Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/66B953BA4D9311EFA7586846762E951A.roa
File:                     66B953BA4D9311EFA7586846762E951A.roa (raw, json)
Hash identifier:          byh4Eg9udfVVMXX0HCkdJJZ1KKKQasdGqUIYmXZmtrg=
Subject key identifier:   E7:C0:BA:03:B1:37:C4:5C:93:69:F1:1B:06:FA:99:DF:57:EE:3F:27
Certificate issuer:       /CN=F3664036AF/serialNumber=056EB3CECDEE6B836D1FA08F087CE7446703DEA1
Certificate serial:       02
Authority key identifier: 05:6E:B3:CE:CD:EE:6B:83:6D:1F:A0:8F:08:7C:E7:44:67:03:DE:A1
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/BW6zzs3ua4NtH6CPCHznRGcD3qE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/66B953BA4D9311EFA7586846762E951A.roa
Signing time:             Mon 29 Jul 2024 10:14:55 +0000
ROA not before:           Mon 29 Jul 2024 10:14:52 +0000
ROA not after:            Fri 31 Jul 2048 10:14:52 +0000
asID:                     329457
IP address blocks:        102.208.124.0/22 maxlen: 25
                          2c0f:3d40::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/BW6zzs3ua4NtH6CPCHznRGcD3qE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/BW6zzs3ua4NtH6CPCHznRGcD3qE.mft
                          rsync://rpki.afrinic.net/repository/afrinic/BW6zzs3ua4NtH6CPCHznRGcD3qE.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3664036AF/serialNumber=056EB3CECDEE6B836D1FA08F087CE7446703DEA1
        Validity
            Not Before: Jul 29 10:14:52 2024 GMT
            Not After : Jul 31 10:14:52 2048 GMT
        Subject: CN=66a76b9f-ac41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:35:4c:3b:1c:43:04:c8:d7:25:db:be:7b:17:
                    c6:37:b4:96:a3:68:2c:14:c7:0b:3b:03:ef:44:6c:
                    51:55:d6:09:e1:4a:7d:1c:a4:79:92:49:54:d5:80:
                    22:c3:b8:39:73:59:b4:29:ad:6f:ac:a7:f7:4f:d8:
                    5b:07:0e:4f:ca:34:64:c0:79:ea:ce:1c:85:c3:c2:
                    cd:96:11:ec:f8:b1:fc:d5:c9:8b:54:53:93:60:a5:
                    46:ed:d5:5e:91:d8:32:7c:29:62:1d:51:66:f1:13:
                    a0:a6:60:c6:24:07:ce:ad:96:b2:06:2e:1b:77:96:
                    37:8b:79:26:df:d7:a6:34:ff:e0:7b:e1:55:b8:69:
                    e3:54:62:65:ec:74:dd:48:3e:ac:c7:23:78:bf:6e:
                    1c:6b:db:8d:94:5d:69:2f:0b:e3:1c:55:a7:79:43:
                    2e:7d:d3:0e:0a:38:44:b7:a4:4b:8a:a1:53:86:24:
                    92:f0:09:52:54:c6:57:2d:e0:57:f1:c5:72:cd:85:
                    c0:0d:e2:4c:1b:2b:4a:6f:59:44:54:fc:42:6e:91:
                    41:d2:e5:a0:fc:90:ac:a5:d0:73:23:b5:8f:3c:8b:
                    97:d9:55:c4:ae:81:d3:a5:48:63:35:1f:85:78:2f:
                    c9:54:6d:1f:8a:39:30:83:bf:02:b2:83:6a:37:b5:
                    f7:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:C0:BA:03:B1:37:C4:5C:93:69:F1:1B:06:FA:99:DF:57:EE:3F:27
            X509v3 Authority Key Identifier:
                keyid:05:6E:B3:CE:CD:EE:6B:83:6D:1F:A0:8F:08:7C:E7:44:67:03:DE:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/BW6zzs3ua4NtH6CPCHznRGcD3qE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/BW6zzs3ua4NtH6CPCHznRGcD3qE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3664036/4840029A4D9211EF9858CABB762E951A/66B953BA4D9311EFA7586846762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.208.124.0/22
                IPv6:
                  2c0f:3d40::/32

    Signature Algorithm: sha256WithRSAEncryption
         5e:e9:8d:4d:df:f7:86:05:a3:b7:ef:f3:48:94:fc:c0:e9:98:
         81:48:8d:ee:e9:8f:cc:d6:20:d3:93:ca:fc:72:ba:80:4b:45:
         12:8a:46:46:ec:8f:5d:d1:84:5a:18:56:cb:d7:7c:c0:fb:cd:
         3e:ef:8f:d2:c1:1d:eb:25:02:98:48:06:12:c6:a2:bc:f1:18:
         bd:1a:3e:18:e8:a8:bf:18:76:85:34:8a:c1:6a:4b:fd:d0:f3:
         fa:c6:40:ac:c4:67:5f:9e:01:24:19:32:23:5e:02:24:e2:ee:
         41:bc:45:f8:f9:8e:95:ac:ae:38:0e:be:35:33:83:e3:1f:37:
         5d:9a:db:1d:67:2b:a7:c2:bb:1d:d3:22:49:ae:1f:01:1e:9e:
         22:13:21:86:b2:61:43:4e:61:af:fb:6b:4e:3c:b2:c5:f2:b8:
         da:f9:d5:96:91:a0:72:dd:d6:7d:b6:d9:dc:18:ae:92:90:c3:
         75:5f:9c:56:74:66:f6:4e:bc:1d:30:56:b1:ba:77:d8:b8:14:
         d8:ec:4a:9e:c5:88:16:cd:3e:af:8e:69:d9:9d:df:4a:fc:89:
         1d:ec:77:ce:96:82:82:cc:3e:40:bb:2e:9c:52:68:56:c3:f8:
         da:ef:47:48:af:0d:63:9c:c1:a4:e0:d0:1b:ee:b9:3a:7c:f0:
         ce:f6:3b:0b
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
NDAzNkFGMTEwLwYDVQQFEygwNTZFQjNDRUNERUU2QjgzNkQxRkEwOEYwODdDRTc0
NDY3MDNERUExMB4XDTI0MDcyOTEwMTQ1MloXDTQ4MDczMTEwMTQ1MlowGDEWMBQG
A1UEAxMNNjZhNzZiOWYtYWM0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANY1TDscQwTI1yXbvnsXxje0lqNoLBTHCzsD70RsUVXWCeFKfRykeZJJVNWA
IsO4OXNZtCmtb6yn90/YWwcOT8o0ZMB56s4chcPCzZYR7Pix/NXJi1RTk2ClRu3V
XpHYMnwpYh1RZvEToKZgxiQHzq2WsgYuG3eWN4t5Jt/XpjT/4HvhVbhp41RiZex0
3Ug+rMcjeL9uHGvbjZRdaS8L4xxVp3lDLn3TDgo4RLekS4qhU4YkkvAJUlTGVy3g
V/HFcs2FwA3iTBsrSm9ZRFT8Qm6RQdLloPyQrKXQcyO1jzyLl9lVxK6B06VIYzUf
hXgvyVRtH4o5MIO/ArKDaje191UCAwEAAaOCArQwggKwMB0GA1UdDgQWBBTnwLoD
sTfEXJNp8RsG+pnfV+4/JzAfBgNVHSMEGDAWgBQFbrPOze5rg20foI8IfOdEZwPe
oTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjQwMzYvNDg0MDAyOUE0RDkyMTFFRjk4NThDQUJCNzYyRTk1MUEvQlc2enpz
M3VhNE50SDZDUENIem5SR2NEM3FFLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvQlc2enpzM3VhNE50SDZDUENIem5SR2NEM3FFLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjQwMzYvNDg0MDAyOUE0RDkyMTFFRjk4NThDQUJCNzYy
RTk1MUEvNjZCOTUzQkE0RDkzMTFFRkE3NTg2ODQ2NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbQfDANBAIAAjAHAwUALA89
QDANBgkqhkiG9w0BAQsFAAOCAQEAXumNTd/3hgWjt+/zSJT8wOmYgUiN7umPzNYg
05PK/HK6gEtFEopGRuyPXdGEWhhWy9d8wPvNPu+P0sEd6yUCmEgGEsaivPEYvRo+
GOiovxh2hTSKwWpL/dDz+sZArMRnX54BJBkyI14CJOLuQbxF+PmOlayuOA6+NTOD
4x83XZrbHWcrp8K7HdMiSa4fAR6eIhMhhrJhQ05hr/trTjyyxfK42vnVlpGgct3W
fbbZ3BiukpDDdV+cVnRm9k68HTBWsbp32LgU2OxKnsWIFs0+r45p2Z3fSvyJHex3
zpaCgsw+QLsunFJoVsP42u9HSK8NY5zBpODQG+65OnzwzvY7Cw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org