Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FAD38E4679311F090EACA86DAE4EC9C.roa
File:                     2FAD38E4679311F090EACA86DAE4EC9C.roa (raw, json)
Hash identifier:          R6qmC0EGnPvzG+Z9j7zbgiy0fHbGa//lYcBPr0OKOZQ=
Subject key identifier:   D9:32:03:7E:9F:06:D7:16:A2:52:BC:B4:7E:D7:6D:13:95:A2:A0:57
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       018EDD
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FAD38E4679311F090EACA86DAE4EC9C.roa
Signing time:             Wed 23 Jul 2025 07:03:51 +0000
ROA not before:           Wed 23 Jul 2025 07:03:46 +0000
ROA not after:            Sat 23 Aug 2025 07:03:46 +0000
asID:                     20326
IP address blocks:        154.94.2.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 08 Aug 2025 00:06:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102109 (0x18edd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 23 07:03:46 2025 GMT
            Not After : Aug 23 07:03:46 2025 GMT
        Subject: CN=68808957-ec26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:0c:d4:36:77:66:7c:b0:e4:a0:14:a8:2e:82:
                    95:7f:00:11:40:dc:f2:52:a9:80:bd:57:5e:2d:75:
                    ab:18:e9:75:48:7d:4e:31:f8:6c:e8:4b:cc:02:24:
                    2f:35:f1:2c:6f:c0:9e:9f:e6:82:d8:66:2c:0a:69:
                    ed:3f:59:f8:93:d1:c0:94:64:15:ad:1d:0b:c0:b5:
                    36:60:d0:e7:89:eb:ff:05:72:4c:1e:f0:66:21:a9:
                    bb:74:36:08:ec:e1:b0:ec:db:d0:93:47:64:0a:7b:
                    f0:43:e8:d2:8c:e5:e7:89:fa:12:f0:01:33:fd:ee:
                    5a:6a:8a:a7:2a:4a:f0:34:c9:d2:ab:04:61:b5:ff:
                    92:98:8b:77:a8:87:1d:c5:95:d9:80:09:f8:15:e0:
                    e6:8a:14:a1:de:17:12:14:8c:41:72:2a:ce:05:aa:
                    12:0f:2c:aa:4a:c3:15:0f:b6:5a:b1:be:4f:4f:e0:
                    a3:de:23:fe:cb:88:d7:a4:97:a2:7d:42:47:68:99:
                    e8:79:2c:8f:ca:ac:88:57:68:f7:c8:68:a5:4a:3c:
                    66:43:bb:9f:c4:72:60:ad:61:7b:7f:79:b0:05:d4:
                    fb:8a:82:37:38:5c:72:e4:b2:b5:15:e9:80:4a:d5:
                    55:ac:b5:29:ce:e1:52:06:02:97:bd:2c:47:73:33:
                    a3:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:32:03:7E:9F:06:D7:16:A2:52:BC:B4:7E:D7:6D:13:95:A2:A0:57
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FAD38E4679311F090EACA86DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.94.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:40:4c:98:2e:ac:ba:aa:8a:bc:fc:b6:a7:a9:2a:93:6d:4c:
         43:a8:4e:85:df:25:2e:de:7e:4d:67:cb:11:08:f2:b0:b6:f7:
         8a:f2:21:f3:06:55:f5:07:f1:ba:43:0a:0a:3b:44:1b:eb:ab:
         ec:3c:e7:20:6a:e8:b8:10:9b:13:d0:f5:92:ce:16:51:aa:af:
         85:63:f0:5a:2e:4f:5f:51:2f:d9:e8:3d:5f:b6:f9:57:33:60:
         69:3a:fc:ca:69:e9:10:c5:ba:b2:61:ea:97:03:70:20:f9:59:
         30:8f:48:89:af:d2:b3:e7:1f:bd:0e:a6:c1:3c:36:79:8d:eb:
         1f:76:b5:3b:80:7e:ed:f4:d1:92:88:fe:a2:0a:9f:f3:df:d9:
         f2:e8:aa:a3:d2:73:a6:c7:71:e8:05:0d:a3:3d:54:53:5a:57:
         57:50:2c:03:2b:c9:4c:9e:f5:fc:23:43:4a:38:3f:88:bf:43:
         5c:54:c7:27:2c:f2:58:ba:29:4a:00:3f:2c:57:33:ae:29:03:
         0e:88:23:5e:4f:35:3f:ec:87:55:7f:c8:2f:8b:fe:d4:32:ce:
         6f:53:02:3e:52:09:35:46:ed:ca:06:f4:16:39:d3:05:c3:0e:
         6a:15:5b:9f:10:5e:e5:69:b9:43:5b:91:c2:51:53:de:b8:00:
         d8:ab:e3:ff
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY7dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIzMDcwMzQ2WhcNMjUwODIzMDcwMzQ2WjAYMRYw
FAYDVQQDEw02ODgwODk1Ny1lYzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyAzUNndmfLDkoBSoLoKVfwARQNzyUqmAvVdeLXWrGOl1SH1OMfhs6EvM
AiQvNfEsb8Cen+aC2GYsCmntP1n4k9HAlGQVrR0LwLU2YNDniev/BXJMHvBmIam7
dDYI7OGw7NvQk0dkCnvwQ+jSjOXnifoS8AEz/e5aaoqnKkrwNMnSqwRhtf+SmIt3
qIcdxZXZgAn4FeDmihSh3hcSFIxBcirOBaoSDyyqSsMVD7Zasb5PT+Cj3iP+y4jX
pJeifUJHaJnoeSyPyqyIV2j3yGilSjxmQ7ufxHJgrWF7f3mwBdT7ioI3OFxy5LK1
FemAStVVrLUpzuFSBgKXvSxHczOjcwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNky
A36fBtcWolK8tH7XbROVoqBXMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRkFEMzhFNDY3OTMxMUYwOTBFQUNBODZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBml4CMA0GCSqGSIb3DQEB
CwUAA4IBAQBGQEyYLqy6qoq8/LanqSqTbUxDqE6F3yUu3n5NZ8sRCPKwtveK8iHz
BlX1B/G6QwoKO0Qb66vsPOcgaui4EJsT0PWSzhZRqq+FY/BaLk9fUS/Z6D1ftvlX
M2BpOvzKaekQxbqyYeqXA3Ag+Vkwj0iJr9Kz5x+9DqbBPDZ5jesfdrU7gH7t9NGS
iP6iCp/z39ny6Kqj0nOmx3HoBQ2jPVRTWldXUCwDK8lMnvX8I0NKOD+Iv0NcVMcn
LPJYuilKAD8sVzOuKQMOiCNeTzU/7IdVf8gvi/7UMs5vUwI+Ugk1Ru3KBvQWOdMF
ww5qFVufEF7lablDW5HCUVPeuADYq+P/
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:24:05 2025 by rpki-client