Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3658A3F/74DD844C741D11EFA2D01673762E951A/2FD55E82741E11EFAC1F5677762E951A.roa
File:                     2FD55E82741E11EFAC1F5677762E951A.roa (raw, json)
Hash identifier:          yK+GF+mnFJmB3GPr0etfsyb2RoWyRhvCEdCQ6Xl4fOM=
Subject key identifier:   60:86:44:43:70:19:CE:2E:20:BD:BD:D9:FD:9D:95:D8:58:63:0E:91
Certificate issuer:       /CN=F3658A3FAF/serialNumber=BDCFAE2569A7038EA970FACF40303418F6351F48
Certificate serial:       04
Authority key identifier: BD:CF:AE:25:69:A7:03:8E:A9:70:FA:CF:40:30:34:18:F6:35:1F:48
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/vc-uJWmnA46pcPrPQDA0GPY1H0g.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3658A3F/74DD844C741D11EFA2D01673762E951A/2FD55E82741E11EFAC1F5677762E951A.roa
Signing time:             Mon 16 Sep 2024 11:24:07 +0000
ROA not before:           Mon 16 Sep 2024 11:24:04 +0000
ROA not after:            Sat 16 Sep 2034 11:24:04 +0000
asID:                     328963
IP address blocks:        102.217.252.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3658A3F/74DD844C741D11EFA2D01673762E951A/vc-uJWmnA46pcPrPQDA0GPY1H0g.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3658A3F/74DD844C741D11EFA2D01673762E951A/vc-uJWmnA46pcPrPQDA0GPY1H0g.mft
                          rsync://rpki.afrinic.net/repository/afrinic/vc-uJWmnA46pcPrPQDA0GPY1H0g.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3658A3FAF/serialNumber=BDCFAE2569A7038EA970FACF40303418F6351F48
        Validity
            Not Before: Sep 16 11:24:04 2024 GMT
            Not After : Sep 16 11:24:04 2034 GMT
        Subject: CN=66e81557-235c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:44:49:11:18:ee:88:43:b7:f3:d9:de:89:ec:
                    f6:58:30:f2:51:06:87:9e:0f:ae:f0:ab:f7:b0:c5:
                    0c:ab:56:e7:62:92:5f:85:60:d1:be:15:92:f9:c5:
                    aa:a7:47:30:33:17:12:77:d4:a1:d4:ff:66:82:50:
                    df:b0:4b:94:74:7a:a3:2e:d6:51:1e:97:04:05:73:
                    f1:d3:58:10:10:16:7a:b6:d1:3f:96:c2:ea:07:e2:
                    6c:36:0e:d6:25:e4:de:c9:fd:d3:ee:0b:46:6a:67:
                    77:b2:ef:b2:09:ad:cb:23:6e:79:f7:bf:07:b0:fe:
                    07:31:72:c7:f2:a6:41:fb:cf:9f:f3:55:3e:08:eb:
                    8a:55:76:16:2c:cc:c3:80:dd:33:fb:ee:c0:02:7d:
                    e1:85:2c:92:1e:6f:ec:1f:98:eb:7e:45:6c:5b:f2:
                    e0:44:be:90:ff:3d:89:82:d0:77:25:ed:cd:1b:e2:
                    12:ce:81:a3:a1:fe:53:55:78:f0:f9:44:f9:b2:0a:
                    21:dc:e1:5c:bb:57:ca:1e:bb:ae:9d:5d:3c:43:e2:
                    85:51:5c:c0:a2:b2:d0:71:b1:d6:3c:09:82:07:af:
                    c6:be:12:3b:e3:d9:32:7c:d0:6d:7b:c4:1f:d8:f6:
                    d1:c6:63:d7:d6:2f:37:af:62:f2:81:9f:16:66:f8:
                    25:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:86:44:43:70:19:CE:2E:20:BD:BD:D9:FD:9D:95:D8:58:63:0E:91
            X509v3 Authority Key Identifier:
                keyid:BD:CF:AE:25:69:A7:03:8E:A9:70:FA:CF:40:30:34:18:F6:35:1F:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3658A3F/74DD844C741D11EFA2D01673762E951A/vc-uJWmnA46pcPrPQDA0GPY1H0g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/vc-uJWmnA46pcPrPQDA0GPY1H0g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3658A3F/74DD844C741D11EFA2D01673762E951A/2FD55E82741E11EFAC1F5677762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.217.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:5d:ef:74:ed:d1:3e:96:95:de:f3:52:d2:61:47:7c:8e:e1:
         d6:ec:04:8b:f9:1e:60:3a:c0:67:ba:e4:bf:98:87:ff:1f:4f:
         e2:37:0d:e6:61:fb:73:0e:c3:92:d9:8e:12:11:91:d3:ce:1b:
         4a:3b:f2:0f:e4:98:a4:36:3e:33:15:54:84:e3:a8:e3:44:99:
         d8:8b:50:3b:60:c1:b7:42:3a:24:58:41:af:0c:8f:17:43:62:
         42:40:3e:7c:fb:04:48:5b:9d:ac:50:14:15:61:2b:8d:91:3a:
         bf:9c:a9:27:c7:f6:f1:65:ba:03:37:e4:89:69:7a:24:92:7b:
         72:e4:a2:3a:0b:89:f6:5f:c2:25:58:d7:e4:29:50:2d:ce:b3:
         b8:c8:69:de:8a:7d:b2:af:28:8e:a3:ff:63:67:b0:e2:89:01:
         e2:d6:cb:78:2d:b4:b9:d2:1b:da:81:b0:2f:61:d6:3e:60:fc:
         ef:76:1f:34:cc:42:b9:57:f7:e7:f1:32:61:af:eb:c1:6a:1e:
         f2:99:5f:45:de:d2:b0:a6:ec:b9:23:36:d6:07:c0:31:0e:5a:
         fc:c8:31:e1:6a:55:cf:0d:47:cd:cd:9f:1d:d9:00:57:04:f7:
         eb:41:99:14:26:a7:3c:bc:58:3e:9b:bd:36:f8:ae:83:16:f9:
         51:31:f6:84
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
OEEzRkFGMTEwLwYDVQQFEyhCRENGQUUyNTY5QTcwMzhFQTk3MEZBQ0Y0MDMwMzQx
OEY2MzUxRjQ4MB4XDTI0MDkxNjExMjQwNFoXDTM0MDkxNjExMjQwNFowGDEWMBQG
A1UEAxMNNjZlODE1NTctMjM1YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtESREY7ohDt/PZ3ons9lgw8lEGh54PrvCr97DFDKtW52KSX4Vg0b4VkvnF
qqdHMDMXEnfUodT/ZoJQ37BLlHR6oy7WUR6XBAVz8dNYEBAWerbRP5bC6gfibDYO
1iXk3sn90+4LRmpnd7LvsgmtyyNuefe/B7D+BzFyx/KmQfvPn/NVPgjrilV2FizM
w4DdM/vuwAJ94YUskh5v7B+Y635FbFvy4ES+kP89iYLQdyXtzRviEs6Bo6H+U1V4
8PlE+bIKIdzhXLtXyh67rp1dPEPihVFcwKKy0HGx1jwJggevxr4SO+PZMnzQbXvE
H9j20cZj19YvN69i8oGfFmb4JdMCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRghkRD
cBnOLiC9vdn9nZXYWGMOkTAfBgNVHSMEGDAWgBS9z64laacDjqlw+s9AMDQY9jUf
SDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NThBM0YvNzRERDg0NEM3NDFEMTFFRkEyRDAxNjczNzYyRTk1MUEvdmMtdUpX
bW5BNDZwY1ByUFFEQTBHUFkxSDBnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvdmMtdUpXbW5BNDZwY1ByUFFEQTBHUFkxSDBnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NThBM0YvNzRERDg0NEM3NDFEMTFFRkEyRDAxNjczNzYy
RTk1MUEvMkZENTVFODI3NDFFMTFFRkFDMUY1Njc3NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbZ/DANBgkqhkiG9w0BAQsF
AAOCAQEAiF3vdO3RPpaV3vNS0mFHfI7h1uwEi/keYDrAZ7rkv5iH/x9P4jcN5mH7
cw7DktmOEhGR084bSjvyD+SYpDY+MxVUhOOo40SZ2ItQO2DBt0I6JFhBrwyPF0Ni
QkA+fPsESFudrFAUFWErjZE6v5ypJ8f28WW6AzfkiWl6JJJ7cuSiOguJ9l/CJVjX
5ClQLc6zuMhp3op9sq8ojqP/Y2ew4okB4tbLeC20udIb2oGwL2HWPmD873YfNMxC
uVf35/EyYa/rwWoe8plfRd7SsKbsuSM21gfAMQ5a/Mgx4WpVzw1Hzc2fHdkAVwT3
60GZFCanPLxYPpu9Nviugxb5UTH2hA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org