Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/A30290B4490311EFAD6D6848762E951A.roa
File:                     A30290B4490311EFAD6D6848762E951A.roa (raw, json)
Hash identifier:          9DJDNrHzZVxc5zuNzgDbveKnN6iPIU3B9BicWnmYCZQ=
Subject key identifier:   6C:57:D5:26:D9:54:CE:8D:09:80:D1:91:F2:93:D8:DA:B7:F5:1C:6F
Certificate issuer:       /CN=F36E68C0AF/serialNumber=8C4E77FA322349C0B27F01763233AE47B0DC9AF3
Certificate serial:       05
Authority key identifier: 8C:4E:77:FA:32:23:49:C0:B2:7F:01:76:32:33:AE:47:B0:DC:9A:F3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/jE53-jIjScCyfwF2MjOuR7DcmvM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/A30290B4490311EFAD6D6848762E951A.roa
Signing time:             Tue 23 Jul 2024 14:55:44 +0000
ROA not before:           Tue 23 Jul 2024 14:55:41 +0000
ROA not after:            Thu 25 Jul 2030 14:55:41 +0000
asID:                     328464
IP address blocks:        102.222.240.0/22 maxlen: 24
                          2c0f:4f80::/32 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/jE53-jIjScCyfwF2MjOuR7DcmvM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/jE53-jIjScCyfwF2MjOuR7DcmvM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/jE53-jIjScCyfwF2MjOuR7DcmvM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36E68C0AF/serialNumber=8C4E77FA322349C0B27F01763233AE47B0DC9AF3
        Validity
            Not Before: Jul 23 14:55:41 2024 GMT
            Not After : Jul 25 14:55:41 2030 GMT
        Subject: CN=669fc470-6ca9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ec:f4:58:7a:0c:b7:73:93:11:dc:e5:93:70:
                    80:0c:84:78:88:6e:5a:a4:07:1e:28:fe:c1:55:bb:
                    dd:de:a9:27:6c:66:a4:5c:1b:33:b5:c8:70:3d:64:
                    93:6d:7c:a8:31:3e:39:07:99:b2:e7:af:5c:21:ae:
                    24:6b:32:4e:b8:13:f1:95:39:21:88:d3:56:a3:07:
                    a2:0e:82:cc:06:b6:2e:2f:44:af:3c:5e:2e:3b:bd:
                    c4:ae:43:4b:15:79:21:72:e8:cf:81:49:77:f1:38:
                    68:01:0c:6d:3a:0c:4b:c5:85:39:d2:82:2e:25:0e:
                    1d:12:f2:93:c3:f3:16:04:10:ba:ec:ca:e6:6b:ee:
                    ee:6e:47:b9:21:a2:2b:13:a3:e2:61:89:00:8f:ba:
                    ac:7e:0f:d2:4b:8b:72:3f:b7:e2:20:d7:24:48:c2:
                    78:8b:8c:67:7c:36:9f:1d:81:06:ba:a8:a4:36:15:
                    33:32:26:2c:7e:5f:c4:3a:94:db:80:e2:16:c0:33:
                    ae:65:17:42:3f:5c:08:11:08:1d:fc:1d:85:f5:ec:
                    f1:9e:44:dd:0f:20:f3:ae:3b:11:5b:65:0e:87:d9:
                    fb:4e:fb:79:a2:32:a2:60:f4:97:27:6a:bb:c0:b8:
                    4e:2a:b8:ca:f4:f5:86:fb:d8:47:b2:fc:cd:5a:e2:
                    81:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:57:D5:26:D9:54:CE:8D:09:80:D1:91:F2:93:D8:DA:B7:F5:1C:6F
            X509v3 Authority Key Identifier:
                keyid:8C:4E:77:FA:32:23:49:C0:B2:7F:01:76:32:33:AE:47:B0:DC:9A:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/jE53-jIjScCyfwF2MjOuR7DcmvM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/jE53-jIjScCyfwF2MjOuR7DcmvM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36E68C0/3ECE895E48EF11EFBAB935BF762E951A/A30290B4490311EFAD6D6848762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.222.240.0/22
                IPv6:
                  2c0f:4f80::/32

    Signature Algorithm: sha256WithRSAEncryption
         35:31:10:c2:cc:a9:bd:74:e0:df:f8:d6:24:01:e0:2d:6c:f3:
         4f:5b:3d:16:53:c7:1f:b3:05:54:25:71:c3:98:a5:c3:d0:35:
         b0:e6:94:a7:80:1f:69:d3:e9:a4:a7:83:eb:0a:94:1a:61:4e:
         3f:6e:a9:8e:72:1a:64:3a:b5:c6:4b:49:13:cd:b9:cd:b3:f8:
         7b:d0:bd:af:aa:33:74:63:32:b6:5a:08:6f:16:3b:f1:62:c5:
         03:bb:43:f4:c0:2d:de:d8:13:5e:78:2e:3b:c4:97:65:39:d5:
         c1:53:93:51:c0:66:3a:85:be:2c:9f:a1:19:67:30:03:5f:18:
         77:11:91:15:39:6f:a4:af:c5:52:54:c4:b1:34:65:c5:eb:fc:
         04:b0:06:19:92:c1:bb:bb:51:29:77:7a:b4:03:65:4b:2b:c7:
         4f:8f:07:23:17:4b:bc:61:98:d5:84:6f:f7:33:5f:05:6e:b2:
         9d:64:15:b1:6b:82:e4:ae:c9:2e:49:7f:fb:3a:b2:9a:a1:55:
         a1:27:e3:3e:15:80:3c:74:9f:fc:f0:32:f8:98:76:3f:75:d1:
         d1:b5:e9:71:63:a9:1d:1a:f5:f0:2d:20:32:9b:03:ff:0b:6a:
         40:e4:f1:1b:93:aa:94:f4:69:2a:2d:e6:4a:36:d5:0d:78:c5:
         e7:b4:cf:22
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZF
NjhDMEFGMTEwLwYDVQQFEyg4QzRFNzdGQTMyMjM0OUMwQjI3RjAxNzYzMjMzQUU0
N0IwREM5QUYzMB4XDTI0MDcyMzE0NTU0MVoXDTMwMDcyNTE0NTU0MVowGDEWMBQG
A1UEAxMNNjY5ZmM0NzAtNmNhOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzs9Fh6DLdzkxHc5ZNwgAyEeIhuWqQHHij+wVW73d6pJ2xmpFwbM7XIcD1k
k218qDE+OQeZsuevXCGuJGsyTrgT8ZU5IYjTVqMHog6CzAa2Li9ErzxeLju9xK5D
SxV5IXLoz4FJd/E4aAEMbToMS8WFOdKCLiUOHRLyk8PzFgQQuuzK5mvu7m5HuSGi
KxOj4mGJAI+6rH4P0kuLcj+34iDXJEjCeIuMZ3w2nx2BBrqopDYVMzImLH5fxDqU
24DiFsAzrmUXQj9cCBEIHfwdhfXs8Z5E3Q8g8647EVtlDofZ+077eaIyomD0lydq
u8C4Tiq4yvT1hvvYR7L8zVrigWECAwEAAaOCArQwggKwMB0GA1UdDgQWBBRsV9Um
2VTOjQmA0ZHyk9jat/UcbzAfBgNVHSMEGDAWgBSMTnf6MiNJwLJ/AXYyM65HsNya
8zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RTY4QzAvM0VDRTg5NUU0OEVGMTFFRkJBQjkzNUJGNzYyRTk1MUEvakU1My1q
SWpTY0N5ZndGMk1qT3VSN0RjbXZNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvakU1My1qSWpTY0N5ZndGMk1qT3VSN0RjbXZNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2RTY4QzAvM0VDRTg5NUU0OEVGMTFFRkJBQjkzNUJGNzYy
RTk1MUEvQTMwMjkwQjQ0OTAzMTFFRkFENkQ2ODQ4NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAmbe8DANBAIAAjAHAwUALA9P
gDANBgkqhkiG9w0BAQsFAAOCAQEANTEQwsypvXTg3/jWJAHgLWzzT1s9FlPHH7MF
VCVxw5ilw9A1sOaUp4AfadPppKeD6wqUGmFOP26pjnIaZDq1xktJE825zbP4e9C9
r6ozdGMytloIbxY78WLFA7tD9MAt3tgTXnguO8SXZTnVwVOTUcBmOoW+LJ+hGWcw
A18YdxGRFTlvpK/FUlTEsTRlxev8BLAGGZLBu7tRKXd6tANlSyvHT48HIxdLvGGY
1YRv9zNfBW6ynWQVsWuC5K7JLkl/+zqymqFVoSfjPhWAPHSf/PAy+Jh2P3XR0bXp
cWOpHRr18C0gMpsD/wtqQOTxG5OqlPRpKi3mSjbVDXjF57TPIg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:43:48 2024 by rpki-client on console-ams.rpki-client.org