Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3611ED8/0D8CDBC671D911EFAC8BB044762E951A/8C71A80E71D911EF95953447762E951A.roa
File:                     8C71A80E71D911EF95953447762E951A.roa (raw, json)
Hash identifier:          qQJ1tyFupoDgwet6xtHwuOu1NKoamzpsB9579wpp6Y4=
Subject key identifier:   3E:3B:76:1B:9F:E8:5D:63:EB:33:8E:EC:41:B4:51:C5:79:25:BF:65
Certificate issuer:       /CN=F3611ED8AF/serialNumber=546FF3F3A952EA879999455569E907E0FB7C819B
Certificate serial:       02
Authority key identifier: 54:6F:F3:F3:A9:52:EA:87:99:99:45:55:69:E9:07:E0:FB:7C:81:9B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/VG_z86lS6oeZmUVVaekH4Pt8gZs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3611ED8/0D8CDBC671D911EFAC8BB044762E951A/8C71A80E71D911EF95953447762E951A.roa
Signing time:             Fri 13 Sep 2024 14:07:45 +0000
ROA not before:           Fri 13 Sep 2024 14:07:41 +0000
ROA not after:            Wed 13 Sep 2028 14:07:41 +0000
asID:                     328661
IP address blocks:        102.215.72.0/22 maxlen: 24
                          102.218.184.0/22 maxlen: 24
                          102.218.228.0/22 maxlen: 24
                          102.222.236.0/23 maxlen: 24
                          2c0f:e898::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3611ED8/0D8CDBC671D911EFAC8BB044762E951A/VG_z86lS6oeZmUVVaekH4Pt8gZs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3611ED8/0D8CDBC671D911EFAC8BB044762E951A/VG_z86lS6oeZmUVVaekH4Pt8gZs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/VG_z86lS6oeZmUVVaekH4Pt8gZs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3611ED8AF/serialNumber=546FF3F3A952EA879999455569E907E0FB7C819B
        Validity
            Not Before: Sep 13 14:07:41 2024 GMT
            Not After : Sep 13 14:07:41 2028 GMT
        Subject: CN=66e44731-b358
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:64:76:02:c6:c6:43:b2:1c:9e:9b:bb:2f:d2:
                    d4:b8:41:15:ab:c1:f5:ea:8d:4e:47:e0:e1:0d:6e:
                    79:2d:78:78:71:40:74:2f:c0:4b:b5:f7:15:de:21:
                    64:60:ea:c4:86:46:e4:fd:09:0d:88:4e:8b:ce:41:
                    ed:8c:4a:ae:55:d2:04:ce:ca:07:be:17:b7:a8:8d:
                    ab:bd:d0:6a:25:9a:77:62:2f:d3:9e:f2:1b:31:74:
                    27:24:aa:b6:19:0a:b1:45:da:df:89:27:ca:1b:81:
                    fd:b1:0f:c5:e0:68:88:43:83:c5:61:ae:55:2c:4b:
                    b3:31:9f:1b:f1:f8:b9:8a:74:a0:80:f8:2d:db:97:
                    d5:a8:6d:dd:c1:f4:f5:1e:38:f5:20:05:c7:46:a8:
                    bc:c4:c1:6a:9d:70:6f:21:34:8e:e4:12:11:58:4e:
                    da:5d:41:85:0f:4e:28:52:7f:fa:0c:f7:3e:d7:6a:
                    4a:90:84:95:3e:c6:ec:0c:20:0a:55:19:c2:dd:2e:
                    d6:0d:4a:f9:ab:59:21:97:0b:73:5a:56:13:30:56:
                    24:dc:5c:f7:bd:b9:31:d1:ad:b1:52:50:ea:bc:a9:
                    f2:96:be:06:55:9d:fd:19:40:00:47:17:cb:c6:55:
                    a0:cb:53:48:a0:16:07:ef:09:8a:62:e8:67:54:ed:
                    25:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:3B:76:1B:9F:E8:5D:63:EB:33:8E:EC:41:B4:51:C5:79:25:BF:65
            X509v3 Authority Key Identifier:
                keyid:54:6F:F3:F3:A9:52:EA:87:99:99:45:55:69:E9:07:E0:FB:7C:81:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3611ED8/0D8CDBC671D911EFAC8BB044762E951A/VG_z86lS6oeZmUVVaekH4Pt8gZs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/VG_z86lS6oeZmUVVaekH4Pt8gZs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3611ED8/0D8CDBC671D911EFAC8BB044762E951A/8C71A80E71D911EF95953447762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.215.72.0/22
                  102.218.184.0/22
                  102.218.228.0/22
                  102.222.236.0/23
                IPv6:
                  2c0f:e898::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:81:86:57:17:e0:b2:78:35:a0:a7:79:5d:48:ae:db:5c:2f:
         b6:f6:24:34:ca:69:be:49:65:1e:57:59:9a:c6:5e:19:ac:85:
         f2:24:db:4c:cd:52:8a:31:9a:4e:a0:ee:8f:ee:dc:3e:4c:de:
         5e:60:45:b9:08:64:f9:52:d3:c7:10:29:5a:63:26:73:2b:fa:
         4a:19:39:3a:fb:dd:8e:0b:cb:d1:ea:42:72:bd:58:ab:9c:43:
         f2:b3:73:9b:56:cc:0f:95:38:8e:4b:ad:7e:cf:f3:cb:9d:d0:
         9c:14:f6:58:0c:35:b6:a3:e9:40:c4:8e:1d:7f:1b:90:e4:7c:
         66:d9:9c:c2:33:18:89:27:2f:51:29:cc:e4:ad:8f:15:33:27:
         97:f3:2b:6c:b5:81:d4:66:e1:06:96:cc:20:e9:46:90:e5:b3:
         ef:2f:a8:2c:1f:67:7c:41:e1:29:c5:cb:c9:f7:79:14:3e:d0:
         77:a1:2f:e6:ff:17:45:21:76:f1:62:a8:c7:13:49:6c:3d:f0:
         0e:87:1b:f4:ed:5d:16:c7:1f:63:17:b8:32:fd:29:ca:44:16:
         b4:f0:27:c0:93:89:cf:18:53:65:b6:35:fe:2b:15:d7:dd:3f:
         13:01:18:53:8c:d4:ef:09:94:12:50:8d:37:00:1a:bd:a6:5f:
         90:b6:ff:8a
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MUVEOEFGMTEwLwYDVQQFEyg1NDZGRjNGM0E5NTJFQTg3OTk5OTQ1NTU2OUU5MDdF
MEZCN0M4MTlCMB4XDTI0MDkxMzE0MDc0MVoXDTI4MDkxMzE0MDc0MVowGDEWMBQG
A1UEAxMNNjZlNDQ3MzEtYjM1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNkdgLGxkOyHJ6buy/S1LhBFavB9eqNTkfg4Q1ueS14eHFAdC/AS7X3Fd4h
ZGDqxIZG5P0JDYhOi85B7YxKrlXSBM7KB74Xt6iNq73QaiWad2Iv057yGzF0JySq
thkKsUXa34knyhuB/bEPxeBoiEODxWGuVSxLszGfG/H4uYp0oID4LduX1aht3cH0
9R449SAFx0aovMTBap1wbyE0juQSEVhO2l1BhQ9OKFJ/+gz3PtdqSpCElT7G7Awg
ClUZwt0u1g1K+atZIZcLc1pWEzBWJNxc9725MdGtsVJQ6ryp8pa+BlWd/RlAAEcX
y8ZVoMtTSKAWB+8JimLoZ1TtJc8CAwEAAaOCAsYwggLCMB0GA1UdDgQWBBQ+O3Yb
n+hdY+szjuxBtFHFeSW/ZTAfBgNVHSMEGDAWgBRUb/PzqVLqh5mZRVVp6Qfg+3yB
mzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTFFRDgvMEQ4Q0RCQzY3MUQ5MTFFRkFDOEJCMDQ0NzYyRTk1MUEvVkdfejg2
bFM2b2VabVVWVmFla0g0UHQ4Z1pzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVkdfejg2bFM2b2VabVVWVmFla0g0UHQ4Z1pzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTFFRDgvMEQ4Q0RCQzY3MUQ5MTFFRkFDOEJCMDQ0NzYy
RTk1MUEvOEM3MUE4MEU3MUQ5MTFFRjk1OTUzNDQ3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAmbXSAMEAmbauAMEAmba5AME
AWbe7DANBAIAAjAHAwUALA/omDANBgkqhkiG9w0BAQsFAAOCAQEAaIGGVxfgsng1
oKd5XUiu21wvtvYkNMppvkllHldZmsZeGayF8iTbTM1SijGaTqDuj+7cPkzeXmBF
uQhk+VLTxxApWmMmcyv6Shk5OvvdjgvL0epCcr1Yq5xD8rNzm1bMD5U4jkutfs/z
y53QnBT2WAw1tqPpQMSOHX8bkOR8ZtmcwjMYiScvUSnM5K2PFTMnl/MrbLWB1Gbh
BpbMIOlGkOWz7y+oLB9nfEHhKcXLyfd5FD7Qd6Ev5v8XRSF28WKoxxNJbD3wDocb
9O1dFscfYxe4Mv0pykQWtPAnwJOJzxhTZbY1/isV190/EwEYU4zU7wmUElCNNwAa
vaZfkLb/ig==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:30 2024 by rpki-client on console-ams.rpki-client.org