Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71FBFBEA6FEF11F09B5314E9DAE4EC9C.roa
File:                     71FBFBEA6FEF11F09B5314E9DAE4EC9C.roa (raw, json)
Hash identifier:          cLSj7NxTE8+CJtraGD0S5ETWFREavMBs77EYfieRE3o=
Subject key identifier:   CF:A1:37:E3:05:A2:28:77:E9:C7:94:08:49:B6:75:91:D1:19:C5:AF
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       019082
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71FBFBEA6FEF11F09B5314E9DAE4EC9C.roa
Signing time:             Sat 02 Aug 2025 22:24:25 +0000
ROA not before:           Sat 02 Aug 2025 22:24:20 +0000
ROA not after:            Sun 05 Oct 2025 22:24:20 +0000
asID:                     399195
IP address blocks:        154.90.224.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 06 Aug 2025 00:07:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102530 (0x19082)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug  2 22:24:20 2025 GMT
            Not After : Oct  5 22:24:20 2025 GMT
        Subject: CN=688e9019-b4bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:b0:30:62:e8:68:97:ec:1a:6d:81:7c:48:2a:
                    94:3b:a8:cc:d4:48:58:6f:4c:53:20:73:36:b1:04:
                    a3:9e:19:54:24:28:df:0f:a6:c6:c4:2f:6e:c8:1c:
                    4e:d4:60:c3:61:4f:81:da:84:d2:dd:9a:09:5e:e9:
                    1e:cc:70:f6:a1:ab:21:ed:15:e8:0f:fe:4b:2a:ff:
                    89:79:d5:58:06:09:f2:2c:a8:46:a5:59:01:98:0d:
                    43:c2:13:ab:9c:9a:d6:a5:d6:18:57:6d:57:9b:6c:
                    f8:aa:4d:9a:24:c2:48:b1:03:2f:a5:d2:f6:68:94:
                    ee:4d:07:ce:02:53:44:6f:d3:13:5e:36:b5:1e:90:
                    0f:81:b3:4e:36:04:89:4a:94:26:ec:59:45:4f:cc:
                    8f:31:96:40:f9:71:1c:f2:5e:6f:f5:ad:99:33:61:
                    56:f3:3e:d9:df:a6:d6:d4:ad:6d:f3:2d:d6:28:71:
                    2d:af:7c:6a:e8:c2:cc:8f:58:c8:05:aa:cd:e4:05:
                    bf:aa:24:3f:ad:85:38:58:62:e5:c8:8b:b4:6a:99:
                    bb:ce:f2:69:14:76:e2:8c:96:45:8b:61:27:7a:8d:
                    be:b9:d3:3f:3a:95:90:71:3c:5d:2d:e4:66:0e:4f:
                    f4:f0:aa:a5:b6:9b:72:0c:52:bc:83:f5:d9:4a:e4:
                    b2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:A1:37:E3:05:A2:28:77:E9:C7:94:08:49:B6:75:91:D1:19:C5:AF
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/71FBFBEA6FEF11F09B5314E9DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.90.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         1d:a1:02:d6:73:92:e8:31:98:1a:02:19:9f:02:a1:fd:f9:16:
         8b:27:bb:79:f2:3d:59:e9:22:2a:93:2e:f0:c1:1e:72:f4:15:
         bd:30:81:d5:d8:ac:bf:e6:19:2e:82:ee:e7:b8:a0:e9:90:47:
         a4:86:ff:ba:6a:68:05:50:d2:80:91:68:e6:13:7e:77:7f:b0:
         4b:8f:d7:0e:8b:72:7a:1b:86:cc:be:0c:51:be:35:c0:1a:2b:
         2d:0b:2e:9e:de:fe:b3:da:b4:bf:33:f6:df:b4:e1:a1:c8:1f:
         b1:82:d1:d0:0a:41:8e:ee:e0:6c:eb:06:f0:8d:69:99:cc:b9:
         28:dd:54:a9:9e:e2:2c:c3:86:66:bf:48:5d:28:f5:12:96:82:
         5a:6c:2c:2b:61:f2:5d:45:6c:55:ce:8a:eb:79:61:12:81:99:
         f4:e3:12:f0:d8:8e:97:73:40:6d:f0:2b:9a:9a:b8:c9:da:64:
         7f:42:82:e5:ad:94:6a:77:dd:a1:e8:1e:52:8f:9c:a3:b2:1c:
         00:f9:b8:09:17:35:e2:68:25:93:89:b1:57:62:dd:8d:8c:bf:
         de:2a:e5:cb:2f:1f:f7:6f:52:3a:13:f0:dd:9a:9c:90:4c:71:
         8b:78:b0:0d:68:89:ff:14:ca:1b:67:16:6b:38:ff:53:a4:86:
         f8:1b:f8:5a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZCCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODAyMjIyNDIwWhcNMjUxMDA1MjIyNDIwWjAYMRYw
FAYDVQQDEw02ODhlOTAxOS1iNGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA37AwYuhol+wabYF8SCqUO6jM1EhYb0xTIHM2sQSjnhlUJCjfD6bGxC9u
yBxO1GDDYU+B2oTS3ZoJXukezHD2oash7RXoD/5LKv+JedVYBgnyLKhGpVkBmA1D
whOrnJrWpdYYV21Xm2z4qk2aJMJIsQMvpdL2aJTuTQfOAlNEb9MTXja1HpAPgbNO
NgSJSpQm7FlFT8yPMZZA+XEc8l5v9a2ZM2FW8z7Z36bW1K1t8y3WKHEtr3xq6MLM
j1jIBarN5AW/qiQ/rYU4WGLlyIu0apm7zvJpFHbijJZFi2Eneo2+udM/OpWQcTxd
LeRmDk/08KqltptyDFK8g/XZSuSy2QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM+h
N+MFoih36ceUCEm2dZHRGcWvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MUZCRkJFQTZGRUYxMUYwOUI1MzE0RTlEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmlrgMA0GCSqGSIb3DQEB
CwUAA4IBAQAdoQLWc5LoMZgaAhmfAqH9+RaLJ7t58j1Z6SIqky7wwR5y9BW9MIHV
2Ky/5hkugu7nuKDpkEekhv+6amgFUNKAkWjmE353f7BLj9cOi3J6G4bMvgxRvjXA
GistCy6e3v6z2rS/M/bftOGhyB+xgtHQCkGO7uBs6wbwjWmZzLko3VSpnuIsw4Zm
v0hdKPUSloJabCwrYfJdRWxVzorreWESgZn04xLw2I6Xc0Bt8CuamrjJ2mR/QoLl
rZRqd92h6B5Sj5yjshwA+bgJFzXiaCWTibFXYt2NjL/eKuXLLx/3b1I6E/DdmpyQ
THGLeLANaIn/FMobZxZrOP9TpIb4G/ha
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:19:03 2025 by rpki-client