Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D4BDD/F8376F14A50E11EC9AABF8A25A40D577/9A0262EA985B11EE8649C347D25BE465.roa
File:                     9A0262EA985B11EE8649C347D25BE465.roa (raw, json)
Hash identifier:          2GtUyuUh0H4Yru4Poa6BwFUwVcgQdscXDl84Vttn9/k=
Subject key identifier:   A6:73:95:BE:77:77:0A:19:78:DF:94:52:72:76:7A:ED:8E:9E:EC:DF
Certificate issuer:       /CN=F36D4BDDAF/serialNumber=8F46DC96FC42077EB07E47C4D4DAECB9455B4802
Certificate serial:       029C
Authority key identifier: 8F:46:DC:96:FC:42:07:7E:B0:7E:47:C4:D4:DA:EC:B9:45:5B:48:02
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/j0bclvxCB36wfkfE1NrsuUVbSAI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36D4BDD/F8376F14A50E11EC9AABF8A25A40D577/9A0262EA985B11EE8649C347D25BE465.roa
Signing time:             Mon 11 Dec 2023 19:29:29 +0000
ROA not before:           Mon 11 Dec 2023 19:29:25 +0000
ROA not after:            Tue 01 Dec 2026 19:29:25 +0000
asID:                     328351
IP address blocks:        102.140.112.0/21 maxlen: 24
                          102.210.64.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36D4BDD/F8376F14A50E11EC9AABF8A25A40D577/j0bclvxCB36wfkfE1NrsuUVbSAI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36D4BDD/F8376F14A50E11EC9AABF8A25A40D577/j0bclvxCB36wfkfE1NrsuUVbSAI.mft
                          rsync://rpki.afrinic.net/repository/afrinic/j0bclvxCB36wfkfE1NrsuUVbSAI.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 668 (0x29c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36D4BDDAF/serialNumber=8F46DC96FC42077EB07E47C4D4DAECB9455B4802
        Validity
            Not Before: Dec 11 19:29:25 2023 GMT
            Not After : Dec  1 19:29:25 2026 GMT
        Subject: CN=65776319-5fdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:1f:e0:1f:ec:a7:58:87:9f:63:6c:24:ff:cd:
                    b1:81:5a:56:15:47:a7:dc:68:ae:e5:78:ee:72:f1:
                    64:3d:65:21:56:2b:36:77:2f:e0:51:b5:90:2c:97:
                    e1:49:80:18:05:72:be:41:09:98:0b:56:7e:10:45:
                    57:15:58:7a:b7:13:fa:11:8c:52:7a:fa:fe:2c:f1:
                    4b:10:d4:47:be:75:30:81:85:d6:01:59:73:3e:9e:
                    8d:27:69:56:80:b7:6c:fa:2d:c5:87:83:c3:2f:fd:
                    b8:9b:68:87:81:04:a9:5a:52:89:0f:22:03:5c:bb:
                    3c:54:c1:07:21:1a:06:d8:ad:47:07:2f:1a:26:bd:
                    0f:a1:04:07:39:da:03:7d:01:8c:46:f2:b3:52:6a:
                    04:94:46:bf:05:0c:11:eb:95:91:b0:4d:e1:be:2c:
                    5b:fa:23:0d:35:69:b0:e2:98:f7:91:8c:1d:0f:08:
                    bd:09:0b:42:0d:95:c0:3f:ca:6d:27:e3:d6:6c:b8:
                    c3:c6:2a:6c:2d:34:6e:c0:3b:e9:1a:87:91:94:bd:
                    58:aa:d1:4f:0b:9c:f5:fb:50:e4:a6:18:11:fb:d3:
                    c2:a9:83:54:8a:23:d2:20:76:9f:26:44:ae:aa:36:
                    4a:5c:16:ae:7c:ca:14:35:32:d8:44:7a:52:a6:6c:
                    17:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:73:95:BE:77:77:0A:19:78:DF:94:52:72:76:7A:ED:8E:9E:EC:DF
            X509v3 Authority Key Identifier:
                keyid:8F:46:DC:96:FC:42:07:7E:B0:7E:47:C4:D4:DA:EC:B9:45:5B:48:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36D4BDD/F8376F14A50E11EC9AABF8A25A40D577/j0bclvxCB36wfkfE1NrsuUVbSAI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/j0bclvxCB36wfkfE1NrsuUVbSAI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D4BDD/F8376F14A50E11EC9AABF8A25A40D577/9A0262EA985B11EE8649C347D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.140.112.0/21
                  102.210.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:e9:82:0f:97:2f:d1:c3:5a:03:de:4b:e3:8b:24:cf:7e:af:
         70:19:38:2f:64:8e:e2:a1:8a:3d:2b:64:d9:67:9b:5e:34:5a:
         30:96:4a:51:60:4f:7f:6a:cd:18:88:f9:56:da:cd:f1:5e:e6:
         c2:8c:5a:2a:eb:35:84:69:22:49:10:ed:37:16:35:82:ff:c2:
         25:3a:1f:d3:90:01:07:76:00:92:87:d7:e3:a2:d1:5b:d9:2b:
         b7:d8:48:67:29:eb:a0:ec:8f:b8:37:b3:69:d4:31:65:dc:f6:
         c8:40:05:2d:07:9d:0f:8a:53:11:5d:f9:ce:e5:fd:85:b2:2b:
         d5:4a:6b:a3:34:53:59:0a:45:2b:2c:c9:24:a8:36:1a:8e:fc:
         b4:1f:ba:e8:1f:8f:ff:8f:13:88:61:d9:25:2b:c7:21:84:cd:
         29:dc:f3:c1:cb:1e:fe:df:77:af:ff:f5:cc:ac:98:fc:dd:9a:
         3d:46:8a:5c:55:d3:74:3d:5a:46:d0:fc:27:ba:53:cc:c6:be:
         24:bc:a9:fa:aa:73:6f:4b:0f:41:ad:0d:90:ea:6d:e4:ec:c7:
         84:2b:4a:e3:4c:97:b8:e3:e4:ea:7c:ac:36:b5:8c:f1:24:02:
         f1:31:1a:c7:a2:6c:49:19:ec:33:8c:64:d7:eb:fb:d7:aa:e0:
         2a:51:9b:02
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICApwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RDRCRERBRjExMC8GA1UEBRMoOEY0NkRDOTZGQzQyMDc3RUIwN0U0N0M0RDREQUVD
Qjk0NTVCNDgwMjAeFw0yMzEyMTExOTI5MjVaFw0yNjEyMDExOTI5MjVaMBgxFjAU
BgNVBAMTDTY1Nzc2MzE5LTVmZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDSH+Af7KdYh59jbCT/zbGBWlYVR6fcaK7leO5y8WQ9ZSFWKzZ3L+BRtZAs
l+FJgBgFcr5BCZgLVn4QRVcVWHq3E/oRjFJ6+v4s8UsQ1Ee+dTCBhdYBWXM+no0n
aVaAt2z6LcWHg8Mv/bibaIeBBKlaUokPIgNcuzxUwQchGgbYrUcHLxomvQ+hBAc5
2gN9AYxG8rNSagSURr8FDBHrlZGwTeG+LFv6Iw01abDimPeRjB0PCL0JC0INlcA/
ym0n49ZsuMPGKmwtNG7AO+kah5GUvViq0U8LnPX7UOSmGBH708Kpg1SKI9Igdp8m
RK6qNkpcFq58yhQ1MthEelKmbBcpAgMBAAGjggKrMIICpzAdBgNVHQ4EFgQUpnOV
vnd3Chl435RScnZ67Y6e7N8wHwYDVR0jBBgwFoAUj0bclvxCB36wfkfE1NrsuUVb
SAIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkQ0QkREL0Y4Mzc2RjE0QTUwRTExRUM5QUFCRjhBMjVBNDBENTc3L2owYmNs
dnhDQjM2d2ZrZkUxTnJzdVVWYlNBSS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2owYmNsdnhDQjM2d2ZrZkUxTnJzdVVWYlNBSS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkQ0QkREL0Y4Mzc2RjE0QTUwRTExRUM5QUFCRjhBMjVB
NDBENTc3LzlBMDI2MkVBOTg1QjExRUU4NjQ5QzM0N0QyNUJFNDY1LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANmjHADBAJm0kAwDQYJKoZI
hvcNAQELBQADggEBAATpgg+XL9HDWgPeS+OLJM9+r3AZOC9kjuKhij0rZNlnm140
WjCWSlFgT39qzRiI+VbazfFe5sKMWirrNYRpIkkQ7TcWNYL/wiU6H9OQAQd2AJKH
1+Oi0VvZK7fYSGcp66Dsj7g3s2nUMWXc9shABS0HnQ+KUxFd+c7l/YWyK9VKa6M0
U1kKRSssySSoNhqO/LQfuugfj/+PE4hh2SUrxyGEzSnc88HLHv7fd6//9cysmPzd
mj1GilxV03Q9WkbQ/Ce6U8zGviS8qfqqc29LD0GtDZDqbeTsx4QrSuNMl7jj5Op8
rDa1jPEkAvExGseibEkZ7DOMZNfr+9eq4CpRmwI=
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:44:23 2024 by rpki-client on console-ams.rpki-client.org