Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/C1E11DF2C9F811EC8EF65BCDF1222468.roa
File:                     C1E11DF2C9F811EC8EF65BCDF1222468.roa (raw, json)
Hash identifier:          cjfho8EHQEv43WroTa6NNGIUf9j7w7qHahJeAutEI1k=
Subject key identifier:   82:B3:9D:D6:F9:BA:34:BC:EE:FE:36:83:A3:48:F1:38:75:05:48:ED
Certificate issuer:       /CN=F369F2FAAF/serialNumber=9478315A1E5C5615A9228BBECA48A396870B847E
Certificate serial:       26
Authority key identifier: 94:78:31:5A:1E:5C:56:15:A9:22:8B:BE:CA:48:A3:96:87:0B:84:7E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/lHgxWh5cVhWpIou-ykijlocLhH4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/C1E11DF2C9F811EC8EF65BCDF1222468.roa
Signing time:             Mon 02 May 2022 09:17:58 +0000
ROA not before:           Mon 02 May 2022 09:17:53 +0000
ROA not after:            Tue 13 Apr 2027 09:17:53 +0000
asID:                     22750
IP address blocks:        41.66.64.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/lHgxWh5cVhWpIou-ykijlocLhH4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/lHgxWh5cVhWpIou-ykijlocLhH4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/lHgxWh5cVhWpIou-ykijlocLhH4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38 (0x26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369F2FAAF/serialNumber=9478315A1E5C5615A9228BBECA48A396870B847E
        Validity
            Not Before: May  2 09:17:53 2022 GMT
            Not After : Apr 13 09:17:53 2027 GMT
        Subject: CN=626fa1c6-37bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:cc:f9:19:d6:db:55:35:dc:fe:79:bb:7b:b0:
                    ff:f3:76:84:7d:96:b6:c9:c4:1a:e4:21:d2:e0:86:
                    20:ea:bb:b9:f6:4d:48:5d:0d:cd:18:ce:d7:86:e6:
                    35:1c:e2:b0:a3:ac:de:67:55:44:50:a6:cb:3e:d1:
                    5d:17:cb:01:57:8e:09:b4:05:a6:b8:50:4d:85:a9:
                    95:53:58:9e:e1:3a:d3:bb:43:d6:52:2c:ac:ce:6d:
                    91:01:ee:f0:9c:61:7f:3e:db:8e:3c:5b:7e:7e:54:
                    de:6c:41:b3:b0:53:f7:b5:cc:60:23:bb:a5:50:09:
                    06:0a:21:44:6b:ea:da:74:d3:da:16:91:86:8f:43:
                    19:17:7e:b3:2a:d6:91:75:de:62:7c:01:83:49:95:
                    4a:76:de:4d:1f:91:3a:65:ac:20:40:67:b3:27:cb:
                    24:df:b4:5a:b0:f6:d8:cb:38:8c:2b:9e:96:ff:45:
                    16:69:11:2f:58:2e:7e:ce:5c:ee:d5:31:af:c0:d4:
                    bc:20:34:f2:68:43:f5:47:15:96:ae:b6:a8:74:f5:
                    0c:59:f9:75:29:f6:18:4b:d3:2f:a9:a2:f5:d2:7c:
                    ec:82:df:db:4b:21:0f:f3:51:8a:17:92:99:b7:f0:
                    45:f6:8b:25:68:01:31:88:eb:9c:30:a5:f3:99:d2:
                    1b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:B3:9D:D6:F9:BA:34:BC:EE:FE:36:83:A3:48:F1:38:75:05:48:ED
            X509v3 Authority Key Identifier:
                keyid:94:78:31:5A:1E:5C:56:15:A9:22:8B:BE:CA:48:A3:96:87:0B:84:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/lHgxWh5cVhWpIou-ykijlocLhH4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/lHgxWh5cVhWpIou-ykijlocLhH4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369F2FA/69B05CBABB0C11ECA7DC65BB5A40D577/C1E11DF2C9F811EC8EF65BCDF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.66.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         2f:ff:5f:b0:c7:22:10:ec:d1:a5:7e:00:95:e8:a7:51:3e:f3:
         97:5a:a6:64:c1:0a:90:9f:7d:db:18:f0:c0:53:b4:86:89:b0:
         79:6e:00:b0:d4:15:9f:b9:e0:3d:03:46:fd:5f:11:d9:50:61:
         ff:53:2a:41:35:5e:c9:3c:eb:a4:56:a0:8b:77:27:f8:5a:40:
         2f:84:79:18:1f:d6:7a:3b:b4:ff:47:b7:6b:dc:fa:d3:29:38:
         3f:57:98:27:53:7c:36:3d:20:f8:45:fa:db:2e:e9:69:ff:4b:
         95:60:0f:38:76:d2:73:29:f0:a8:be:a6:0a:8b:1f:cb:73:ea:
         39:da:2b:65:73:e4:26:e8:dc:df:4a:3f:50:2e:fb:e8:da:1a:
         cf:d3:fb:af:f4:e8:8b:6e:30:31:60:36:9f:e2:a7:ef:a8:31:
         b6:d4:ab:8d:89:ee:81:92:70:df:84:76:c3:0d:7f:e8:13:ac:
         53:83:99:5e:70:c6:80:d9:de:95:8d:f1:ec:99:d7:de:e9:ba:
         47:65:9d:1d:eb:42:56:8d:2a:cb:4f:bd:0c:81:bd:f7:e6:41:
         f6:36:14:50:0e:2f:2a:0f:b1:bb:cf:94:48:79:e8:72:eb:fc:
         aa:f5:81:fa:48:c4:36:cf:48:f2:cd:29:0d:f5:27:d8:5e:50:
         13:af:18:1a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY5
RjJGQUFGMTEwLwYDVQQFEyg5NDc4MzE1QTFFNUM1NjE1QTkyMjhCQkVDQTQ4QTM5
Njg3MEI4NDdFMB4XDTIyMDUwMjA5MTc1M1oXDTI3MDQxMzA5MTc1M1owGDEWMBQG
A1UEAwwNNjI2ZmExYzYtMzdiYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvM+RnW21U13P55u3uw//N2hH2WtsnEGuQh0uCGIOq7ufZNSF0NzRjO14bm
NRzisKOs3mdVRFCmyz7RXRfLAVeOCbQFprhQTYWplVNYnuE607tD1lIsrM5tkQHu
8Jxhfz7bjjxbfn5U3mxBs7BT97XMYCO7pVAJBgohRGvq2nTT2haRho9DGRd+syrW
kXXeYnwBg0mVSnbeTR+ROmWsIEBnsyfLJN+0WrD22Ms4jCuelv9FFmkRL1gufs5c
7tUxr8DUvCA08mhD9UcVlq62qHT1DFn5dSn2GEvTL6mi9dJ87ILf20shD/NRiheS
mbfwRfaLJWgBMYjrnDCl85nSG8cCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSCs53W
+bo0vO7+NoOjSPE4dQVI7TAfBgNVHSMEGDAWgBSUeDFaHlxWFakii77KSKOWhwuE
fjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2OUYyRkEvNjlCMDVDQkFCQjBDMTFFQ0E3REM2NUJCNUE0MEQ1NzcvbEhneFdo
NWNWaFdwSW91LXlraWpsb2NMaEg0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvbEhneFdoNWNWaFdwSW91LXlraWpsb2NMaEg0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2OUYyRkEvNjlCMDVDQkFCQjBDMTFFQ0E3REM2NUJCNUE0
MEQ1NzcvQzFFMTFERjJDOUY4MTFFQzhFRjY1QkNERjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBilCQDANBgkqhkiG9w0BAQsF
AAOCAQEAL/9fsMciEOzRpX4AleinUT7zl1qmZMEKkJ992xjwwFO0homweW4AsNQV
n7ngPQNG/V8R2VBh/1MqQTVeyTzrpFagi3cn+FpAL4R5GB/Weju0/0e3a9z60yk4
P1eYJ1N8Nj0g+EX62y7paf9LlWAPOHbScynwqL6mCosfy3PqOdorZXPkJujc30o/
UC776Noaz9P7r/Toi24wMWA2n+Kn76gxttSrjYnugZJw34R2ww1/6BOsU4OZXnDG
gNnelY3x7JnX3um6R2WdHetCVo0qy0+9DIG99+ZB9jYUUA4vKg+xu8+USHnocuv8
qvWB+kjENs9I8s0pDfUn2F5QE68YGg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:18 2024 by rpki-client on console-ams.rpki-client.org