Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3697F9B/C6DEF4DCE24611EA8D16EF50F8AEA228/10D082ECE25411EAB7E7505EF8AEA228.roa
File:                     10D082ECE25411EAB7E7505EF8AEA228.roa (raw, json)
Hash identifier:          HCeS+ur8bLRwVYC7j4CEZcmf2zW7Wq0HlwhQZaJebjk=
Subject key identifier:   7D:85:EC:7A:FD:D4:63:68:66:E6:90:B3:5C:FB:9B:C6:50:B8:81:43
Certificate issuer:       /CN=F3697F9BAF/serialNumber=6BE93D42375F5875A2F8CAD28098854162D25048
Certificate serial:       06
Authority key identifier: 6B:E9:3D:42:37:5F:58:75:A2:F8:CA:D2:80:98:85:41:62:D2:50:48
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/a-k9QjdfWHWi-MrSgJiFQWLSUEg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3697F9B/C6DEF4DCE24611EA8D16EF50F8AEA228/10D082ECE25411EAB7E7505EF8AEA228.roa
Signing time:             Wed 19 Aug 2020 19:42:08 +0000
ROA not before:           Wed 19 Aug 2020 19:42:03 +0000
ROA not after:            Sun 18 Aug 2030 19:42:03 +0000
asID:                     8075
IP address blocks:        102.133.0.0/16 maxlen: 16

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3697F9B/C6DEF4DCE24611EA8D16EF50F8AEA228/a-k9QjdfWHWi-MrSgJiFQWLSUEg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3697F9B/C6DEF4DCE24611EA8D16EF50F8AEA228/a-k9QjdfWHWi-MrSgJiFQWLSUEg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/a-k9QjdfWHWi-MrSgJiFQWLSUEg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3697F9BAF/serialNumber=6BE93D42375F5875A2F8CAD28098854162D25048
        Validity
            Not Before: Aug 19 19:42:03 2020 GMT
            Not After : Aug 18 19:42:03 2030 GMT
        Subject: CN=5f3d8090-a85c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e3:62:71:7e:de:78:40:2a:aa:d2:90:4d:d4:
                    9c:fb:0e:98:24:b8:69:e6:fb:50:62:fa:c3:16:af:
                    4d:01:d6:f5:e0:8c:2b:09:82:aa:3a:5f:ee:f2:e0:
                    43:c4:ef:9a:7e:b2:8b:bf:30:f7:d3:6e:08:e4:33:
                    9e:87:e5:fb:22:09:fb:e8:a8:4a:7b:e7:ae:7b:6c:
                    aa:71:4e:fd:a7:d6:cb:7b:eb:70:81:2b:e5:4f:13:
                    57:59:05:d0:56:a2:ff:69:6e:d9:23:25:17:8f:13:
                    5b:d4:bf:52:07:cf:eb:46:aa:3e:87:7e:54:17:e7:
                    4e:18:d4:16:77:99:b0:4c:ed:c9:17:f9:0c:2b:b4:
                    b7:6d:0f:fb:f3:ff:ce:be:95:00:5e:1c:29:78:5e:
                    5e:85:00:0e:e4:7c:72:8a:c9:49:68:64:d3:95:8a:
                    16:c8:2e:7f:01:f4:6d:5f:35:1f:77:2e:86:f5:25:
                    7f:36:1e:fd:bc:7d:c1:9d:d5:fb:7c:7a:ea:dd:2c:
                    e7:3c:a1:83:89:35:75:67:bd:ec:91:7b:15:70:8e:
                    37:ea:85:04:00:45:ea:ba:25:6f:78:d9:cd:0e:da:
                    43:e4:3e:39:e3:f0:8e:39:ea:90:ff:dc:58:df:f0:
                    79:e0:b1:be:e3:ad:7f:4c:b9:62:03:b5:5f:d5:f7:
                    2d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:85:EC:7A:FD:D4:63:68:66:E6:90:B3:5C:FB:9B:C6:50:B8:81:43
            X509v3 Authority Key Identifier:
                keyid:6B:E9:3D:42:37:5F:58:75:A2:F8:CA:D2:80:98:85:41:62:D2:50:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3697F9B/C6DEF4DCE24611EA8D16EF50F8AEA228/a-k9QjdfWHWi-MrSgJiFQWLSUEg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/a-k9QjdfWHWi-MrSgJiFQWLSUEg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3697F9B/C6DEF4DCE24611EA8D16EF50F8AEA228/10D082ECE25411EAB7E7505EF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.133.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         05:a0:be:d3:bb:66:40:3a:20:41:bd:a8:39:18:d1:80:8e:f8:
         02:f3:4c:0e:ec:92:6f:14:e2:0b:fa:ed:65:7c:d6:f6:91:74:
         64:96:bf:0c:31:be:d8:94:6c:d2:f9:79:06:c6:8f:bc:6c:c4:
         99:fd:88:49:5e:da:2a:3f:6e:e8:ac:9f:b9:bb:c2:e4:10:80:
         71:48:4e:a8:e0:15:6a:06:c6:88:a1:a9:09:b9:e9:e3:13:78:
         cc:06:8e:bb:f6:3f:73:88:52:86:fd:c5:4c:aa:4b:34:37:5e:
         35:5b:fa:0c:2c:2a:cd:b7:50:33:eb:8a:2a:74:4e:57:50:61:
         a7:eb:82:8f:c9:f2:5e:03:7f:f3:39:90:dd:dd:51:b7:2b:80:
         68:24:ff:56:75:d6:c9:97:db:7c:fc:21:e9:d5:43:7e:88:eb:
         a4:ce:c6:fb:9d:6d:97:10:4e:57:98:7d:4a:cc:96:75:c3:cd:
         36:d2:ee:04:6c:7f:bc:c7:6d:d3:e5:e7:5d:f6:33:73:b4:67:
         1c:20:58:04:08:c2:56:95:1c:e1:ca:2d:6f:08:bc:93:ab:38:
         13:6f:d2:0e:d6:29:c5:93:69:79:56:07:c3:86:71:aa:d6:98:
         2c:6b:c6:bd:20:7b:b9:55:5d:33:e2:b4:9c:b0:30:0e:39:ca:
         c0:9e:47:5b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY5
N0Y5QkFGMTEwLwYDVQQFEyg2QkU5M0Q0MjM3NUY1ODc1QTJGOENBRDI4MDk4ODU0
MTYyRDI1MDQ4MB4XDTIwMDgxOTE5NDIwM1oXDTMwMDgxODE5NDIwM1owGDEWMBQG
A1UEAxMNNWYzZDgwOTAtYTg1YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7jYnF+3nhAKqrSkE3UnPsOmCS4aeb7UGL6wxavTQHW9eCMKwmCqjpf7vLg
Q8Tvmn6yi78w99NuCOQznofl+yIJ++ioSnvnrntsqnFO/afWy3vrcIEr5U8TV1kF
0Fai/2lu2SMlF48TW9S/UgfP60aqPod+VBfnThjUFneZsEztyRf5DCu0t20P+/P/
zr6VAF4cKXheXoUADuR8corJSWhk05WKFsgufwH0bV81H3cuhvUlfzYe/bx9wZ3V
+3x66t0s5zyhg4k1dWe97JF7FXCON+qFBABF6rolb3jZzQ7aQ+Q+OePwjjnqkP/c
WN/weeCxvuOtf0y5YgO1X9X3LdUCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBR9hex6
/dRjaGbmkLNc+5vGULiBQzAfBgNVHSMEGDAWgBRr6T1CN19YdaL4ytKAmIVBYtJQ
SDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OTdGOUIvQzZERUY0RENFMjQ2MTFFQThEMTZFRjUwRjhBRUEyMjgvYS1rOVFq
ZGZXSFdpLU1yU2dKaUZRV0xTVUVnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvYS1rOVFqZGZXSFdpLU1yU2dKaUZRV0xTVUVnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OTdGOUIvQzZERUY0RENFMjQ2MTFFQThEMTZFRjUwRjhB
RUEyMjgvMTBEMDgyRUNFMjU0MTFFQUI3RTc1MDVFRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAGaFMA0GCSqGSIb3DQEBCwUA
A4IBAQAFoL7Tu2ZAOiBBvag5GNGAjvgC80wO7JJvFOIL+u1lfNb2kXRklr8MMb7Y
lGzS+XkGxo+8bMSZ/YhJXtoqP27orJ+5u8LkEIBxSE6o4BVqBsaIoakJuenjE3jM
Bo679j9ziFKG/cVMqks0N141W/oMLCrNt1Az64oqdE5XUGGn64KPyfJeA3/zOZDd
3VG3K4BoJP9WddbJl9t8/CHp1UN+iOukzsb7nW2XEE5XmH1KzJZ1w8020u4EbH+8
x23T5edd9jNztGccIFgECMJWlRzhyi1vCLyTqzgTb9IO1inFk2l5VgfDhnGq1pgs
a8a9IHu5VV0z4rScsDAOOcrAnkdb
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:15 2024 by rpki-client on console-ams.rpki-client.org