Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/82582254CA8011EE91776F59775412E6.roa
File:                     82582254CA8011EE91776F59775412E6.roa (raw, json)
Hash identifier:          KHKCU5wTozzWPAiGO4/KcKTOvEObCHZkPGCpy6PxPTY=
Subject key identifier:   3D:BA:7D:A5:0A:99:A6:71:BF:E9:44:40:E4:C6:7E:69:F4:25:72:06
Certificate issuer:       /CN=F3683E8BAF/serialNumber=82FB7E31CDC3C99EE8EC8C6F0118E3BD8B945154
Certificate serial:       02
Authority key identifier: 82:FB:7E:31:CD:C3:C9:9E:E8:EC:8C:6F:01:18:E3:BD:8B:94:51:54
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/82582254CA8011EE91776F59775412E6.roa
Signing time:             Tue 13 Feb 2024 14:59:39 +0000
ROA not before:           Tue 13 Feb 2024 14:59:35 +0000
ROA not after:            Fri 13 Feb 2026 14:59:35 +0000
asID:                     328825
IP address blocks:        102.220.96.0/22 maxlen: 24
                          2c0f:6200::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3683E8BAF/serialNumber=82FB7E31CDC3C99EE8EC8C6F0118E3BD8B945154
        Validity
            Not Before: Feb 13 14:59:35 2024 GMT
            Not After : Feb 13 14:59:35 2026 GMT
        Subject: CN=65cb83db-6455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:6b:ce:9a:bb:8a:08:8e:d6:3b:f6:c6:6c:9f:
                    53:74:0f:5f:79:98:0e:6d:94:ef:84:ee:a0:a1:fe:
                    5f:45:e9:bb:59:b8:f0:48:7c:b2:63:e8:09:87:1d:
                    f2:fa:e2:98:c9:4f:71:9a:56:d8:b4:00:c2:96:26:
                    99:38:1b:3f:7a:a2:f3:22:84:4a:ca:1f:e0:bb:aa:
                    40:62:88:da:c7:4a:c1:bf:78:76:d1:14:7c:a8:0a:
                    ab:c0:26:81:25:b0:65:82:2c:66:74:54:bc:ca:88:
                    4e:c1:fd:4d:55:e4:45:f7:e6:21:da:70:08:01:12:
                    9f:51:07:bc:d4:02:eb:d8:c9:ee:86:11:7f:41:f3:
                    48:3c:cd:94:d9:1c:b1:56:f6:dd:93:83:f8:24:0e:
                    6d:11:23:1d:1c:20:51:5c:a9:3f:fd:63:ee:f6:32:
                    a0:ef:5f:d5:96:d4:be:8f:33:a6:41:30:e2:86:cd:
                    5e:13:80:12:e1:af:19:1d:4e:01:e6:7c:7f:d7:f0:
                    3f:19:cb:77:d3:1f:95:0d:24:40:45:f3:4c:dd:32:
                    e6:18:76:83:79:21:87:06:4d:69:f0:98:95:2a:d0:
                    7b:69:73:4f:a0:dd:70:1f:8a:a0:09:a9:07:f7:36:
                    25:05:0c:ff:45:60:87:e9:27:be:3d:e8:79:cf:cc:
                    74:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:BA:7D:A5:0A:99:A6:71:BF:E9:44:40:E4:C6:7E:69:F4:25:72:06
            X509v3 Authority Key Identifier:
                keyid:82:FB:7E:31:CD:C3:C9:9E:E8:EC:8C:6F:01:18:E3:BD:8B:94:51:54

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvt-Mc3DyZ7o7IxvARjjvYuUUVQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3683E8B/9AF3BFD6CA7F11EE8AB31958775412E6/82582254CA8011EE91776F59775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.96.0/22
                IPv6:
                  2c0f:6200::/32

    Signature Algorithm: sha256WithRSAEncryption
         a8:9d:db:08:dc:33:cc:b6:22:97:38:4c:b9:28:8a:8b:d9:b5:
         76:d1:fd:1e:6d:0c:bf:f3:98:2b:e9:81:00:0c:12:ed:d7:7e:
         9b:18:d2:65:45:d1:57:90:0b:6e:27:0f:3a:a0:7a:40:83:8e:
         fe:2e:a7:fc:74:0d:c4:84:d2:78:89:1c:34:21:b1:3e:33:8f:
         3f:80:2f:b8:a2:80:29:6f:61:06:96:5c:a7:4f:00:17:73:84:
         e0:14:ff:24:e6:2c:c5:32:85:b4:ef:72:2c:b6:91:46:27:42:
         e5:b0:cd:b0:9e:2c:22:77:af:e3:0e:71:67:96:83:15:84:4f:
         ee:90:c3:25:63:6f:d9:a0:79:99:6e:99:64:be:56:54:e9:ac:
         37:58:39:3f:fb:b4:0c:1f:14:39:64:67:80:27:58:a1:bf:a6:
         66:29:c3:79:2e:eb:5f:c9:96:87:58:3c:3c:8c:db:b1:69:4c:
         fe:70:0a:9a:1c:29:85:15:c2:c5:f0:67:b2:e5:12:b3:17:e5:
         91:14:66:29:bb:4a:fb:30:ea:8f:2d:a2:a0:28:a9:ca:8c:2f:
         3e:03:b0:a3:94:d3:48:6a:2f:c0:62:97:06:25:f0:4a:98:9a:
         09:63:79:df:b4:1a:70:06:ea:9f:48:fd:fc:95:4b:21:ca:39:
         11:0d:ca:07
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
M0U4QkFGMTEwLwYDVQQFEyg4MkZCN0UzMUNEQzNDOTlFRThFQzhDNkYwMTE4RTNC
RDhCOTQ1MTU0MB4XDTI0MDIxMzE0NTkzNVoXDTI2MDIxMzE0NTkzNVowGDEWMBQG
A1UEAxMNNjVjYjgzZGItNjQ1NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1rzpq7igiO1jv2xmyfU3QPX3mYDm2U74TuoKH+X0Xpu1m48Eh8smPoCYcd
8vrimMlPcZpW2LQAwpYmmTgbP3qi8yKESsof4LuqQGKI2sdKwb94dtEUfKgKq8Am
gSWwZYIsZnRUvMqITsH9TVXkRffmIdpwCAESn1EHvNQC69jJ7oYRf0HzSDzNlNkc
sVb23ZOD+CQObREjHRwgUVypP/1j7vYyoO9f1ZbUvo8zpkEw4obNXhOAEuGvGR1O
AeZ8f9fwPxnLd9MflQ0kQEXzTN0y5hh2g3khhwZNafCYlSrQe2lzT6DdcB+KoAmp
B/c2JQUM/0Vgh+knvj3oec/MdOsCAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ9un2l
Cpmmcb/pREDkxn5p9CVyBjAfBgNVHSMEGDAWgBSC+34xzcPJnujsjG8BGOO9i5RR
VDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODNFOEIvOUFGM0JGRDZDQTdGMTFFRThBQjMxOTU4Nzc1NDEyRTYvZ3Z0LU1j
M0R5WjdvN0l4dkFSamp2WXVVVVZRLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZ3Z0LU1jM0R5WjdvN0l4dkFSamp2WXVVVVZRLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODNFOEIvOUFGM0JGRDZDQTdGMTFFRThBQjMxOTU4Nzc1
NDEyRTYvODI1ODIyNTRDQTgwMTFFRTkxNzc2RjU5Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbcYDANBAIAAjAHAwUALA9i
ADANBgkqhkiG9w0BAQsFAAOCAQEAqJ3bCNwzzLYilzhMuSiKi9m1dtH9Hm0Mv/OY
K+mBAAwS7dd+mxjSZUXRV5ALbicPOqB6QIOO/i6n/HQNxITSeIkcNCGxPjOPP4Av
uKKAKW9hBpZcp08AF3OE4BT/JOYsxTKFtO9yLLaRRidC5bDNsJ4sInev4w5xZ5aD
FYRP7pDDJWNv2aB5mW6ZZL5WVOmsN1g5P/u0DB8UOWRngCdYob+mZinDeS7rX8mW
h1g8PIzbsWlM/nAKmhwphRXCxfBnsuUSsxflkRRmKbtK+zDqjy2ioCipyowvPgOw
o5TTSGovwGKXBiXwSpiaCWN537QacAbqn0j9/JVLIco5EQ3KBw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 04:18:04 2024 by rpki-client on console-ams.rpki-client.org