Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A5A3E966BB311F0938AC4DBDAE4EC9C.roa
File:                     1A5A3E966BB311F0938AC4DBDAE4EC9C.roa (raw, json)
Hash identifier:          6O/9AwPtxTEuOi5zqtav5r9VjnqbaCrqADPcE5D+MvI=
Subject key identifier:   7B:6A:81:81:72:60:1F:79:71:1C:50:ED:28:FA:AC:F2:C2:B9:D2:DD
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       018FD4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A5A3E966BB311F0938AC4DBDAE4EC9C.roa
Signing time:             Mon 28 Jul 2025 13:02:24 +0000
ROA not before:           Mon 28 Jul 2025 13:02:19 +0000
ROA not after:            Fri 05 Sep 2025 13:02:19 +0000
asID:                     15221
IP address blocks:        154.198.32.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 08 Aug 2025 00:06:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102356 (0x18fd4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 28 13:02:19 2025 GMT
            Not After : Sep  5 13:02:19 2025 GMT
        Subject: CN=688774e0-868d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:03:64:26:7a:07:54:85:5a:26:97:ab:53:93:
                    a2:1a:96:23:3d:1e:c4:7a:71:be:94:ef:5d:2c:dd:
                    07:d2:b3:c6:72:7d:12:a0:a1:b3:bf:b6:a5:dd:42:
                    5f:a6:34:92:6d:34:7b:e8:68:21:04:3e:04:0c:be:
                    36:09:3c:25:c0:cd:47:66:4d:4a:fd:c6:9a:36:30:
                    6e:54:32:fa:9c:bb:d0:33:15:95:4b:43:4a:d1:b4:
                    9e:e9:39:73:07:72:3e:43:70:2c:73:cb:67:44:07:
                    1e:de:58:02:7f:f9:c4:ef:23:5b:af:82:d4:00:1b:
                    c6:ff:f9:ad:1b:e5:b3:7b:9e:2a:03:f5:e4:13:6b:
                    50:43:1f:c4:5a:ff:33:a9:2b:be:a6:5b:df:a4:a4:
                    c5:ac:95:01:20:94:5b:cc:12:42:e9:78:2e:b0:f4:
                    63:3d:e0:28:a6:a7:4a:cd:55:63:ad:3e:02:19:72:
                    e2:3b:6e:80:fe:d5:17:f1:6d:5e:37:cf:5f:94:2f:
                    01:53:72:7d:bb:a1:62:05:ad:40:c7:8c:12:33:fe:
                    6d:43:cf:3f:e5:b3:bc:11:e8:d6:b5:f7:a2:f9:4b:
                    18:99:9c:c2:7a:c0:cb:27:e8:66:1f:3e:24:39:b4:
                    36:eb:6d:b0:06:77:80:5f:39:44:e2:91:c7:15:7b:
                    d6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:6A:81:81:72:60:1F:79:71:1C:50:ED:28:FA:AC:F2:C2:B9:D2:DD
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A5A3E966BB311F0938AC4DBDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.198.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:77:f1:e6:e7:51:af:cb:e1:61:ee:3a:39:61:6d:f4:86:dd:
         b4:9a:f5:ae:10:77:2c:3a:52:4f:6b:0e:99:c7:70:7f:6c:e9:
         ce:36:08:59:fe:48:58:28:8e:98:3c:c6:56:74:75:84:5a:5e:
         c8:46:95:0b:24:b2:ed:00:07:b0:8b:ac:49:68:8d:ba:a7:4a:
         0e:f7:b4:48:6e:3e:c2:4f:8f:c2:93:4d:86:0d:b0:fb:88:cc:
         27:31:f8:e9:b8:9e:e3:56:24:09:4f:24:89:c2:e0:07:c1:24:
         58:0a:64:48:3b:bb:6f:d1:d0:31:bf:57:b4:8b:9d:53:2e:61:
         fe:7f:05:1e:cb:5c:10:36:cf:e1:ee:ea:35:ab:ab:f5:20:59:
         ad:27:11:98:eb:3f:93:80:e9:49:dc:19:7b:7a:b3:36:e1:84:
         fc:43:9c:eb:86:a1:c8:87:f7:3c:ef:1d:42:67:09:46:6b:4b:
         7c:95:6f:36:f2:ef:39:80:ec:90:d9:fd:7b:2d:b2:71:64:89:
         31:85:13:ba:6b:dc:6b:3a:a7:15:9a:44:96:82:a3:9a:30:b9:
         41:3e:3d:be:93:b7:6e:b0:03:21:27:5b:88:53:4c:e3:53:99:
         8e:e8:26:26:85:3e:1e:c7:46:51:61:1c:7b:ef:58:fe:3e:d9:
         b0:29:ff:19
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY/UMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzI4MTMwMjE5WhcNMjUwOTA1MTMwMjE5WjAYMRYw
FAYDVQQDEw02ODg3NzRlMC04NjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvwNkJnoHVIVaJperU5OiGpYjPR7EenG+lO9dLN0H0rPGcn0SoKGzv7al
3UJfpjSSbTR76GghBD4EDL42CTwlwM1HZk1K/caaNjBuVDL6nLvQMxWVS0NK0bSe
6TlzB3I+Q3Asc8tnRAce3lgCf/nE7yNbr4LUABvG//mtG+Wze54qA/XkE2tQQx/E
Wv8zqSu+plvfpKTFrJUBIJRbzBJC6XgusPRjPeAopqdKzVVjrT4CGXLiO26A/tUX
8W1eN89flC8BU3J9u6FiBa1Ax4wSM/5tQ88/5bO8EejWtfei+UsYmZzCesDLJ+hm
Hz4kObQ2622wBneAXzlE4pHHFXvWMQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHtq
gYFyYB95cRxQ7Sj6rPLCudLdMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQTVBM0U5NjZCQjMxMUYwOTM4QUM0REJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmsYgMA0GCSqGSIb3DQEB
CwUAA4IBAQCTd/Hm51Gvy+Fh7jo5YW30ht20mvWuEHcsOlJPaw6Zx3B/bOnONghZ
/khYKI6YPMZWdHWEWl7IRpULJLLtAAewi6xJaI26p0oO97RIbj7CT4/Ck02GDbD7
iMwnMfjpuJ7jViQJTySJwuAHwSRYCmRIO7tv0dAxv1e0i51TLmH+fwUey1wQNs/h
7uo1q6v1IFmtJxGY6z+TgOlJ3Bl7erM24YT8Q5zrhqHIh/c87x1CZwlGa0t8lW82
8u85gOyQ2f17LbJxZIkxhRO6a9xrOqcVmkSWgqOaMLlBPj2+k7dusAMhJ1uIU0zj
U5mO6CYmhT4ex0ZRYRx771j+PtmwKf8Z
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:15:19 2025 by rpki-client