Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/E9565664A66A11ED9D8DBBC6F1222468.roa
File:                     E9565664A66A11ED9D8DBBC6F1222468.roa (raw, json)
Hash identifier:          igWwj1D7PXW+lm7Yv5pYKjKaQBpnB+uG/EQYZ1QRzVU=
Subject key identifier:   EB:DE:CB:90:76:E9:63:5E:C6:9C:7A:FA:53:C4:A0:4E:F7:90:95:A9
Certificate issuer:       /CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
Certificate serial:       0207
Authority key identifier: DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/E9565664A66A11ED9D8DBBC6F1222468.roa
Signing time:             Mon 06 Feb 2023 22:09:23 +0000
ROA not before:           Tue 07 Feb 2023 22:09:19 +0000
ROA not after:            Fri 07 Feb 2025 22:09:19 +0000
asID:                     21003
IP address blocks:        41.252.0.0/14 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 519 (0x207)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F8F4FAF/serialNumber=DC17A0EC58652D31896123A65610C3A32046556B
        Validity
            Not Before: Feb  7 22:09:19 2023 GMT
            Not After : Feb  7 22:09:19 2025 GMT
        Subject: CN=63e17a93-e636
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e8:d9:d9:81:04:62:49:a1:97:81:6d:fe:16:
                    29:97:d8:bb:e8:19:c1:c8:d4:54:38:a6:cc:73:da:
                    2b:65:79:c9:5e:01:81:a2:8d:95:e1:ee:86:ff:35:
                    aa:27:18:fa:f6:38:93:30:b5:cc:6c:47:51:4f:61:
                    ea:70:91:6e:bf:c2:b5:7d:d7:02:a8:ec:d3:92:39:
                    51:6c:c8:3d:15:96:2f:0c:5f:1e:e4:c7:9d:f1:90:
                    a4:02:5c:57:7a:6b:f6:8c:aa:5a:82:eb:88:50:18:
                    63:12:1c:62:de:d7:b7:dd:a7:49:b8:c3:e0:f8:09:
                    52:59:b9:b2:f2:f5:14:d3:78:de:10:ab:39:b2:05:
                    11:01:49:a5:99:dc:a6:81:a1:4b:af:bc:26:99:97:
                    a1:ed:8b:5e:6b:bc:c1:37:d7:f2:d1:81:cc:ff:1a:
                    90:3d:36:db:4a:ae:db:fe:f1:d3:08:2a:c0:44:f6:
                    a3:45:f0:05:89:03:52:5c:d0:8e:fd:a0:da:53:83:
                    a1:5a:72:d5:90:af:c4:d4:4a:fa:64:18:ab:59:dd:
                    99:70:3d:e7:c4:ba:78:e1:85:45:82:38:dd:1e:d8:
                    81:0c:0c:8b:72:79:7f:9f:83:46:95:12:09:21:0e:
                    da:2c:d5:f9:1f:da:1d:68:2c:5d:f9:f0:ac:1e:e7:
                    b3:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:DE:CB:90:76:E9:63:5E:C6:9C:7A:FA:53:C4:A0:4E:F7:90:95:A9
            X509v3 Authority Key Identifier:
                keyid:DC:17:A0:EC:58:65:2D:31:89:61:23:A6:56:10:C3:A3:20:46:55:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/3Beg7FhlLTGJYSOmVhDDoyBGVWs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/3Beg7FhlLTGJYSOmVhDDoyBGVWs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F8F4F/8A377BBC2A7511EC90817559D8A014CE/E9565664A66A11ED9D8DBBC6F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.252.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         35:1a:74:0e:f8:0b:80:a4:b5:43:ef:e9:65:5b:ef:07:d1:d8:
         15:dd:b4:3f:4a:ef:81:cf:2d:94:09:9a:60:a2:f8:78:67:10:
         41:32:2d:f9:8b:3e:05:a9:23:74:b6:61:7e:fe:32:e1:c7:1b:
         28:01:f5:1f:75:5f:51:7f:6f:45:59:46:7f:1d:97:9a:ee:91:
         0c:18:2a:42:43:e0:3a:1b:a0:e0:85:1a:cc:43:72:eb:c5:fa:
         39:af:d0:49:91:60:1b:33:f0:f8:bc:5f:cb:7c:81:ac:89:e8:
         e6:60:b6:80:f6:f4:6f:56:7b:8f:ff:38:fa:60:25:4f:2f:62:
         9e:0e:eb:07:f0:75:8b:c2:f6:cd:64:b8:a9:53:b9:ef:86:19:
         91:82:df:90:86:02:c9:30:b1:5b:d1:f7:98:f6:e6:3a:09:6d:
         41:da:2a:18:9d:bd:0d:d5:6c:ba:a9:78:c0:d0:ef:6e:8a:d5:
         67:c4:d2:e3:af:fd:a6:3b:24:3b:2b:da:a6:ca:ac:16:42:58:
         3a:35:d2:fe:3f:fe:c1:01:81:c8:e8:52:2a:2f:81:3a:f1:b6:
         66:48:53:91:2d:04:a2:22:90:b7:9b:ab:bb:0b:57:38:62:1f:
         17:c9:9c:96:9b:87:dc:cd:f6:8f:b5:bd:d9:e1:b3:ea:ad:3d:
         a3:ad:c7:c0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAgcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjhGNEZBRjExMC8GA1UEBRMoREMxN0EwRUM1ODY1MkQzMTg5NjEyM0E2NTYxMEMz
QTMyMDQ2NTU2QjAeFw0yMzAyMDcyMjA5MTlaFw0yNTAyMDcyMjA5MTlaMBgxFjAU
BgNVBAMMDTYzZTE3YTkzLWU2MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC46NnZgQRiSaGXgW3+FimX2LvoGcHI1FQ4psxz2itlecleAYGijZXh7ob/
NaonGPr2OJMwtcxsR1FPYepwkW6/wrV91wKo7NOSOVFsyD0Vli8MXx7kx53xkKQC
XFd6a/aMqlqC64hQGGMSHGLe17fdp0m4w+D4CVJZubLy9RTTeN4QqzmyBREBSaWZ
3KaBoUuvvCaZl6Hti15rvME31/LRgcz/GpA9NttKrtv+8dMIKsBE9qNF8AWJA1Jc
0I79oNpTg6FactWQr8TUSvpkGKtZ3ZlwPefEunjhhUWCON0e2IEMDItyeX+fg0aV
EgkhDtos1fkf2h1oLF358Kwe57NPAgMBAAGjggKkMIICoDAdBgNVHQ4EFgQU697L
kHbpY17GnHr6U8SgTveQlakwHwYDVR0jBBgwFoAU3Beg7FhlLTGJYSOmVhDDoyBG
VWswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4QTAxNENFLzNCZWc3
RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzNCZWc3RmhsTFRHSllTT21WaEREb3lCR1ZXcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkY4RjRGLzhBMzc3QkJDMkE3NTExRUM5MDgxNzU1OUQ4
QTAxNENFL0U5NTY1NjY0QTY2QTExRUQ5RDhEQkJDNkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwIp/DANBgkqhkiG9w0BAQsF
AAOCAQEANRp0DvgLgKS1Q+/pZVvvB9HYFd20P0rvgc8tlAmaYKL4eGcQQTIt+Ys+
BakjdLZhfv4y4ccbKAH1H3VfUX9vRVlGfx2Xmu6RDBgqQkPgOhug4IUazENy68X6
Oa/QSZFgGzPw+Lxfy3yBrIno5mC2gPb0b1Z7j/84+mAlTy9ing7rB/B1i8L2zWS4
qVO574YZkYLfkIYCyTCxW9H3mPbmOgltQdoqGJ29DdVsuql4wNDvborVZ8TS46/9
pjskOyvapsqsFkJYOjXS/j/+wQGByOhSKi+BOvG2ZkhTkS0EoiKQt5uruwtXOGIf
F8mclpuH3M32j7W92eGz6q09o63HwA==
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:12:09 2024 by rpki-client on console-ams.rpki-client.org