ed:7b:01:10:49:9e:73:
                    99:9d:60:dc:6b:d7:1a:a3:07:77:d3:d3:06:b4:88:
                    d6:56:e8:d0:3c:20:b1:f1:02:89:8d:60:02:ca:13:
                    e1:a4:bc:30:3a:1d:cb:d0:51:0b:6a:22:b7:1c:e5:
                    8a:5c:8d:a9:fe:f5:9c:22:55:44:01:04:d8:36:7d:
                    8a:a9:49:4d:fc:c0:43:15:9f:99:fa:17:0d:b4:94:
                    20:e8:41:dc:a5:5b:7e:7b:e8:ac:af:43:1c:ed:92:
                    1d:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:C7:9F:EF:4E:29:12:F0:AE:AE:87:41:93:59:AE:2F:EB:51:AF:17
            X509v3 Authority Key Identifier:
                keyid:23:F8:14:BB:47:D5:C3:AE:DD:51:03:F3:6F:5D:B8:A2:9B:E3:D7:1D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/I_gUu0fVw67dUQPzb124opvj1x0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/I_gUu0fVw67dUQPzb124opvj1x0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D9B5B/9E1BD378135A11E5B68D4286F8AEA228/48577586FE1C11E8BD980782F8AEA228.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.222.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         59:95:50:a1:b0:49:a9:ab:fc:f6:a8:34:ce:4e:c7:37:92:dc:
         b7:f2:2c:3e:9b:d4:2a:5a:a5:b8:d4:6a:ff:88:29:59:3f:2f:
         43:90:27:67:1a:d1:53:a3:cd:d8:31:d6:fa:af:4e:36:47:57:
         de:49:b8:61:0b:c6:fe:a4:6c:9f:2a:a2:1a:2b:46:92:ce:7f:
         77:b9:37:59:02:28:e5:5a:c9:7a:69:0d:17:04:5f:b2:43:1d:
         78:b8:f2:de:a0:ea:4f:4c:8c:7d:95:ad:ac:f5:83:dc:7d:1e:
         09:e6:b5:62:14:aa:ca:af:66:f9:e6:de:ad:35:5d:fc:ef:78:
         35:e1:5f:df:15:6a:6d:99:58:01:7e:ca:08:46:c0:f2:fe:54:
         74:8a:0a:a3:9b:42:99:11:17:5b:38:ca:93:be:fb:5b:1c:99:
         b8:29:d8:24:b6:15:24:fa:18:ab:e1:77:57:f8:8b:68:0d:d6:
         40:46:62:c7:36:01:b5:9e:64:f4:d2:b6:37:dd:fe:6d:34:0d:
         41:7b:44:b7:01:f8:6e:e0:78:00:da:0e:8d:31:f9:5a:c3:1b:
         87:b6:5e:89:cb:1d:63:3e:b3:22:c0:c0:75:60:50:a9:5c:d2:
         8d:19:70:72:fb:67:81:9e:eb:be:8d:03:2f:53:ed:c3:16:ed:
         91:76:9b:e0
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgICBSkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDlCNUJBRjExMC8GA1UEBRMoMjNGODE0QkI0N0Q1QzNBRURENTEwM0YzNkY1REI4
QTI5QkUzRDcxRDAeFw0xODEyMTIxNDQzMjJaFw0yODEyMTIxNDQzMjJaMBgxFjAU
BgNVBAMTDTVjMTExZThlLTAzZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDI4wMHOzrGKXjpQwachFyZ0h6eMEVj+CEytaTkFxERS8Ac0M95x+OZzdA4
lS7B4tOZGdiOLKdAIer8Jt84Pm0uHW4ed2T5Ahruvwj+z2dir/es5CV2rxtP/K3l
joprzvTyx/NlSJycO/bKzvOnLCpR6kB+7KOsc6ig8pVIuMAsjkdpCNOLSZ+5HIgN
U9JVdh7KlthVJs85ql5BV9ft7XsBEEmec5mdYNxr1xqjB3fT0wa0iNZW6NA8ILHx
AomNYALKE+GkvDA6HcvQUQtqIrcc5Ypcjan+9ZwiVUQBBNg2fYqpSU38wEMVn5n6
Fw20lCDoQdylW3576KyvQxztkh2vAgMBAAGjggJuMIICajAdBgNVHQ4EFgQUTMef
704pEvCurodBk1muL+tRrxcwHwYDVR0jBBgwFoAUI/gUu0fVw67dUQPzb124opvj
1x0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQ5QjVCLzlFMUJEMzc4MTM1QTExRTVCNjhENDI4NkY4QUVBMjI4L0lfZ1V1
MGZWdzY3ZFVRUHpiMTI0b3B2ajF4MC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0lfZ1V1MGZWdzY3ZFVRUHpiMTI0b3B2ajF4MC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQ5QjVCLzlFMUJEMzc4MTM1QTExRTVCNjhENDI4NkY4
QUVBMjI4LzQ4NTc3NTg2RkUxQzExRThCRDk4MDc4MkY4QUVBMjI4LnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyneMDANBgkqhkiG9w0BAQsFAAOCAQEA
WZVQobBJqav89qg0zk7HN5Lct/IsPpvUKlqluNRq/4gpWT8vQ5AnZxrRU6PN2DHW
+q9ONkdX3km4YQvG/qRsnyqiGitGks5/d7k3WQIo5VrJemkNFwRfskMdeLjy3qDq
T0yMfZWtrPWD3H0eCea1YhSqyq9m+eberTVd/O94NeFf3xVqbZlYAX7KCEbA8v5U
dIoKo5tCmREXWzjKk777WxyZuCnYJLYVJPoYq+F3V/iLaA3WQEZixzYBtZ5k9NK2
N93+bTQNQXtEtwH4buB4ANoOjTH5WsMbh7ZeicsdYz6zIsDAdWBQqVzSjRlwcvtn
gZ7rvo0DL1PtwxbtkXab4A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 01:34:53 2024 by rpki-client on console-ams.rpki-client.org