Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/D3C327DABE9E11EE993106AB775412E6.roa
File:                     D3C327DABE9E11EE993106AB775412E6.roa (raw, json)
Hash identifier:          JBKixCSDBI+8M+eUfX+NbM+TcRDwKlbGQLGKTvvPJkw=
Subject key identifier:   E9:57:C8:B4:C6:DD:16:37:DA:C8:B2:D7:AF:44:3F:F7:DB:D5:06:98
Certificate issuer:       /CN=F3675292AF/serialNumber=8579BC27E73D7B29108EBFF397FB6CFD5C6B0247
Certificate serial:       09
Authority key identifier: 85:79:BC:27:E7:3D:7B:29:10:8E:BF:F3:97:FB:6C:FD:5C:6B:02:47
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hXm8J-c9eykQjr_zl_ts_VxrAkc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/D3C327DABE9E11EE993106AB775412E6.roa
Signing time:             Mon 29 Jan 2024 12:06:26 +0000
ROA not before:           Mon 29 Jan 2024 12:06:23 +0000
ROA not after:            Thu 29 Jan 2026 12:06:23 +0000
asID:                     21003
IP address blocks:        102.222.252.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/hXm8J-c9eykQjr_zl_ts_VxrAkc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/hXm8J-c9eykQjr_zl_ts_VxrAkc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hXm8J-c9eykQjr_zl_ts_VxrAkc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3675292AF/serialNumber=8579BC27E73D7B29108EBFF397FB6CFD5C6B0247
        Validity
            Not Before: Jan 29 12:06:23 2024 GMT
            Not After : Jan 29 12:06:23 2026 GMT
        Subject: CN=65b794c2-4cad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:c2:1d:5e:4a:d5:a8:ba:0d:e3:8f:ba:db:3b:
                    e2:c3:b9:c0:98:09:6e:a2:71:7b:07:45:4e:7e:ee:
                    a3:19:bd:e5:b8:8f:06:a2:23:10:97:3f:11:87:0c:
                    88:7e:1e:16:57:f3:12:e7:45:03:67:67:9c:3a:3d:
                    50:ca:29:9e:28:f8:f8:20:13:d8:19:be:61:f1:d9:
                    a0:52:f0:60:98:4c:23:29:01:96:2e:ff:e3:48:44:
                    7a:38:8b:a9:6e:d4:9b:4b:ea:8e:e8:bc:a7:fa:23:
                    2c:3e:27:06:be:01:60:ca:d4:f0:b4:ca:7e:75:53:
                    c5:28:3b:10:d0:37:30:94:f5:8c:30:af:51:53:40:
                    82:25:19:31:a3:c8:7b:1b:73:6b:45:0a:c4:25:db:
                    03:bc:a1:5c:0b:f8:6d:c1:b6:d3:f5:45:b3:70:99:
                    13:46:b5:a5:98:f5:48:df:d1:f9:d9:a7:62:2b:c4:
                    cf:0a:f7:62:99:df:2f:e9:81:07:db:4c:79:bc:df:
                    34:7d:55:be:c7:01:5a:61:33:47:65:a3:ac:91:a2:
                    0b:92:9b:79:0f:e5:7b:30:b7:50:1e:a6:bf:4c:ad:
                    81:c0:94:67:18:46:2a:80:2f:73:d5:bc:44:78:92:
                    1e:8a:b9:6d:2b:66:d7:82:bd:63:72:0b:ea:fb:bf:
                    25:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:57:C8:B4:C6:DD:16:37:DA:C8:B2:D7:AF:44:3F:F7:DB:D5:06:98
            X509v3 Authority Key Identifier:
                keyid:85:79:BC:27:E7:3D:7B:29:10:8E:BF:F3:97:FB:6C:FD:5C:6B:02:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/hXm8J-c9eykQjr_zl_ts_VxrAkc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hXm8J-c9eykQjr_zl_ts_VxrAkc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3675292/264D17FEBDDC11EEB41E414D775412E6/D3C327DABE9E11EE993106AB775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.222.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:4d:24:51:a1:1a:fb:97:2b:c2:70:33:af:76:47:20:63:59:
         6b:d1:16:a6:43:fb:f6:fe:b1:69:7f:cd:cb:73:84:a3:2e:14:
         d8:d7:93:53:ac:71:31:47:da:66:a4:92:c0:83:35:e4:20:13:
         76:67:90:9e:51:8a:ed:b9:5c:cf:01:9b:38:63:71:af:82:eb:
         ee:12:60:05:ab:08:c8:a6:30:1e:54:70:07:cc:16:ba:85:93:
         f7:df:95:f8:a7:e8:b1:71:43:c9:4e:96:36:b1:6d:fa:60:44:
         d6:17:5b:f3:40:02:56:77:03:fc:6c:e3:d0:0b:5a:ad:84:6d:
         cf:84:75:1e:3c:9c:86:c5:e8:90:95:0e:26:eb:33:9c:63:1c:
         c9:e3:11:e7:c5:5d:bd:83:dc:79:65:76:28:91:09:30:10:fe:
         1a:99:d4:86:1e:33:d2:f5:83:63:f7:19:f9:07:ef:32:5d:a4:
         39:6b:6b:65:38:3e:be:9e:da:2a:50:14:2b:d1:07:91:ab:61:
         ea:ab:cd:f9:e7:4e:9d:64:29:53:f3:76:2b:99:df:19:3f:27:
         6e:f6:95:93:47:5e:d1:7a:47:5f:e7:91:c3:14:f1:57:bb:8c:
         56:fa:b2:36:77:75:54:ee:55:5c:7a:6f:9b:1e:fc:2d:08:6f:
         9d:7f:b7:38
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NTI5MkFGMTEwLwYDVQQFEyg4NTc5QkMyN0U3M0Q3QjI5MTA4RUJGRjM5N0ZCNkNG
RDVDNkIwMjQ3MB4XDTI0MDEyOTEyMDYyM1oXDTI2MDEyOTEyMDYyM1owGDEWMBQG
A1UEAxMNNjViNzk0YzItNGNhZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbCHV5K1ai6DeOPuts74sO5wJgJbqJxewdFTn7uoxm95biPBqIjEJc/EYcM
iH4eFlfzEudFA2dnnDo9UMopnij4+CAT2Bm+YfHZoFLwYJhMIykBli7/40hEejiL
qW7Um0vqjui8p/ojLD4nBr4BYMrU8LTKfnVTxSg7ENA3MJT1jDCvUVNAgiUZMaPI
extza0UKxCXbA7yhXAv4bcG20/VFs3CZE0a1pZj1SN/R+dmnYivEzwr3YpnfL+mB
B9tMebzfNH1VvscBWmEzR2WjrJGiC5KbeQ/lezC3UB6mv0ytgcCUZxhGKoAvc9W8
RHiSHoq5bStm14K9Y3IL6vu/Ja8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTpV8i0
xt0WN9rIstevRD/329UGmDAfBgNVHSMEGDAWgBSFebwn5z17KRCOv/OX+2z9XGsC
RzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzUyOTIvMjY0RDE3RkVCRERDMTFFRUI0MUU0MTRENzc1NDEyRTYvaFhtOEot
YzlleWtRanJfemxfdHNfVnhyQWtjLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaFhtOEotYzlleWtRanJfemxfdHNfVnhyQWtjLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzUyOTIvMjY0RDE3RkVCRERDMTFFRUI0MUU0MTRENzc1
NDEyRTYvRDNDMzI3REFCRTlFMTFFRTk5MzEwNkFCNzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbe/DANBgkqhkiG9w0BAQsF
AAOCAQEAHE0kUaEa+5crwnAzr3ZHIGNZa9EWpkP79v6xaX/Ny3OEoy4U2NeTU6xx
MUfaZqSSwIM15CATdmeQnlGK7blczwGbOGNxr4Lr7hJgBasIyKYwHlRwB8wWuoWT
99+V+KfosXFDyU6WNrFt+mBE1hdb80ACVncD/Gzj0AtarYRtz4R1HjychsXokJUO
JusznGMcyeMR58VdvYPceWV2KJEJMBD+GpnUhh4z0vWDY/cZ+QfvMl2kOWtrZTg+
vp7aKlAUK9EHkath6qvN+edOnWQpU/N2K5nfGT8nbvaVk0de0XpHX+eRwxTxV7uM
VvqyNnd1VO5VXHpvmx78LQhvnX+3OA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org