Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AB3033E6D2A11F0B540C0EDDAE4EC9C.roa
File:                     9AB3033E6D2A11F0B540C0EDDAE4EC9C.roa (raw, json)
Hash identifier:          P4AVMf+NAjQOGrxtzsbvn0AvVTwOEWKPwcwnvJuZmNQ=
Subject key identifier:   DD:6A:A9:4D:BE:ED:FE:82:47:48:9E:C6:6A:23:DC:84:B2:CC:7C:4F
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       019005
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AB3033E6D2A11F0B540C0EDDAE4EC9C.roa
Signing time:             Wed 30 Jul 2025 09:50:20 +0000
ROA not before:           Wed 30 Jul 2025 09:50:16 +0000
ROA not after:            Thu 04 Sep 2025 09:50:16 +0000
asID:                     61112
IP address blocks:        154.88.66.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 08 Aug 2025 10:26:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102405 (0x19005)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 30 09:50:16 2025 GMT
            Not After : Sep  4 09:50:16 2025 GMT
        Subject: CN=6889eadc-c29d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:4d:2d:c5:ca:19:94:0f:a8:dc:11:47:69:06:
                    38:42:f0:82:bf:d9:f8:23:aa:19:c4:cf:f4:f9:57:
                    03:96:df:19:07:1f:46:00:f4:30:64:c8:44:d5:c9:
                    de:8f:02:c4:b6:d7:d6:00:43:1b:72:b2:c7:f6:3d:
                    13:10:0e:93:98:5d:f2:1c:36:60:73:cb:a9:83:e8:
                    55:b3:15:70:b0:4f:3f:78:2d:cc:a8:b6:e3:85:2c:
                    bf:2f:75:f5:b7:ef:dd:dd:c2:b4:c1:89:64:84:c4:
                    b3:75:57:d3:b2:b1:33:59:2f:eb:3d:cf:e9:ec:14:
                    39:8f:5d:40:2f:49:e7:8e:94:80:a0:85:7b:35:48:
                    01:2f:72:f7:57:de:ce:11:7e:c9:e8:d0:be:22:fb:
                    0b:20:24:1e:d0:8b:80:3e:ce:6b:31:bb:81:33:27:
                    e1:4f:a2:13:d5:40:ec:60:8d:2f:31:aa:96:2e:22:
                    2b:b3:9e:6d:e7:27:3f:d9:b0:a6:ed:75:ea:66:26:
                    56:1a:15:52:62:f0:b0:83:5f:88:7e:67:d2:c9:d7:
                    f0:e0:30:b1:17:20:12:ea:24:4a:ec:54:1b:6c:a4:
                    17:62:af:d5:12:02:45:f5:c5:cb:07:7b:22:95:5f:
                    92:3e:5a:9c:94:77:ac:6a:fe:c9:02:a5:24:bc:78:
                    e6:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:6A:A9:4D:BE:ED:FE:82:47:48:9E:C6:6A:23:DC:84:B2:CC:7C:4F
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AB3033E6D2A11F0B540C0EDDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.88.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         73:8d:8b:b8:34:cf:4f:f2:9e:58:95:56:e5:0f:95:83:54:16:
         a9:24:dd:a6:4d:cd:b4:ea:b4:79:3b:c2:67:a9:9a:e4:22:f3:
         ef:df:23:7d:0e:24:e1:d2:49:8b:6d:2b:ca:ca:ff:7f:27:15:
         70:f2:d9:7f:45:bb:82:9e:02:92:d9:86:71:99:13:05:bd:d8:
         e2:e4:5d:45:74:c8:ca:4d:d4:82:bc:e2:91:aa:c2:56:7a:21:
         5d:ea:cc:56:93:63:17:27:97:1f:d6:64:fc:52:28:fa:9d:8d:
         67:e6:5d:54:fa:6e:e4:c4:15:9e:ee:32:e9:8e:51:4d:bf:9a:
         26:ff:dc:7e:ba:83:6e:b8:38:6b:77:8f:f5:67:79:2e:2e:25:
         28:5e:4b:57:5f:6d:4d:7b:6f:83:9e:df:d9:2d:cf:b9:b0:80:
         27:da:aa:51:86:06:b9:de:1e:f9:a3:23:d3:51:e6:db:99:3d:
         38:d5:5f:3a:95:2d:70:27:85:d1:b9:92:18:56:82:1e:d4:bc:
         05:0b:49:ad:ef:26:08:8d:62:fc:77:56:0c:64:22:a0:70:de:
         d5:fd:a1:85:8b:e5:55:eb:b2:1f:c5:84:a5:1c:5d:c4:45:9c:
         2b:15:e9:06:cb:cd:ce:0a:e1:3f:c4:52:c8:73:de:60:ec:cf:
         f3:68:35:ce
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAZAFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzMwMDk1MDE2WhcNMjUwOTA0MDk1MDE2WjAYMRYw
FAYDVQQDEw02ODg5ZWFkYy1jMjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4U0txcoZlA+o3BFHaQY4QvCCv9n4I6oZxM/0+VcDlt8ZBx9GAPQwZMhE
1cnejwLEttfWAEMbcrLH9j0TEA6TmF3yHDZgc8upg+hVsxVwsE8/eC3MqLbjhSy/
L3X1t+/d3cK0wYlkhMSzdVfTsrEzWS/rPc/p7BQ5j11AL0nnjpSAoIV7NUgBL3L3
V97OEX7J6NC+IvsLICQe0IuAPs5rMbuBMyfhT6IT1UDsYI0vMaqWLiIrs55t5yc/
2bCm7XXqZiZWGhVSYvCwg1+IfmfSydfw4DCxFyAS6iRK7FQbbKQXYq/VEgJF9cXL
B3silV+SPlqclHesav7JAqUkvHjmXQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN1q
qU2+7f6CR0iexmoj3ISyzHxPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QUIzMDMzRTZEMkExMUYwQjU0MEMwRUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmlhCMA0GCSqGSIb3DQEB
CwUAA4IBAQBzjYu4NM9P8p5YlVblD5WDVBapJN2mTc206rR5O8JnqZrkIvPv3yN9
DiTh0kmLbSvKyv9/JxVw8tl/RbuCngKS2YZxmRMFvdji5F1FdMjKTdSCvOKRqsJW
eiFd6sxWk2MXJ5cf1mT8Uij6nY1n5l1U+m7kxBWe7jLpjlFNv5om/9x+uoNuuDhr
d4/1Z3kuLiUoXktXX21Ne2+Dnt/ZLc+5sIAn2qpRhga53h75oyPTUebbmT041V86
lS1wJ4XRuZIYVoIe1LwFC0mt7yYIjWL8d1YMZCKgcN7V/aGFi+VV67IfxYSlHF3E
RZwrFekGy83OCuE/xFLIc95g7M/zaDXO
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:16:09 2025 by rpki-client