Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/14DBDD40397F11F18F7D251BCF1D38B0.roa
File:                     14DBDD40397F11F18F7D251BCF1D38B0.roa (raw, json)
Hash identifier:          7JorfiIlTDbNmduHmYrQZFBXPxFlQKaOmXJt1ogKFiw=
Subject key identifier:   41:09:0A:66:84:5A:3B:C5:98:37:68:89:38:E5:44:91:52:30:D7:52
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       0942
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/14DBDD40397F11F18F7D251BCF1D38B0.roa
Signing time:             Thu 16 Apr 2026 10:29:00 +0000
ROA not before:           Thu 16 Apr 2026 10:28:55 +0000
ROA not after:            Fri 30 Apr 2027 10:28:55 +0000
asID:                     34549
IP address blocks:        102.177.140.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 19 Apr 2026 02:03:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2370 (0x942)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
        Validity
            Not Before: Apr 16 10:28:55 2026 GMT
            Not After : Apr 30 10:28:55 2027 GMT
        Subject: CN=69e0b9ec-9e2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:8d:db:a6:93:ae:c0:05:d3:be:6c:c2:cd:1a:
                    c1:2c:07:7f:48:dc:6d:a8:c0:5b:99:f8:e2:aa:19:
                    5f:2e:5a:e1:72:5b:a5:37:28:9b:30:4d:31:dd:1e:
                    e4:9b:ae:40:d0:7e:5b:13:61:ef:7d:ad:cb:a2:c6:
                    8c:db:e0:84:48:ab:3e:38:33:3f:e8:30:d4:5a:75:
                    e5:7c:9c:f2:ac:d2:8a:24:51:df:9d:b5:db:f5:91:
                    bc:90:55:32:5c:87:c5:1a:f4:be:55:46:9e:f6:f9:
                    7b:a7:42:54:2f:0d:b2:6e:77:24:9a:2d:49:33:8c:
                    d1:dc:35:d8:42:7c:97:74:10:96:33:94:79:af:81:
                    8f:1b:26:dc:c7:99:91:e2:8a:0f:2d:cb:1c:e5:8c:
                    0d:25:d5:9f:cb:29:c2:01:97:3d:b8:90:56:d6:2a:
                    f1:40:5d:db:fb:f9:b8:aa:d8:ea:4d:b4:bf:af:7d:
                    fe:87:b8:be:8f:12:7a:a8:5c:98:cd:75:8a:8f:42:
                    eb:fd:29:31:61:66:f8:50:24:e2:5c:d2:e8:46:9b:
                    68:ad:d1:2b:09:db:4a:af:c3:cb:26:02:fe:4a:e3:
                    42:48:16:52:ed:55:8b:39:0a:71:b2:5c:82:cb:2e:
                    7a:46:e4:f4:7e:17:f9:9f:83:cf:a0:6c:55:3c:92:
                    c9:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:09:0A:66:84:5A:3B:C5:98:37:68:89:38:E5:44:91:52:30:D7:52
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/14DBDD40397F11F18F7D251BCF1D38B0.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:60:48:3f:de:5c:7a:8c:5d:ea:e8:61:d0:9a:e7:fb:87:9d:
         1c:f6:4f:93:dd:0f:5f:26:0b:97:e1:6d:ec:a1:ef:ab:bc:5e:
         31:37:02:10:3e:fd:f4:81:f0:06:99:97:83:b2:ff:e6:2a:b1:
         ad:de:2f:1e:37:41:c6:fa:b6:b9:f2:f7:e1:73:bc:c9:09:22:
         2b:95:d3:c6:3f:1a:76:19:6e:e6:d3:01:bc:6f:f5:c5:6e:7d:
         d0:48:42:9c:a3:5f:ac:d0:2c:f3:65:df:19:03:e1:7f:d0:7d:
         6b:c5:1f:a0:e8:f3:ec:3e:77:5b:23:89:5b:c2:9f:12:cc:d7:
         95:99:65:cc:20:1c:15:d0:4f:e7:a4:b7:ce:c1:42:b4:ed:bd:
         be:ae:4f:31:0a:d6:22:6a:e1:64:8d:6e:69:a8:4f:71:38:85:
         fc:cc:4d:e5:33:d3:e6:ba:0b:b2:4c:8c:69:4c:31:66:63:bc:
         c6:ef:7d:96:48:d5:26:41:ca:00:64:d2:4f:e4:4c:94:80:fb:
         81:ec:e1:26:5f:d6:9f:48:9b:c1:7d:53:06:28:8e:2b:14:45:
         49:d0:78:fa:70:3f:e6:ed:8a:08:1f:73:b3:34:bc:70:de:38:
         e2:65:ae:21:77:39:53:e7:e8:ac:4e:8e:3a:70:3b:45:99:98:
         81:4d:6c:9b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCUIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNjA0MTYxMDI4NTVaFw0yNzA0MzAxMDI4NTVaMBgxFjAU
BgNVBAMTDTY5ZTBiOWVjLTllMmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCijdumk67ABdO+bMLNGsEsB39I3G2owFuZ+OKqGV8uWuFyW6U3KJswTTHd
HuSbrkDQflsTYe99rcuixozb4IRIqz44Mz/oMNRadeV8nPKs0ookUd+dtdv1kbyQ
VTJch8Ua9L5VRp72+XunQlQvDbJudySaLUkzjNHcNdhCfJd0EJYzlHmvgY8bJtzH
mZHiig8tyxzljA0l1Z/LKcIBlz24kFbWKvFAXdv7+biq2OpNtL+vff6HuL6PEnqo
XJjNdYqPQuv9KTFhZvhQJOJc0uhGm2it0SsJ20qvw8smAv5K40JIFlLtVYs5CnGy
XILLLnpG5PR+F/mfg8+gbFU8ksn/AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUQQkK
ZoRaO8WYN2iJOOVEkVIw11IwHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzE0REJERDQwMzk3RjExRjE4RjdEMjUxQkNGMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsYwwDQYJKoZIhvcNAQEL
BQADggEBAD1gSD/eXHqMXeroYdCa5/uHnRz2T5PdD18mC5fhbeyh76u8XjE3AhA+
/fSB8AaZl4Oy/+Yqsa3eLx43Qcb6trny9+FzvMkJIiuV08Y/GnYZbubTAbxv9cVu
fdBIQpyjX6zQLPNl3xkD4X/QfWvFH6Do8+w+d1sjiVvCnxLM15WZZcwgHBXQT+ek
t87BQrTtvb6uTzEK1iJq4WSNbmmoT3E4hfzMTeUz0+a6C7JMjGlMMWZjvMbvfZZI
1SZBygBk0k/kTJSA+4Hs4SZf1p9Im8F9UwYojisURUnQePpwP+btiggfc7M0vHDe
OOJlriF3OVPn6KxOjjpwO0WZmIFNbJs=
-----END CERTIFICATE-----