Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/69AEB78E530311EF9077AE64762E951A.roa
File:                     69AEB78E530311EF9077AE64762E951A.roa (raw, json)
Hash identifier:          E4VODpaqhjbkv8v5w951ym1Fa5+dCcgEt3t+eKxFQYY=
Subject key identifier:   97:47:F3:43:B7:2F:1D:BA:C8:35:C3:85:E7:51:48:C5:7A:E6:47:D3
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       0587
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/69AEB78E530311EF9077AE64762E951A.roa
Signing time:             Mon 05 Aug 2024 08:19:20 +0000
ROA not before:           Mon 05 Aug 2024 08:19:16 +0000
ROA not after:            Mon 31 Mar 2025 08:19:16 +0000
asID:                     174
IP address blocks:        102.177.152.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1415 (0x587)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
        Validity
            Not Before: Aug  5 08:19:16 2024 GMT
            Not After : Mar 31 08:19:16 2025 GMT
        Subject: CN=66b08b07-bb58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:66:c7:be:e7:c2:91:6b:c4:c7:c4:1c:cb:24:
                    3c:bd:36:a2:b9:90:b7:e7:db:20:1f:6c:72:3a:16:
                    fd:f6:d1:6d:8a:3d:05:5a:05:a0:61:2b:e6:a4:5e:
                    be:2a:5c:3e:ec:0d:aa:47:76:5e:e2:c1:70:0d:22:
                    55:ec:9b:d1:f6:d0:a5:07:01:d5:1f:59:dd:37:5c:
                    76:de:d6:9e:1e:af:f3:1a:2a:4d:fb:c0:af:01:d2:
                    79:6b:bb:38:fa:1a:e5:c7:6b:c8:f2:c8:e6:7f:ef:
                    11:82:b1:2a:f1:cc:6c:45:41:2d:65:1a:ba:a2:ba:
                    2d:78:63:d1:bc:df:ff:d5:55:bd:b5:61:73:50:c2:
                    a7:f8:9d:6d:d0:73:d1:7d:c8:8a:bb:1f:89:da:12:
                    e1:b4:36:af:af:3f:d4:89:2f:42:3a:0b:8b:71:28:
                    08:56:29:e0:b6:22:5b:95:13:aa:f0:59:bc:b4:67:
                    fe:a1:89:a8:29:67:35:13:a0:dc:9b:1a:7b:18:b5:
                    e9:c0:84:98:d2:af:87:f0:f5:91:e4:bc:2d:d6:fc:
                    9b:00:61:12:f1:31:e8:47:8e:e4:1b:2a:2f:1f:86:
                    64:8b:b0:74:ec:ba:01:9a:a5:58:15:3b:68:a6:0a:
                    be:cb:56:5b:ed:02:20:34:15:47:9a:07:d1:0e:93:
                    6e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:47:F3:43:B7:2F:1D:BA:C8:35:C3:85:E7:51:48:C5:7A:E6:47:D3
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/69AEB78E530311EF9077AE64762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         61:31:38:27:01:52:39:1d:1b:95:0e:47:d4:dc:f8:87:53:4d:
         eb:aa:d2:1f:fe:c4:28:bf:90:46:96:41:39:c5:71:fe:b8:b6:
         f8:88:86:1d:7e:8a:e6:7a:67:95:5a:ba:da:51:06:77:22:af:
         fb:24:2e:f5:39:c5:1d:52:5f:00:e7:85:52:3e:76:fc:51:ed:
         b5:9d:aa:e7:5a:62:4d:44:2d:7b:e5:82:c8:e4:76:45:ad:72:
         43:6e:38:09:4b:6f:9a:9d:36:8a:89:1d:40:a7:e9:ea:71:40:
         5c:6c:a2:2c:9a:d7:40:74:2c:12:7d:53:7f:8d:44:be:31:e5:
         4b:24:67:73:62:3f:ff:8c:02:6c:38:e0:49:5d:17:cc:df:5f:
         f4:ee:a5:3b:ea:3a:bf:c5:c5:50:49:49:4f:24:14:b7:61:f1:
         ab:a1:25:d2:17:0d:13:b8:23:64:99:4b:40:5e:27:fb:83:bb:
         b1:b7:9d:35:d0:ca:eb:6f:c3:d5:24:50:93:fe:73:0e:0e:64:
         20:4e:4e:66:70:df:96:6d:12:57:08:33:fd:5f:11:3b:71:82:
         61:55:ed:bd:06:b5:66:a5:3e:68:48:0f:1b:51:35:58:5d:b4:
         4f:62:38:16:04:0a:dd:a9:8a:d8:31:11:bd:f9:e8:a1:ff:76:
         cb:3f:af:24
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBYcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNDA4MDUwODE5MTZaFw0yNTAzMzEwODE5MTZaMBgxFjAU
BgNVBAMTDTY2YjA4YjA3LWJiNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvZse+58KRa8THxBzLJDy9NqK5kLfn2yAfbHI6Fv320W2KPQVaBaBhK+ak
Xr4qXD7sDapHdl7iwXANIlXsm9H20KUHAdUfWd03XHbe1p4er/MaKk37wK8B0nlr
uzj6GuXHa8jyyOZ/7xGCsSrxzGxFQS1lGrqiui14Y9G83//VVb21YXNQwqf4nW3Q
c9F9yIq7H4naEuG0Nq+vP9SJL0I6C4txKAhWKeC2IluVE6rwWby0Z/6hiagpZzUT
oNybGnsYtenAhJjSr4fw9ZHkvC3W/JsAYRLxMehHjuQbKi8fhmSLsHTsugGapVgV
O2imCr7LVlvtAiA0FUeaB9EOk26BAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUl0fz
Q7cvHbrINcOF51FIxXrmR9MwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzY5QUVCNzhFNTMwMzExRUY5MDc3QUU2NDc2MkU5NTFBLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANmsZgwDQYJKoZIhvcNAQEL
BQADggEBAGExOCcBUjkdG5UOR9Tc+IdTTeuq0h/+xCi/kEaWQTnFcf64tviIhh1+
iuZ6Z5VautpRBncir/skLvU5xR1SXwDnhVI+dvxR7bWdqudaYk1ELXvlgsjkdkWt
ckNuOAlLb5qdNoqJHUCn6epxQFxsoiya10B0LBJ9U3+NRL4x5UskZ3NiP/+MAmw4
4EldF8zfX/TupTvqOr/FxVBJSU8kFLdh8auhJdIXDRO4I2SZS0BeJ/uDu7G3nTXQ
yutvw9UkUJP+cw4OZCBOTmZw35ZtElcIM/1fETtxgmFV7b0GtWalPmhIDxtRNVhd
tE9iOBYECt2pitgxEb356KH/dss/ryQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:19:42 2024 by rpki-client on console-ams.rpki-client.org