Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/C82D839403C511EBB1822323F8AEA228.roa
File:                     C82D839403C511EBB1822323F8AEA228.roa (raw, json)
Hash identifier:          BRU/+9vSJaKFXnQ7Cb8Og2eSBhtx9/MwNvCd1XqLbx0=
Subject key identifier:   3E:29:9D:73:25:1B:E7:58:75:70:0C:3E:9A:68:0B:25:CB:8F:34:2C
Certificate issuer:       /CN=F366C124AF/serialNumber=7540D052D1291113560BA82D232042B99AA8A64A
Certificate serial:       019B
Authority key identifier: 75:40:D0:52:D1:29:11:13:56:0B:A8:2D:23:20:42:B9:9A:A8:A6:4A
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/dUDQUtEpERNWC6gtIyBCuZqopko.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/C82D839403C511EBB1822323F8AEA228.roa
Signing time:             Thu 01 Oct 2020 09:09:17 +0000
ROA not before:           Thu 01 Oct 2020 09:09:12 +0000
ROA not after:            Tue 01 Oct 2030 09:09:12 +0000
asID:                     328512
IP address blocks:        102.64.16.0/20 maxlen: 24
                          2c0f:edf8::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/dUDQUtEpERNWC6gtIyBCuZqopko.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/dUDQUtEpERNWC6gtIyBCuZqopko.mft
                          rsync://rpki.afrinic.net/repository/afrinic/dUDQUtEpERNWC6gtIyBCuZqopko.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 411 (0x19b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366C124AF/serialNumber=7540D052D1291113560BA82D232042B99AA8A64A
        Validity
            Not Before: Oct  1 09:09:12 2020 GMT
            Not After : Oct  1 09:09:12 2030 GMT
        Subject: CN=5f759cbd-7385
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ca:b7:11:3f:ae:a9:52:b4:68:7d:3a:98:dd:
                    6f:7e:ec:03:ae:29:29:e0:81:aa:f0:cf:26:1c:bf:
                    66:ac:4b:6b:9f:19:12:b1:3c:b1:64:60:8c:ab:e8:
                    d4:d6:c7:bf:83:ce:c2:4e:40:b9:90:f1:e4:35:fa:
                    52:da:ad:23:5e:4a:0a:76:36:4f:a3:55:5d:02:20:
                    e6:73:ed:61:3b:d3:b1:78:96:5b:c7:43:b7:33:58:
                    c2:98:89:d8:f0:7e:5d:32:25:a6:f9:13:1f:c2:f4:
                    f8:46:3a:18:8b:1e:92:21:84:a1:d0:b4:67:6e:3b:
                    6f:82:cf:28:25:00:ed:87:ed:8d:d3:8c:68:68:0e:
                    bd:ce:16:10:da:6f:6b:a5:62:ff:0d:2b:e4:b2:9c:
                    11:55:3a:49:ee:f5:29:6b:fe:a6:36:92:db:80:ef:
                    be:7d:37:4f:b1:71:88:e7:43:62:8f:93:e6:8c:00:
                    73:b6:5c:84:a2:0a:2e:b4:62:8b:af:c0:95:14:ca:
                    aa:76:c1:12:81:20:a8:66:94:e2:27:1f:ba:7a:54:
                    9b:1a:da:a7:b2:c5:25:54:e1:01:60:08:e0:96:d9:
                    fc:6e:fa:f7:a4:8c:12:da:38:85:ad:d7:1f:02:d7:
                    39:6b:ee:51:69:8d:2a:64:cb:39:e0:5d:31:88:25:
                    84:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:29:9D:73:25:1B:E7:58:75:70:0C:3E:9A:68:0B:25:CB:8F:34:2C
            X509v3 Authority Key Identifier:
                keyid:75:40:D0:52:D1:29:11:13:56:0B:A8:2D:23:20:42:B9:9A:A8:A6:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/dUDQUtEpERNWC6gtIyBCuZqopko.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/dUDQUtEpERNWC6gtIyBCuZqopko.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366C124/21E2D0D4CAF011E98C204478F8AEA228/C82D839403C511EBB1822323F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.64.16.0/20
                IPv6:
                  2c0f:edf8::/32

    Signature Algorithm: sha256WithRSAEncryption
         7d:98:19:a7:c0:e1:b7:cf:13:02:33:cb:a0:85:34:6f:f3:8e:
         b6:aa:8d:ab:07:42:1b:54:2d:e8:72:10:40:34:a1:81:4f:a5:
         97:6c:9a:1a:ef:2e:bf:d4:d7:b9:21:a9:25:64:7b:68:95:9d:
         41:13:3e:1a:fd:69:86:ed:80:5f:b9:cb:d4:be:b6:69:7a:a1:
         28:3f:a8:cd:24:57:4c:76:0e:98:72:ca:42:55:33:be:8c:03:
         b4:49:80:73:bb:fc:0b:35:22:91:ae:1f:92:f9:fa:1a:74:b9:
         96:e9:b5:f5:9e:57:70:94:a0:7b:5f:76:f2:01:56:e7:2e:d5:
         83:bd:d3:9c:7f:84:45:44:bc:fa:ed:df:a3:50:5a:55:95:cd:
         19:82:4f:8d:bc:de:dc:4f:15:ea:0c:fc:57:b9:a5:62:a5:17:
         83:2f:6b:33:97:1e:44:8e:46:d4:96:7a:5d:61:30:11:db:5e:
         45:a4:f7:b8:0c:85:11:15:c6:ba:89:f1:2f:af:f5:ac:33:eb:
         8a:89:e0:9f:ac:1c:d8:a4:34:0e:25:4b:79:d9:01:40:43:f3:
         7d:12:06:f6:3f:89:e0:71:bc:1f:3a:0a:77:d6:22:66:dd:62:
         bf:18:ee:01:a9:d3:7e:c7:47:7c:9d:85:73:7a:aa:87:0c:78:
         82:1d:7a:b9
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAZswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NkMxMjRBRjExMC8GA1UEBRMoNzU0MEQwNTJEMTI5MTExMzU2MEJBODJEMjMyMDQy
Qjk5QUE4QTY0QTAeFw0yMDEwMDEwOTA5MTJaFw0zMDEwMDEwOTA5MTJaMBgxFjAU
BgNVBAMTDTVmNzU5Y2JkLTczODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC1yrcRP66pUrRofTqY3W9+7AOuKSnggarwzyYcv2asS2ufGRKxPLFkYIyr
6NTWx7+DzsJOQLmQ8eQ1+lLarSNeSgp2Nk+jVV0CIOZz7WE707F4llvHQ7czWMKY
idjwfl0yJab5Ex/C9PhGOhiLHpIhhKHQtGduO2+CzyglAO2H7Y3TjGhoDr3OFhDa
b2ulYv8NK+SynBFVOknu9Slr/qY2ktuA7759N0+xcYjnQ2KPk+aMAHO2XISiCi60
YouvwJUUyqp2wRKBIKhmlOInH7p6VJsa2qeyxSVU4QFgCOCW2fxu+vekjBLaOIWt
1x8C1zlr7lFpjSpkyzngXTGIJYRtAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQUPimd
cyUb51h1cAw+mmgLJcuPNCwwHwYDVR0jBBgwFoAUdUDQUtEpERNWC6gtIyBCuZqo
pkowDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjZDMTI0LzIxRTJEMEQ0Q0FGMDExRTk4QzIwNDQ3OEY4QUVBMjI4L2RVRFFV
dEVwRVJOV0M2Z3RJeUJDdVpxb3Brby5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2RVRFFVdEVwRVJOV0M2Z3RJeUJDdVpxb3Brby5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjZDMTI0LzIxRTJEMEQ0Q0FGMDExRTk4QzIwNDQ3OEY4
QUVBMjI4L0M4MkQ4Mzk0MDNDNTExRUJCMTgyMjMyM0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBARmQBAwDQQCAAIwBwMFACwP
7fgwDQYJKoZIhvcNAQELBQADggEBAH2YGafA4bfPEwIzy6CFNG/zjraqjasHQhtU
LehyEEA0oYFPpZdsmhrvLr/U17khqSVke2iVnUETPhr9aYbtgF+5y9S+tml6oSg/
qM0kV0x2DphyykJVM76MA7RJgHO7/As1IpGuH5L5+hp0uZbptfWeV3CUoHtfdvIB
Vucu1YO905x/hEVEvPrt36NQWlWVzRmCT4283txPFeoM/Fe5pWKlF4MvazOXHkSO
RtSWel1hMBHbXkWk97gMhREVxrqJ8S+v9awz64qJ4J+sHNikNA4lS3nZAUBD830S
BvY/ieBxvB86CnfWImbdYr8Y7gGp037HR3ydhXN6qocMeIIderk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:42 2024 by rpki-client on console-ams.rpki-client.org