Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/DCDFFE44216B11EF91D8CC177DDC24C2.roa
File:                     DCDFFE44216B11EF91D8CC177DDC24C2.roa (raw, json)
Hash identifier:          qX1PTVriwlSDQ1zznWEjSNOEWW/errKhB19KwazvHCA=
Subject key identifier:   17:11:A9:79:FA:19:31:30:84:B1:28:59:BD:C4:F6:A1:FB:94:2B:98
Certificate issuer:       /CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
Certificate serial:       019E
Authority key identifier: 87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/DCDFFE44216B11EF91D8CC177DDC24C2.roa
Signing time:             Mon 03 Jun 2024 05:41:02 +0000
ROA not before:           Mon 03 Jun 2024 05:40:59 +0000
ROA not after:            Tue 01 Jan 2030 05:40:59 +0000
asID:                     37684
IP address blocks:        2c0f:f408:1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 414 (0x19e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E2B8CAF/serialNumber=872130E69B3FB8035B1B25D3F6FB974A2A078ECC
        Validity
            Not Before: Jun  3 05:40:59 2024 GMT
            Not After : Jan  1 05:40:59 2030 GMT
        Subject: CN=665d576e-2961
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:03:a4:e4:f5:1f:01:f4:80:cc:a3:e6:9a:1b:
                    66:b6:5b:16:cc:4a:e1:48:31:58:68:d9:32:fe:4e:
                    07:d6:cc:04:04:76:30:23:1e:ea:4d:e3:d0:e4:bb:
                    a1:d6:9e:77:ba:44:4a:5c:d0:03:e4:07:04:8f:3f:
                    0f:13:03:ae:67:9e:9d:f0:50:ea:6b:eb:9c:04:bd:
                    6b:85:97:4f:b6:0c:a2:aa:04:a3:ed:6c:73:40:7e:
                    4d:ac:06:f7:19:ec:39:04:98:ad:5f:bf:64:66:7f:
                    5e:09:8d:79:41:f7:30:ae:f7:ff:fa:03:ca:3f:1c:
                    f5:39:7a:0d:c0:2e:26:cf:57:01:0c:51:22:75:9f:
                    3c:ca:4f:f4:62:28:ef:34:2e:35:c9:94:71:a3:1a:
                    42:59:f8:7e:b8:d7:b7:5e:ef:5f:98:52:74:1d:88:
                    cf:ea:85:53:e3:38:98:8b:9f:db:db:22:96:56:5e:
                    c1:70:bf:67:d4:ea:ee:f4:92:71:6a:94:ed:82:4f:
                    8d:ed:b5:84:25:70:d5:88:42:ef:bb:3a:b7:32:5a:
                    4f:5a:46:cc:35:39:86:02:5e:3b:ef:b2:35:6c:af:
                    8a:a0:ee:82:f6:e8:75:d2:d7:a3:62:bc:3e:8d:ad:
                    34:3a:5a:5d:98:e1:b2:d4:5c:4c:ea:f1:56:82:38:
                    fe:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:11:A9:79:FA:19:31:30:84:B1:28:59:BD:C4:F6:A1:FB:94:2B:98
            X509v3 Authority Key Identifier:
                keyid:87:21:30:E6:9B:3F:B8:03:5B:1B:25:D3:F6:FB:97:4A:2A:07:8E:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/hyEw5ps_uANbGyXT9vuXSioHjsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hyEw5ps_uANbGyXT9vuXSioHjsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E2B8C/C8F9DF1E0B6211EE862D868A4AD9E6FC/DCDFFE44216B11EF91D8CC177DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2c0f:f408:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:cf:70:8d:e8:d3:04:9b:59:f5:53:cd:52:f1:d6:22:61:c8:
         6b:ba:30:2b:29:68:3f:bb:87:10:99:00:b7:bf:8a:1f:b8:50:
         c3:0b:3d:c5:ce:0b:c2:16:b9:13:d7:2a:ce:ec:fa:30:20:95:
         41:b5:e2:06:c7:47:ce:a9:14:6c:2d:71:28:f2:ac:11:c0:3f:
         32:f0:22:a0:41:12:7e:09:8a:0f:e5:8b:91:be:ae:6b:6f:55:
         19:cb:80:22:b9:4b:dd:68:92:25:c0:34:99:d6:2a:a4:2e:aa:
         78:bf:a1:e3:ad:c8:c2:6e:c8:1f:4a:52:fa:5e:40:71:05:6e:
         5f:54:92:d0:90:2e:70:ef:84:96:27:a4:43:8d:22:51:99:45:
         a8:06:b6:63:f6:01:5c:32:c2:46:4e:b7:19:f8:69:d0:c9:a6:
         7c:db:79:86:00:af:54:d8:e0:f2:ba:27:38:18:f7:67:43:33:
         f5:8d:c2:4f:79:f0:e2:70:52:8e:db:84:25:5b:94:ce:a6:4a:
         de:f9:db:7e:6f:fe:3d:1e:99:4e:0f:a3:99:fa:e0:59:cd:dd:
         24:52:64:33:66:f3:d9:58:6a:a1:12:e3:49:31:f1:27:36:f3:
         71:06:9f:47:25:9f:1e:dd:4e:16:60:6a:b9:a3:7c:26:5f:22:
         5a:c3:19:83
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAZ4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RTJCOENBRjExMC8GA1UEBRMoODcyMTMwRTY5QjNGQjgwMzVCMUIyNUQzRjZGQjk3
NEEyQTA3OEVDQzAeFw0yNDA2MDMwNTQwNTlaFw0zMDAxMDEwNTQwNTlaMBgxFjAU
BgNVBAMTDTY2NWQ1NzZlLTI5NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIA6Tk9R8B9IDMo+aaG2a2WxbMSuFIMVho2TL+TgfWzAQEdjAjHupN49Dk
u6HWnne6REpc0APkBwSPPw8TA65nnp3wUOpr65wEvWuFl0+2DKKqBKPtbHNAfk2s
BvcZ7DkEmK1fv2Rmf14JjXlB9zCu9//6A8o/HPU5eg3ALibPVwEMUSJ1nzzKT/Ri
KO80LjXJlHGjGkJZ+H6417de71+YUnQdiM/qhVPjOJiLn9vbIpZWXsFwv2fU6u70
knFqlO2CT43ttYQlcNWIQu+7OrcyWk9aRsw1OYYCXjvvsjVsr4qg7oL26HXS16Ni
vD6NrTQ6Wl2Y4bLUXEzq8VaCOP5NAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUFxGp
efoZMTCEsShZvcT2ofuUK5gwHwYDVR0jBBgwFoAUhyEw5ps/uANbGyXT9vuXSioH
jswwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRBRDlFNkZDL2h5RXc1
cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2h5RXc1cHNfdUFOYkd5WFQ5dnVYU2lvSGpzdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkUyQjhDL0M4RjlERjFFMEI2MjExRUU4NjJEODY4QTRB
RDlFNkZDL0RDREZGRTQ0MjE2QjExRUY5MUQ4Q0MxNzdEREMyNEMyLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAsD/QIAAEwDQYJKoZIhvcN
AQELBQADggEBADHPcI3o0wSbWfVTzVLx1iJhyGu6MCspaD+7hxCZALe/ih+4UMML
PcXOC8IWuRPXKs7s+jAglUG14gbHR86pFGwtcSjyrBHAPzLwIqBBEn4Jig/li5G+
rmtvVRnLgCK5S91okiXANJnWKqQuqni/oeOtyMJuyB9KUvpeQHEFbl9UktCQLnDv
hJYnpEONIlGZRagGtmP2AVwywkZOtxn4adDJpnzbeYYAr1TY4PK6JzgY92dDM/WN
wk958OJwUo7bhCVblM6mSt75235v/j0emU4Po5n64FnN3SRSZDNm89lYaqES40kx
8Sc283EGn0clnx7dThZgarmjfCZfIlrDGYM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:00 2024 by rpki-client on console-fra.rpki-client.org