Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/82B0CD28582C11ECB2ACE4C45A40D577.roa
File:                     82B0CD28582C11ECB2ACE4C45A40D577.roa (raw, json)
Hash identifier:          5WnTeUTvylt7jsHDPv28dWX8ugIJRfhq5fv0MFgaPjI=
Subject key identifier:   39:02:09:97:92:AA:09:7B:B0:DC:D6:4A:86:B9:EA:28:C6:D1:DB:C4
Certificate issuer:       /CN=F36BCC19AF/serialNumber=87C277EA5445529DD06B2FE5EE9F33CDC7CE84E0
Certificate serial:       0E
Authority key identifier: 87:C2:77:EA:54:45:52:9D:D0:6B:2F:E5:EE:9F:33:CD:C7:CE:84:E0
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/h8J36lRFUp3Qay_l7p8zzcfOhOA.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/82B0CD28582C11ECB2ACE4C45A40D577.roa
Signing time:             Wed 08 Dec 2021 13:41:14 +0000
ROA not before:           Wed 08 Dec 2021 13:41:10 +0000
ROA not after:            Thu 31 Dec 2048 13:41:10 +0000
asID:                     328250
IP address blocks:        102.220.40.0/22 maxlen: 24
                          2c0f:f8f8::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/h8J36lRFUp3Qay_l7p8zzcfOhOA.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/h8J36lRFUp3Qay_l7p8zzcfOhOA.mft
                          rsync://rpki.afrinic.net/repository/afrinic/h8J36lRFUp3Qay_l7p8zzcfOhOA.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14 (0xe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BCC19AF/serialNumber=87C277EA5445529DD06B2FE5EE9F33CDC7CE84E0
        Validity
            Not Before: Dec  8 13:41:10 2021 GMT
            Not After : Dec 31 13:41:10 2048 GMT
        Subject: CN=61b0b5fa-06df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:b7:46:3b:cb:d7:03:b1:24:be:07:3c:0c:57:
                    c2:51:0f:b0:d4:fa:bf:c3:d1:6c:af:d1:8d:15:cf:
                    92:2c:49:f0:63:7f:77:c7:4f:28:30:fd:18:27:3c:
                    d6:ea:4b:49:a6:67:39:cd:cb:ff:d4:34:f1:96:77:
                    f7:a0:0e:26:04:21:d6:c5:25:cf:45:b1:87:63:d1:
                    ad:79:b8:59:35:de:f0:34:be:31:a6:fd:e9:df:39:
                    06:be:6a:22:0c:ca:1d:41:51:ae:d6:ae:80:50:ec:
                    97:35:16:4a:de:39:78:fc:cd:9e:f3:d6:30:18:5d:
                    c1:cb:38:4b:fa:0a:a7:d3:5f:a4:8a:e7:c7:83:68:
                    f3:35:ca:01:90:7d:f7:a4:b7:d5:8e:a9:94:c5:e5:
                    74:79:81:18:27:fc:7c:90:48:2b:b0:df:d0:57:9f:
                    46:2a:62:a0:1c:7e:b7:7f:4c:6a:11:54:41:16:d1:
                    46:3c:f2:3c:c2:2d:7d:34:bc:0b:59:cd:44:b2:cf:
                    c8:df:ff:bd:e9:8e:fe:84:69:1e:87:07:f1:40:dd:
                    0a:21:8f:49:df:d9:c2:92:ec:f8:71:36:44:ad:eb:
                    f5:73:39:6a:2f:a9:4a:57:25:c9:54:04:d6:c5:12:
                    18:8f:bd:3f:43:6c:fa:d8:2c:3b:eb:16:72:69:0b:
                    0f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:02:09:97:92:AA:09:7B:B0:DC:D6:4A:86:B9:EA:28:C6:D1:DB:C4
            X509v3 Authority Key Identifier:
                keyid:87:C2:77:EA:54:45:52:9D:D0:6B:2F:E5:EE:9F:33:CD:C7:CE:84:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/h8J36lRFUp3Qay_l7p8zzcfOhOA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/h8J36lRFUp3Qay_l7p8zzcfOhOA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BCC19/F6336432550111ECB65B497AD8A014CE/82B0CD28582C11ECB2ACE4C45A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.220.40.0/22
                IPv6:
                  2c0f:f8f8::/32

    Signature Algorithm: sha256WithRSAEncryption
         2a:d0:a4:29:86:34:1c:e2:88:da:61:17:bd:b2:17:0d:33:28:
         25:1e:3e:ec:a1:f2:ba:24:f8:20:6a:91:d6:e9:42:59:03:2e:
         ed:b1:4c:0b:bd:2d:40:0d:a4:bb:9d:f0:d4:d4:f4:0b:4b:da:
         9a:4d:39:bb:65:71:5d:d9:bd:ac:3c:14:1a:7c:db:1c:9e:e7:
         44:b6:bc:c3:33:b9:68:9e:cf:e3:39:b8:55:b4:3d:83:89:03:
         56:9e:62:d2:e2:63:a3:7a:cf:74:21:1f:94:59:5d:7a:6d:6b:
         d3:5c:c3:d0:8a:e4:00:74:ae:56:f9:af:01:72:ed:d7:7e:bc:
         f3:e7:55:90:54:c1:a2:be:07:b1:de:d1:bc:17:52:72:c5:a8:
         1c:a2:ab:73:aa:cf:02:94:74:b6:ea:3c:47:8d:08:eb:30:39:
         6e:51:fe:89:66:fc:42:1d:4e:34:4c:5a:42:59:e3:ff:d0:60:
         f8:97:82:f7:04:33:5c:9a:8f:d4:90:f7:e2:58:65:35:2d:e0:
         4a:50:41:e0:70:98:d2:d0:5c:5c:9c:8b:e9:ab:ee:6b:2f:19:
         b9:38:5d:3d:f0:95:69:f3:39:d4:71:82:ac:a0:a5:26:ed:d6:
         39:a0:bc:e6:be:ce:db:d1:56:12:13:37:dc:d0:c6:c7:35:ab:
         c4:e0:e1:b9
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBDjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZC
Q0MxOUFGMTEwLwYDVQQFEyg4N0MyNzdFQTU0NDU1MjlERDA2QjJGRTVFRTlGMzND
REM3Q0U4NEUwMB4XDTIxMTIwODEzNDExMFoXDTQ4MTIzMTEzNDExMFowGDEWMBQG
A1UEAwwNNjFiMGI1ZmEtMDZkZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOy3RjvL1wOxJL4HPAxXwlEPsNT6v8PRbK/RjRXPkixJ8GN/d8dPKDD9GCc8
1upLSaZnOc3L/9Q08ZZ396AOJgQh1sUlz0Wxh2PRrXm4WTXe8DS+Mab96d85Br5q
IgzKHUFRrtaugFDslzUWSt45ePzNnvPWMBhdwcs4S/oKp9NfpIrnx4No8zXKAZB9
96S31Y6plMXldHmBGCf8fJBIK7Df0FefRipioBx+t39MahFUQRbRRjzyPMItfTS8
C1nNRLLPyN//vemO/oRpHocH8UDdCiGPSd/ZwpLs+HE2RK3r9XM5ai+pSlclyVQE
1sUSGI+9P0Ns+tgsO+sWcmkLD50CAwEAAaOCArQwggKwMB0GA1UdDgQWBBQ5AgmX
kqoJe7Dc1kqGueooxtHbxDAfBgNVHSMEGDAWgBSHwnfqVEVSndBrL+XunzPNx86E
4DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QkNDMTkvRjYzMzY0MzI1NTAxMTFFQ0I2NUI0OTdBRDhBMDE0Q0UvaDhKMzZs
UkZVcDNRYXlfbDdwOHp6Y2ZPaE9BLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaDhKMzZsUkZVcDNRYXlfbDdwOHp6Y2ZPaE9BLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2QkNDMTkvRjYzMzY0MzI1NTAxMTFFQ0I2NUI0OTdBRDhB
MDE0Q0UvODJCMENEMjg1ODJDMTFFQ0IyQUNFNEM0NUE0MEQ1Nzcucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbcKDANBAIAAjAHAwUALA/4
+DANBgkqhkiG9w0BAQsFAAOCAQEAKtCkKYY0HOKI2mEXvbIXDTMoJR4+7KHyuiT4
IGqR1ulCWQMu7bFMC70tQA2ku53w1NT0C0vamk05u2VxXdm9rDwUGnzbHJ7nRLa8
wzO5aJ7P4zm4VbQ9g4kDVp5i0uJjo3rPdCEflFldem1r01zD0IrkAHSuVvmvAXLt
13688+dVkFTBor4Hsd7RvBdScsWoHKKrc6rPApR0tuo8R40I6zA5blH+iWb8Qh1O
NExaQlnj/9Bg+JeC9wQzXJqP1JD34lhlNS3gSlBB4HCY0tBcXJyL6avuay8ZuThd
PfCVafM51HGCrKClJu3WOaC85r7O29FWEhM33NDGxzWrxODhuQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org