Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8DAB/78CB9050B9C411E7ADD18C61F8AEA228/DC9DA0E4D58F11EEB154057C775412E6.roa
File:                     DC9DA0E4D58F11EEB154057C775412E6.roa (raw, json)
Hash identifier:          gp7fukfD5fPb1a+zTWjX6E2Nn206G89h7J8+rzHmk5o=
Subject key identifier:   4C:EF:74:3F:FA:D4:4A:96:ED:1B:99:C2:41:18:88:C4:4E:AC:19:91
Certificate issuer:       /CN=F36F8DABAR/serialNumber=9233844E12BC7EEDF436CE1CC99EAE2136472647
Certificate serial:       0950
Authority key identifier: 92:33:84:4E:12:BC:7E:ED:F4:36:CE:1C:C9:9E:AE:21:36:47:26:47
Authority info access:    rsync://rpki.afrinic.net/repository/arin/kjOEThK8fu30Ns4cyZ6uITZHJkc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F8DAB/78CB9050B9C411E7ADD18C61F8AEA228/DC9DA0E4D58F11EEB154057C775412E6.roa
Signing time:             Tue 27 Feb 2024 16:47:15 +0000
ROA not before:           Tue 27 Feb 2024 16:47:12 +0000
ROA not after:            Sun 01 Mar 2026 16:47:12 +0000
asID:                     37314
IP address blocks:        168.155.16.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F8DAB/78CB9050B9C411E7ADD18C61F8AEA228/kjOEThK8fu30Ns4cyZ6uITZHJkc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F8DAB/78CB9050B9C411E7ADD18C61F8AEA228/kjOEThK8fu30Ns4cyZ6uITZHJkc.mft
                          rsync://rpki.afrinic.net/repository/arin/kjOEThK8fu30Ns4cyZ6uITZHJkc.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2384 (0x950)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F8DABAR/serialNumber=9233844E12BC7EEDF436CE1CC99EAE2136472647
        Validity
            Not Before: Feb 27 16:47:12 2024 GMT
            Not After : Mar  1 16:47:12 2026 GMT
        Subject: CN=65de1213-1259
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:fc:7f:a7:e3:b2:91:b0:92:bc:dc:31:e7:6c:
                    96:55:bf:29:50:35:7f:dd:48:e8:b0:b2:1c:58:7a:
                    1d:24:af:57:72:7a:f3:8d:40:49:b4:64:74:78:e9:
                    29:72:36:39:18:e6:c2:2d:ee:58:a9:85:c2:c5:1f:
                    e4:0e:75:38:bc:24:e1:c1:26:c7:8a:62:16:cb:8e:
                    e8:64:25:16:c2:38:9f:ff:d3:52:c9:7b:be:73:26:
                    9d:39:85:c1:bc:ce:59:a7:03:52:1e:1f:96:77:44:
                    c6:41:bf:57:35:cd:75:dd:48:aa:3b:7e:80:89:5a:
                    3c:42:c1:d8:2d:26:7e:cc:84:a7:4b:85:c8:cc:e8:
                    53:9f:1a:8a:e6:b1:9f:27:67:e9:40:ef:45:66:e1:
                    9d:c3:2f:78:bb:5e:09:a0:0e:74:d6:99:87:20:e6:
                    3d:80:bd:c2:59:b8:20:4c:de:66:fd:54:00:6d:5f:
                    c9:11:a8:24:17:b9:d9:5f:e5:c5:61:d9:ac:7b:b8:
                    cc:11:d5:20:aa:54:83:a9:0a:8d:58:02:92:56:b1:
                    58:57:24:5b:8b:2b:65:53:aa:41:81:39:df:8a:ed:
                    f6:ce:63:05:ae:fa:90:97:53:c3:39:59:ea:7c:10:
                    54:7c:ca:e0:64:64:4c:c0:de:72:73:c9:02:03:05:
                    67:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:EF:74:3F:FA:D4:4A:96:ED:1B:99:C2:41:18:88:C4:4E:AC:19:91
            X509v3 Authority Key Identifier:
                keyid:92:33:84:4E:12:BC:7E:ED:F4:36:CE:1C:C9:9E:AE:21:36:47:26:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8DAB/78CB9050B9C411E7ADD18C61F8AEA228/kjOEThK8fu30Ns4cyZ6uITZHJkc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/kjOEThK8fu30Ns4cyZ6uITZHJkc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8DAB/78CB9050B9C411E7ADD18C61F8AEA228/DC9DA0E4D58F11EEB154057C775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.155.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:ff:9b:d5:86:e3:99:2c:d4:f6:71:2a:89:20:04:b7:6c:21:
         55:51:7c:f7:5f:92:14:61:d3:3f:46:6e:30:3b:ad:b4:48:9b:
         a9:95:7d:db:ba:aa:2c:21:b8:d1:7b:2e:8c:48:a1:b0:25:d8:
         42:0a:b9:dd:4d:72:3f:61:d8:c9:4f:44:8a:dd:36:cb:05:4f:
         dc:7a:26:0f:d4:e6:ac:1c:e4:56:0b:68:87:6c:02:64:44:3a:
         c3:d0:31:e0:06:06:50:7c:0e:4e:cd:5a:8f:67:1c:77:6a:14:
         a7:4e:7a:0a:6e:e9:f7:72:c6:a5:4d:b6:36:fa:18:c4:e0:1b:
         0f:2c:a9:f7:e9:0e:76:52:92:87:b6:fe:23:8c:1f:26:a6:63:
         21:a4:93:d2:73:e2:7e:0c:cf:01:ad:2c:69:d3:57:c6:ef:8c:
         88:43:25:ea:41:33:a5:a7:8a:e5:6c:b7:4f:01:3a:08:5b:bb:
         31:57:a8:ac:f8:1e:e1:fc:09:6b:c6:4a:7d:c4:4b:ab:df:64:
         fa:41:07:c5:00:3d:fc:e0:0b:18:5b:29:25:ae:45:c8:5a:be:
         b5:14:2f:9c:80:f3:fa:cf:83:59:6d:09:aa:41:5a:93:d7:b4:
         cd:30:c1:58:2e:33:6b:32:20:85:a3:5f:1a:e0:b3:e2:bc:e5:
         94:80:ea:9f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCVAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjhEQUJBUjExMC8GA1UEBRMoOTIzMzg0NEUxMkJDN0VFREY0MzZDRTFDQzk5RUFF
MjEzNjQ3MjY0NzAeFw0yNDAyMjcxNjQ3MTJaFw0yNjAzMDExNjQ3MTJaMBgxFjAU
BgNVBAMTDTY1ZGUxMjEzLTEyNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDY/H+n47KRsJK83DHnbJZVvylQNX/dSOiwshxYeh0kr1dyevONQEm0ZHR4
6SlyNjkY5sIt7liphcLFH+QOdTi8JOHBJseKYhbLjuhkJRbCOJ//01LJe75zJp05
hcG8zlmnA1IeH5Z3RMZBv1c1zXXdSKo7foCJWjxCwdgtJn7MhKdLhcjM6FOfGorm
sZ8nZ+lA70Vm4Z3DL3i7XgmgDnTWmYcg5j2AvcJZuCBM3mb9VABtX8kRqCQXudlf
5cVh2ax7uMwR1SCqVIOpCo1YApJWsVhXJFuLK2VTqkGBOd+K7fbOYwWu+pCXU8M5
Wep8EFR8yuBkZEzA3nJzyQIDBWdBAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUTO90
P/rUSpbtG5nCQRiIxE6sGZEwHwYDVR0jBBgwFoAUkjOEThK8fu30Ns4cyZ6uITZH
JkcwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY4REFCLzc4Q0I5MDUwQjlDNDExRTdBREQxOEM2MUY4QUVBMjI4L2tqT0VU
aEs4ZnUzME5zNGN5WjZ1SVRaSEprYy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2tqT0VUaEs4ZnUzME5zNGN5WjZ1SVRaSEprYy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkY4REFCLzc4Q0I5MDUwQjlDNDExRTdBREQxOEM2MUY4QUVB
MjI4L0RDOURBMEU0RDU4RjExRUVCMTU0MDU3Qzc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAComxAwDQYJKoZIhvcNAQELBQAD
ggEBAEX/m9WG45ks1PZxKokgBLdsIVVRfPdfkhRh0z9GbjA7rbRIm6mVfdu6qiwh
uNF7LoxIobAl2EIKud1Ncj9h2MlPRIrdNssFT9x6Jg/U5qwc5FYLaIdsAmREOsPQ
MeAGBlB8Dk7NWo9nHHdqFKdOegpu6fdyxqVNtjb6GMTgGw8sqffpDnZSkoe2/iOM
HyamYyGkk9Jz4n4MzwGtLGnTV8bvjIhDJepBM6WniuVst08BOghbuzFXqKz4HuH8
CWvGSn3ES6vfZPpBB8UAPfzgCxhbKSWuRchavrUUL5yA8/rPg1ltCapBWpPXtM0w
wVguM2syIIWjXxrgs+K85ZSA6p8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:32 2024 by rpki-client on console-ams.rpki-client.org