Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/E8A5A2BCCBC911EE8E9BEF77775412E6.roa
File:                     E8A5A2BCCBC911EE8E9BEF77775412E6.roa (raw, json)
Hash identifier:          uW1ZZtqf2li8jzBd7IN42gC/xPbqnD5CcVOfHA/YQtE=
Subject key identifier:   A2:31:CF:A1:78:AA:04:53:F5:04:50:ED:B1:A1:F2:41:7A:DA:05:21
Certificate issuer:       /CN=F3688163AF/serialNumber=79147D3D6E537ED687D0857BAF84928118FDA4E5
Certificate serial:       02
Authority key identifier: 79:14:7D:3D:6E:53:7E:D6:87:D0:85:7B:AF:84:92:81:18:FD:A4:E5
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/eRR9PW5TftaH0IV7r4SSgRj9pOU.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/E8A5A2BCCBC911EE8E9BEF77775412E6.roa
Signing time:             Thu 15 Feb 2024 06:17:35 +0000
ROA not before:           Thu 15 Feb 2024 06:17:31 +0000
ROA not after:            Wed 15 Feb 2034 06:17:31 +0000
asID:                     329395
IP address blocks:        102.209.244.0/22 maxlen: 24
                          2c0f:6b40::/32 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/eRR9PW5TftaH0IV7r4SSgRj9pOU.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/eRR9PW5TftaH0IV7r4SSgRj9pOU.mft
                          rsync://rpki.afrinic.net/repository/afrinic/eRR9PW5TftaH0IV7r4SSgRj9pOU.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3688163AF/serialNumber=79147D3D6E537ED687D0857BAF84928118FDA4E5
        Validity
            Not Before: Feb 15 06:17:31 2024 GMT
            Not After : Feb 15 06:17:31 2034 GMT
        Subject: CN=65cdac7f-52c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:64:32:81:fc:9c:64:99:41:ad:0b:da:40:72:
                    e6:f4:45:63:63:3d:18:d9:32:83:22:8a:67:f3:7e:
                    a5:2d:44:41:01:ef:a8:3b:24:6a:9a:b6:30:91:96:
                    b0:e9:71:e4:06:02:79:fa:22:89:bb:dc:a9:26:58:
                    39:fd:a6:35:58:55:4f:9f:45:ed:c9:85:e4:76:1b:
                    fc:90:e5:c6:f8:c3:22:96:8a:7b:85:84:53:e8:28:
                    51:6c:7c:20:7f:1a:05:b5:b1:d7:73:df:b9:10:ef:
                    42:c5:e2:48:f4:bc:2b:f4:c1:0c:ba:9d:23:cb:76:
                    7e:b2:c0:9a:2b:ef:52:15:0e:d1:39:d5:5c:7d:c0:
                    85:d5:8c:48:c8:12:8d:af:13:c3:bd:05:93:0f:a1:
                    bc:df:ae:59:aa:84:a7:2e:6c:a7:70:89:c2:ee:74:
                    c1:12:5a:e8:1e:c1:be:fa:aa:ae:9b:6a:ba:7b:f4:
                    d2:93:7d:30:44:9c:30:5f:0e:9a:e5:bf:9e:bf:f5:
                    fd:85:5b:3f:36:d2:f7:a7:c3:40:68:72:3e:69:00:
                    1f:51:e4:c4:83:88:8c:00:7d:0e:cf:68:e9:a6:fd:
                    50:71:f3:4e:e2:e3:db:0f:26:f5:87:4f:35:39:47:
                    db:f4:5d:c7:fe:49:f8:64:ea:ad:bb:aa:e4:60:8e:
                    5d:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:31:CF:A1:78:AA:04:53:F5:04:50:ED:B1:A1:F2:41:7A:DA:05:21
            X509v3 Authority Key Identifier:
                keyid:79:14:7D:3D:6E:53:7E:D6:87:D0:85:7B:AF:84:92:81:18:FD:A4:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/eRR9PW5TftaH0IV7r4SSgRj9pOU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/eRR9PW5TftaH0IV7r4SSgRj9pOU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3688163/3982A74ECBC911EEA7F5F576775412E6/E8A5A2BCCBC911EE8E9BEF77775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.209.244.0/22
                IPv6:
                  2c0f:6b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         2e:b8:3c:f7:59:9f:96:a3:42:d7:f4:6b:12:68:a5:22:ae:28:
         4b:82:b9:47:d1:39:ad:74:0d:93:ba:11:bc:c0:f1:b3:ff:68:
         f2:c1:d5:ce:02:4f:cf:53:4f:04:d4:73:96:f0:e1:7d:36:79:
         0d:aa:f1:58:ef:da:f3:64:96:d4:39:54:7b:00:f3:4f:2e:bb:
         50:91:d7:60:82:b1:f3:2d:af:e1:52:3d:23:70:71:d0:20:db:
         d9:01:21:7d:da:9a:25:c4:16:98:61:d5:e1:d0:7d:84:b5:72:
         f3:6a:fe:4e:6d:c6:8e:f8:80:6f:44:8d:8f:9d:31:f5:3c:11:
         5d:c0:0d:21:3d:56:16:d0:ce:f9:75:2b:88:3e:f0:70:35:c9:
         5b:35:6e:c1:bc:da:6d:2c:9a:2c:59:43:7c:e4:63:63:0a:69:
         73:82:61:f1:d6:39:82:7a:27:a2:39:8b:ef:b0:e0:58:0f:c2:
         78:fc:9a:e6:2b:cc:d6:1c:33:2e:e1:c9:bf:25:91:26:84:cc:
         65:68:ae:a5:fa:3b:d5:70:55:fe:ac:3d:76:21:18:cd:0a:a3:
         6a:74:8b:58:62:80:e7:22:03:a9:c8:ab:a0:c6:ef:82:12:c5:
         8d:40:27:fc:6a:c4:76:36:d1:60:0e:32:12:d3:61:47:f6:5f:
         5f:22:d3:14
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY4
ODE2M0FGMTEwLwYDVQQFEyg3OTE0N0QzRDZFNTM3RUQ2ODdEMDg1N0JBRjg0OTI4
MTE4RkRBNEU1MB4XDTI0MDIxNTA2MTczMVoXDTM0MDIxNTA2MTczMVowGDEWMBQG
A1UEAxMNNjVjZGFjN2YtNTJjOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxkMoH8nGSZQa0L2kBy5vRFY2M9GNkygyKKZ/N+pS1EQQHvqDskapq2MJGW
sOlx5AYCefoiibvcqSZYOf2mNVhVT59F7cmF5HYb/JDlxvjDIpaKe4WEU+goUWx8
IH8aBbWx13PfuRDvQsXiSPS8K/TBDLqdI8t2frLAmivvUhUO0TnVXH3AhdWMSMgS
ja8Tw70Fkw+hvN+uWaqEpy5sp3CJwu50wRJa6B7Bvvqqrptqunv00pN9MEScMF8O
muW/nr/1/YVbPzbS96fDQGhyPmkAH1HkxIOIjAB9Ds9o6ab9UHHzTuLj2w8m9YdP
NTlH2/Rdx/5J+GTqrbuq5GCOXY8CAwEAAaOCArQwggKwMB0GA1UdDgQWBBSiMc+h
eKoEU/UEUO2xofJBetoFITAfBgNVHSMEGDAWgBR5FH09blN+1ofQhXuvhJKBGP2k
5TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODgxNjMvMzk4MkE3NEVDQkM5MTFFRUE3RjVGNTc2Nzc1NDEyRTYvZVJSOVBX
NVRmdGFIMElWN3I0U1NnUmo5cE9VLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZVJSOVBXNVRmdGFIMElWN3I0U1NnUmo5cE9VLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2ODgxNjMvMzk4MkE3NEVDQkM5MTFFRUE3RjVGNTc2Nzc1
NDEyRTYvRThBNUEyQkNDQkM5MTFFRThFOUJFRjc3Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbR9DANBAIAAjAHAwUALA9r
QDANBgkqhkiG9w0BAQsFAAOCAQEALrg891mflqNC1/RrEmilIq4oS4K5R9E5rXQN
k7oRvMDxs/9o8sHVzgJPz1NPBNRzlvDhfTZ5DarxWO/a82SW1DlUewDzTy67UJHX
YIKx8y2v4VI9I3Bx0CDb2QEhfdqaJcQWmGHV4dB9hLVy82r+Tm3GjviAb0SNj50x
9TwRXcANIT1WFtDO+XUriD7wcDXJWzVuwbzabSyaLFlDfORjYwppc4Jh8dY5gnon
ojmL77DgWA/CePya5ivM1hwzLuHJvyWRJoTMZWiupfo71XBV/qw9diEYzQqjanSL
WGKA5yIDqciroMbvghLFjUAn/GrEdjbRYA4yEtNhR/ZfXyLTFA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:05 2024 by rpki-client on console-ams.rpki-client.org