Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DA0878986F9111F0A1670493DAE4EC9C.roa
File:                     DA0878986F9111F0A1670493DAE4EC9C.roa (raw, json)
Hash identifier:          Z1wc3QTNWT0HwK0gqxJkQ4sb2b4GNZq2kZDReLN7tFk=
Subject key identifier:   8F:7E:B4:24:2A:EB:ED:14:0A:DB:4F:FB:23:1B:22:25:4F:3D:AB:33
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1B9A
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DA0878986F9111F0A1670493DAE4EC9C.roa
Signing time:             Sat 02 Aug 2025 11:14:27 +0000
ROA not before:           Sat 02 Aug 2025 11:14:22 +0000
ROA not after:            Wed 02 Aug 2028 11:14:22 +0000
asID:                     39798
IP address blocks:        154.16.249.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 12 Aug 2025 00:06:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7066 (0x1b9a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Aug  2 11:14:22 2025 GMT
            Not After : Aug  2 11:14:22 2028 GMT
        Subject: CN=688df313-7173
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f3:68:bd:59:72:25:2c:1c:1f:1c:c5:e2:c5:
                    ca:99:dc:98:5f:51:27:9e:8b:08:c8:52:68:df:22:
                    4e:10:f4:60:80:ed:49:77:d6:aa:ac:f1:7b:ca:b6:
                    fd:7d:32:e9:85:cb:b7:51:80:ce:12:9c:ca:23:4f:
                    22:2b:f5:9d:98:80:d0:0c:1c:cd:eb:ea:55:dd:93:
                    0c:31:a2:06:54:e7:9c:6f:ee:28:99:df:b1:e0:e3:
                    c9:aa:03:38:4f:29:d5:ae:23:1d:32:4d:ce:5c:c2:
                    39:bb:f6:ff:f1:64:6c:54:3b:d3:b2:e6:80:52:83:
                    31:d6:95:7e:90:dc:01:32:88:80:ee:24:69:31:0a:
                    a4:38:62:22:bf:57:9d:d0:86:37:3f:13:bb:47:26:
                    80:61:d0:a5:23:47:55:86:d4:ac:e5:83:c1:d6:83:
                    32:21:cb:2b:d2:6c:3b:19:5b:71:8a:21:6e:22:1f:
                    34:16:98:fc:10:43:d2:59:3f:9a:de:81:d5:db:36:
                    3f:88:ba:cf:42:7e:5b:e8:33:b1:99:71:ad:05:15:
                    b2:7d:dd:0a:89:f2:f6:50:b3:50:30:3b:58:76:1f:
                    2f:b1:3f:32:b8:b9:12:bb:b6:cd:dc:f5:f9:1f:ed:
                    77:3c:1a:18:df:c7:7a:ea:52:9a:b6:a8:25:c6:2b:
                    43:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:7E:B4:24:2A:EB:ED:14:0A:DB:4F:FB:23:1B:22:25:4F:3D:AB:33
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/DA0878986F9111F0A1670493DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:9c:0c:cb:ac:07:ed:46:e4:a8:ed:e7:3f:39:73:17:e7:07:
         b8:87:b8:34:2a:70:ac:09:fb:fa:83:67:be:6a:e1:1d:7d:42:
         85:08:8c:6a:37:12:81:8c:e5:f9:a5:a5:92:54:c4:b1:7e:50:
         d0:b9:d0:33:3f:61:ea:79:df:99:3f:64:4e:c5:a2:d4:ca:98:
         50:b2:76:51:52:cf:54:29:bb:01:7d:88:dc:d5:d5:ee:6b:05:
         6f:42:4d:d4:6f:20:a3:4f:60:1f:ec:3b:bc:de:e3:3e:70:e8:
         c0:53:a6:54:6a:ed:26:70:e7:a0:03:49:0d:67:f3:7a:8e:b8:
         08:f0:2c:11:22:f1:26:0d:a5:16:2f:bf:08:77:ed:f8:61:25:
         7b:d9:cd:98:13:14:93:e9:23:d0:05:65:2f:0a:05:c0:ff:37:
         22:cc:c0:50:79:82:32:41:c9:f2:d5:e7:86:85:02:bd:3e:ff:
         24:bb:a9:1c:fa:2a:29:05:16:54:79:71:2a:b6:b5:68:89:78:
         77:aa:b7:1b:92:c0:32:d6:72:79:a9:1e:9c:61:78:b6:a7:b7:
         2f:df:2c:d7:ed:09:60:da:76:3e:4e:7d:17:eb:44:2c:81:65:
         2f:ec:9e:49:3f:19:36:75:f5:e8:91:a3:c9:a7:e5:3f:ea:84:
         97:40:41:6a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICG5owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA4MDIxMTE0MjJaFw0yODA4MDIxMTE0MjJaMBgxFjAU
BgNVBAMTDTY4OGRmMzEzLTcxNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC782i9WXIlLBwfHMXixcqZ3JhfUSeeiwjIUmjfIk4Q9GCA7Ul31qqs8XvK
tv19MumFy7dRgM4SnMojTyIr9Z2YgNAMHM3r6lXdkwwxogZU55xv7iiZ37Hg48mq
AzhPKdWuIx0yTc5cwjm79v/xZGxUO9Oy5oBSgzHWlX6Q3AEyiIDuJGkxCqQ4YiK/
V53Qhjc/E7tHJoBh0KUjR1WG1Kzlg8HWgzIhyyvSbDsZW3GKIW4iHzQWmPwQQ9JZ
P5regdXbNj+Ius9CflvoM7GZca0FFbJ93QqJ8vZQs1AwO1h2Hy+xPzK4uRK7ts3c
9fkf7Xc8Ghjfx3rqUpq2qCXGK0MDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUj360
JCrr7RQK20/7IxsiJU89qzMwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4L0RBMDg3ODk4NkY5MTExRjBBMTY3MDQ5M0RBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEPkwDQYJKoZIhvcNAQEL
BQADggEBAHWcDMusB+1G5Kjt5z85cxfnB7iHuDQqcKwJ+/qDZ75q4R19QoUIjGo3
EoGM5fmlpZJUxLF+UNC50DM/Yep535k/ZE7FotTKmFCydlFSz1QpuwF9iNzV1e5r
BW9CTdRvIKNPYB/sO7ze4z5w6MBTplRq7SZw56ADSQ1n83qOuAjwLBEi8SYNpRYv
vwh37fhhJXvZzZgTFJPpI9AFZS8KBcD/NyLMwFB5gjJByfLV54aFAr0+/yS7qRz6
KikFFlR5cSq2tWiJeHeqtxuSwDLWcnmpHpxheLanty/fLNftCWDadj5OfRfrRCyB
ZS/snkk/GTZ19eiRo8mn5T/qhJdAQWo=
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:05:46 2025 by rpki-client