Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/F970A942CF0311EEAED7B6BD775412E6.roa
File:                     F970A942CF0311EEAED7B6BD775412E6.roa (raw, json)
Hash identifier:          32sD43LbWALTuJUF3vyPCwh1TO7oJGgAAqLfaaTeevk=
Subject key identifier:   C8:4F:1A:AD:FC:13:27:1E:E9:77:4F:F5:6D:F4:2B:9C:43:6F:9E:4D
Certificate issuer:       /CN=F3654AD1AF/serialNumber=80D435BBC77094E85B7BF3082580D127B910779E
Certificate serial:       02
Authority key identifier: 80:D4:35:BB:C7:70:94:E8:5B:7B:F3:08:25:80:D1:27:B9:10:77:9E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gNQ1u8dwlOhbe_MIJYDRJ7kQd54.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/F970A942CF0311EEAED7B6BD775412E6.roa
Signing time:             Mon 19 Feb 2024 08:50:47 +0000
ROA not before:           Mon 19 Feb 2024 08:50:44 +0000
ROA not after:            Thu 19 Feb 2026 08:50:44 +0000
asID:                     328331
IP address blocks:        102.135.168.0/24 maxlen: 30
                          102.135.169.0/24 maxlen: 30
                          102.135.170.0/24 maxlen: 30
                          102.135.171.0/24 maxlen: 30
                          102.135.172.0/24 maxlen: 30
                          102.135.173.0/24 maxlen: 30
                          102.135.174.0/24 maxlen: 30
                          102.135.175.0/24 maxlen: 30

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/gNQ1u8dwlOhbe_MIJYDRJ7kQd54.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/gNQ1u8dwlOhbe_MIJYDRJ7kQd54.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gNQ1u8dwlOhbe_MIJYDRJ7kQd54.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3654AD1AF/serialNumber=80D435BBC77094E85B7BF3082580D127B910779E
        Validity
            Not Before: Feb 19 08:50:44 2024 GMT
            Not After : Feb 19 08:50:44 2026 GMT
        Subject: CN=65d31667-58b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a9:3d:d5:69:87:41:4f:f3:16:95:3a:b2:b6:
                    88:1f:23:37:7f:fe:77:d8:a0:ba:51:7e:df:de:89:
                    e1:c6:1a:29:1f:27:ff:e3:e7:9a:d8:cb:02:38:af:
                    f1:d4:77:c9:67:3a:85:83:94:f3:49:05:35:6a:cd:
                    f7:d3:d7:d8:05:66:10:9f:08:52:81:13:e9:f7:44:
                    0b:47:f9:01:e9:03:b3:64:c4:c4:cb:06:2f:53:e5:
                    b1:a6:5a:e2:05:c7:b9:7c:82:4f:60:ef:5f:74:da:
                    a8:1b:fb:9f:9d:30:61:37:15:0f:0f:67:3a:06:68:
                    44:e8:1f:e9:2b:16:6e:55:49:ac:f4:40:54:36:2c:
                    23:15:5c:5d:3e:30:92:6a:29:97:79:39:f5:18:b2:
                    9f:3e:15:c8:2b:db:13:fd:1d:9c:10:7b:54:32:e8:
                    69:e0:26:45:88:1d:ba:d8:ea:c0:2b:08:98:f1:5b:
                    b2:05:6c:51:1b:44:dc:4e:39:d0:0b:ef:8c:45:e3:
                    e4:50:46:08:44:4b:04:6d:21:93:5f:5b:8b:c9:de:
                    04:44:2a:6b:0d:16:e9:ec:f4:e5:89:2f:93:2a:7a:
                    59:57:4c:1f:6e:35:e0:e1:97:8c:cf:14:dd:f3:d3:
                    f3:8b:98:5c:f6:5c:47:94:58:83:06:28:c8:eb:ac:
                    e6:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:4F:1A:AD:FC:13:27:1E:E9:77:4F:F5:6D:F4:2B:9C:43:6F:9E:4D
            X509v3 Authority Key Identifier:
                keyid:80:D4:35:BB:C7:70:94:E8:5B:7B:F3:08:25:80:D1:27:B9:10:77:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/gNQ1u8dwlOhbe_MIJYDRJ7kQd54.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gNQ1u8dwlOhbe_MIJYDRJ7kQd54.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3654AD1/228F5B32CF0111EE94F586B9775412E6/F970A942CF0311EEAED7B6BD775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.135.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         b4:4b:09:4e:d4:4e:32:e6:11:03:de:ae:62:c2:8e:8e:42:fb:
         99:69:cf:92:c1:e0:73:fa:01:c8:8e:44:ec:00:e3:b9:bf:29:
         b0:ed:f9:f5:6c:8b:8f:ec:92:4c:39:43:0f:62:c6:ee:ca:35:
         f4:32:06:cc:17:5b:47:4d:bc:8a:9f:2c:3f:90:68:89:04:58:
         cf:ac:d0:4b:63:3d:bc:22:8b:2f:70:68:b8:f0:0c:20:dc:f9:
         20:29:ec:95:93:a1:96:06:06:af:7e:e7:94:6c:55:17:73:93:
         d6:05:e5:f3:7a:0f:fe:ca:04:75:73:a2:48:d5:9e:f2:0d:4b:
         6b:8a:ef:b0:fb:fa:5e:94:46:b8:41:c6:43:0c:b3:4c:b7:7f:
         a5:74:65:f1:91:d1:a3:2e:6b:f1:e6:3f:ae:fc:b9:ef:1a:38:
         df:d4:3c:e6:f9:82:21:ff:11:96:8f:5f:c3:31:18:50:79:b6:
         82:d8:f1:5f:de:dd:1f:a0:98:e6:fe:65:00:d6:19:ec:87:5a:
         19:d2:e1:cb:cf:59:8e:a2:db:95:96:86:95:69:8c:f0:ea:cb:
         59:3e:aa:db:bf:23:77:67:01:19:65:1a:13:6d:21:54:1f:5d:
         e5:5e:b5:77:b7:3e:b8:6b:1b:b5:e7:fe:51:1f:47:24:55:d2:
         35:d9:75:df
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NEFEMUFGMTEwLwYDVQQFEyg4MEQ0MzVCQkM3NzA5NEU4NUI3QkYzMDgyNTgwRDEy
N0I5MTA3NzlFMB4XDTI0MDIxOTA4NTA0NFoXDTI2MDIxOTA4NTA0NFowGDEWMBQG
A1UEAxMNNjVkMzE2NjctNThiOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALypPdVph0FP8xaVOrK2iB8jN3/+d9igulF+396J4cYaKR8n/+PnmtjLAjiv
8dR3yWc6hYOU80kFNWrN99PX2AVmEJ8IUoET6fdEC0f5AekDs2TExMsGL1PlsaZa
4gXHuXyCT2DvX3TaqBv7n50wYTcVDw9nOgZoROgf6SsWblVJrPRAVDYsIxVcXT4w
kmopl3k59Riynz4VyCvbE/0dnBB7VDLoaeAmRYgdutjqwCsImPFbsgVsURtE3E45
0AvvjEXj5FBGCERLBG0hk19bi8neBEQqaw0W6ez05Ykvkyp6WVdMH2414OGXjM8U
3fPT84uYXPZcR5RYgwYoyOus5qUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTITxqt
/BMnHul3T/Vt9CucQ2+eTTAfBgNVHSMEGDAWgBSA1DW7x3CU6Ft78wglgNEnuRB3
njAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTRBRDEvMjI4RjVCMzJDRjAxMTFFRTk0RjU4NkI5Nzc1NDEyRTYvZ05RMXU4
ZHdsT2hiZV9NSUpZRFJKN2tRZDU0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ05RMXU4ZHdsT2hiZV9NSUpZRFJKN2tRZDU0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTRBRDEvMjI4RjVCMzJDRjAxMTFFRTk0RjU4NkI5Nzc1
NDEyRTYvRjk3MEE5NDJDRjAzMTFFRUFFRDdCNkJENzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2aHqDANBgkqhkiG9w0BAQsF
AAOCAQEAtEsJTtROMuYRA96uYsKOjkL7mWnPksHgc/oByI5E7ADjub8psO359WyL
j+ySTDlDD2LG7so19DIGzBdbR028ip8sP5BoiQRYz6zQS2M9vCKLL3BouPAMINz5
ICnslZOhlgYGr37nlGxVF3OT1gXl83oP/soEdXOiSNWe8g1La4rvsPv6XpRGuEHG
QwyzTLd/pXRl8ZHRoy5r8eY/rvy57xo439Q85vmCIf8Rlo9fwzEYUHm2gtjxX97d
H6CY5v5lANYZ7IdaGdLhy89ZjqLblZaGlWmM8OrLWT6q278jd2cBGWUaE20hVB9d
5V61d7c+uGsbtef+UR9HJFXSNdl13w==
-----END CERTIFICATE-----
Generated at Sat Jun 15 04:18:03 2024 by rpki-client on console-ams.rpki-client.org