Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/807BD2C438A011F1A0A1FFD0CE1D38B0.roa
File:                     807BD2C438A011F1A0A1FFD0CE1D38B0.roa (raw, json)
Hash identifier:          WlwX3ZF1grTOMQSkLPPSCNtDzzf4EhEfHQo/7oVI8DU=
Subject key identifier:   6C:A9:D5:F4:59:DB:FB:ED:6C:F1:61:69:5B:26:D3:9E:99:D9:7A:4E
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01C54A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/807BD2C438A011F1A0A1FFD0CE1D38B0.roa
Signing time:             Wed 15 Apr 2026 07:55:43 +0000
ROA not before:           Wed 15 Apr 2026 07:55:38 +0000
ROA not after:            Wed 06 May 2026 07:55:38 +0000
asID:                     271956
IP address blocks:        154.88.190.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 20 Apr 2026 00:08:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116042 (0x1c54a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Apr 15 07:55:38 2026 GMT
            Not After : May  6 07:55:38 2026 GMT
        Subject: CN=69df447f-385f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:90:0a:03:dc:47:04:68:fa:62:fc:d4:7f:10:
                    69:02:10:4c:38:c0:5b:99:bd:e1:37:68:dd:e1:26:
                    e6:a9:69:69:96:f8:ef:61:16:43:d4:4d:67:6d:f9:
                    b6:7e:72:3a:03:95:bc:a3:94:62:ee:72:1f:75:c3:
                    24:d3:22:ad:16:ec:2c:a4:7a:c2:5c:1a:57:ed:71:
                    ef:4a:dd:e0:ba:d8:34:c5:27:d2:4b:13:df:59:55:
                    78:21:cc:05:ad:10:7f:c0:7f:11:7f:f7:18:6c:eb:
                    3f:48:1b:44:5d:f8:f3:c4:54:2c:e7:3d:2d:c6:67:
                    23:a1:b9:fb:84:7f:31:6b:c4:85:e2:c2:a0:88:29:
                    e3:0b:c9:98:84:65:d9:48:dc:3b:fa:7a:ce:72:f8:
                    91:65:6c:2f:a0:fc:b5:a0:9a:35:ae:eb:96:10:4c:
                    f4:ec:01:93:c6:03:4b:02:51:3d:90:6b:4a:89:c5:
                    04:f9:ab:95:a6:1a:7e:22:4d:5e:27:6e:f4:3e:b3:
                    13:16:69:fe:b6:a2:f9:a8:dd:37:fa:b9:ea:e7:6c:
                    83:22:d0:49:2a:ed:b7:2e:f9:f3:09:58:e4:30:3d:
                    92:e4:5d:3a:1f:5b:14:2c:bc:14:3c:1b:ee:35:97:
                    4e:3e:cb:c3:1d:17:cf:c7:78:c3:e9:f3:7d:df:13:
                    b7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:A9:D5:F4:59:DB:FB:ED:6C:F1:61:69:5B:26:D3:9E:99:D9:7A:4E
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/807BD2C438A011F1A0A1FFD0CE1D38B0.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.88.190.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:08:16:a4:e5:70:04:9a:e1:d5:ba:32:a4:23:8e:12:f8:6f:
         b4:6e:1e:ba:3e:3e:22:8c:87:99:e1:3d:1c:24:9b:f4:91:36:
         61:7d:a8:47:7b:74:ce:bc:bf:ab:93:f1:0e:83:ba:48:f6:63:
         86:70:ce:f3:41:f8:37:d2:6a:69:f8:df:df:d0:28:6b:07:cf:
         71:ea:d0:0d:9f:a3:36:76:8f:86:46:3f:e6:17:a5:bc:ec:66:
         26:3f:0e:7b:ae:c9:87:b7:11:d9:85:8c:2c:06:55:fb:bc:12:
         ca:ce:b8:99:b3:c1:79:c0:14:bc:b1:5a:84:ce:7c:66:1d:48:
         d0:1f:a3:74:08:04:e0:ca:b4:9e:66:64:7f:68:b1:aa:fc:27:
         40:90:88:f3:3a:a9:2a:9b:58:9c:b4:13:3e:81:b3:89:ee:70:
         33:36:ec:8e:6e:43:4b:4b:88:62:dd:fc:8f:94:8b:a2:35:80:
         3a:e2:64:c0:b4:6f:34:42:61:e9:f2:55:0c:59:85:45:8f:e3:
         32:0f:de:29:5d:96:5d:51:3f:90:2a:b8:3f:50:4f:9d:c5:f1:
         2a:7d:1a:d8:a8:94:3f:03:e1:5a:17:e3:78:4f:61:97:26:e1:
         92:ce:79:72:95:cd:7f:5f:53:ec:33:0c:e3:47:ad:fd:64:9d:
         66:cb:8a:5b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcVKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDE1MDc1NTM4WhcNMjYwNTA2MDc1NTM4WjAYMRYw
FAYDVQQDEw02OWRmNDQ3Zi0zODVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxJAKA9xHBGj6YvzUfxBpAhBMOMBbmb3hN2jd4SbmqWlplvjvYRZD1E1n
bfm2fnI6A5W8o5Ri7nIfdcMk0yKtFuwspHrCXBpX7XHvSt3gutg0xSfSSxPfWVV4
IcwFrRB/wH8Rf/cYbOs/SBtEXfjzxFQs5z0txmcjobn7hH8xa8SF4sKgiCnjC8mY
hGXZSNw7+nrOcviRZWwvoPy1oJo1ruuWEEz07AGTxgNLAlE9kGtKicUE+auVphp+
Ik1eJ270PrMTFmn+tqL5qN03+rnq52yDItBJKu23LvnzCVjkMD2S5F06H1sULLwU
PBvuNZdOPsvDHRfPx3jD6fN93xO3BQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGyp
1fRZ2/vtbPFhaVsm056Z2XpOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MDdCRDJDNDM4QTAxMUYxQTBBMUZGRDBDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmli+MA0GCSqGSIb3DQEB
CwUAA4IBAQA7CBak5XAEmuHVujKkI44S+G+0bh66Pj4ijIeZ4T0cJJv0kTZhfahH
e3TOvL+rk/EOg7pI9mOGcM7zQfg30mpp+N/f0ChrB89x6tANn6M2do+GRj/mF6W8
7GYmPw57rsmHtxHZhYwsBlX7vBLKzriZs8F5wBS8sVqEznxmHUjQH6N0CATgyrSe
ZmR/aLGq/CdAkIjzOqkqm1ictBM+gbOJ7nAzNuyObkNLS4hi3fyPlIuiNYA64mTA
tG80QmHp8lUMWYVFj+MyD94pXZZdUT+QKrg/UE+dxfEqfRrYqJQ/A+FaF+N4T2GX
JuGSznlylc1/X1PsMwzjR639ZJ1my4pb
-----END CERTIFICATE-----