Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D93A6FAC67DF11F0B09FC4EDDAE4EC9C.roa
File:                     D93A6FAC67DF11F0B09FC4EDDAE4EC9C.roa (raw, json)
Hash identifier:          Db5+9wG4iMWvE01AOnju3m0hz4LF9CkHukN0R89/szQ=
Subject key identifier:   00:CF:D4:EB:27:83:48:F5:47:E2:D2:F4:11:2D:DB:D9:D9:46:AA:F4
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       018F46
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D93A6FAC67DF11F0B09FC4EDDAE4EC9C.roa
Signing time:             Wed 23 Jul 2025 16:12:37 +0000
ROA not before:           Wed 23 Jul 2025 16:12:29 +0000
ROA not after:            Sat 04 Oct 2025 16:12:29 +0000
asID:                     140666
IP address blocks:        154.93.87.0/24 maxlen: 24
                          154.93.88.0/22 maxlen: 24
                          154.93.94.0/24 maxlen: 24
                          154.93.123.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 06 Aug 2025 00:07:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102214 (0x18f46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 23 16:12:29 2025 GMT
            Not After : Oct  4 16:12:29 2025 GMT
        Subject: CN=688109f5-1fbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:5b:d0:31:61:18:91:60:cd:cd:92:4e:a8:fd:
                    a3:80:82:35:f0:fd:80:a4:08:2c:e6:5b:16:7a:de:
                    1c:55:6c:c4:fb:f8:01:c2:d3:e6:0e:ed:1a:7c:dc:
                    61:81:3e:f2:d1:59:af:c8:c0:e2:ad:61:c4:53:3b:
                    cf:fd:fe:35:8c:f5:25:c3:4a:9f:8d:5b:41:55:20:
                    4e:a3:7c:7d:02:d3:60:b8:9d:e6:57:33:63:1b:9a:
                    2e:d3:f0:30:9c:33:2d:f0:11:c5:99:25:18:37:67:
                    a5:f9:9d:56:b4:6f:9a:4f:11:de:05:47:96:e8:ce:
                    5d:0a:38:3b:a6:2a:a6:e7:ea:93:09:7f:a3:4e:13:
                    58:1d:38:b7:d0:38:2c:35:bf:77:e8:25:52:45:7f:
                    9a:e8:22:9f:87:42:c2:89:34:46:f7:5d:e8:0b:e8:
                    66:20:a4:e4:bd:6e:95:3d:8b:8d:4a:6f:8f:ee:05:
                    7d:77:75:2e:18:60:fb:05:be:01:d0:47:a1:79:5d:
                    90:90:9c:87:81:8e:6d:83:e2:13:09:6d:9a:89:66:
                    79:66:4f:5e:d4:b3:3e:d3:e6:bb:3f:e5:a9:50:1f:
                    a5:ab:77:9c:5f:69:e3:ea:a2:d4:54:64:b2:ab:f5:
                    21:61:dc:8d:a1:70:d6:8e:41:d6:1b:50:3f:12:29:
                    35:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:CF:D4:EB:27:83:48:F5:47:E2:D2:F4:11:2D:DB:D9:D9:46:AA:F4
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D93A6FAC67DF11F0B09FC4EDDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.93.87.0-154.93.91.255
                  154.93.94.0/24
                  154.93.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:8c:ba:20:ed:10:6a:65:ff:64:d9:8f:f7:b5:01:dc:4a:e4:
         d5:a6:63:c9:4e:bc:29:01:fe:fd:65:f9:e0:41:61:11:64:ad:
         7b:7c:27:70:aa:6b:0c:2c:37:e9:2d:68:d2:23:ee:ca:ce:99:
         17:92:81:e0:74:bf:2b:79:d3:f0:02:45:90:82:6d:17:cd:73:
         a1:b9:ea:1d:8b:40:bf:b4:b6:c1:c4:d1:27:f1:29:08:a2:9b:
         51:29:c9:2a:0a:9a:6a:a8:e3:d7:71:a2:67:f5:b1:6b:fa:ae:
         9d:fc:6d:49:f6:75:41:e1:82:40:ec:b4:50:3c:ec:11:25:4b:
         05:69:40:2e:58:d8:79:16:b0:34:74:d4:56:6e:16:4f:9e:75:
         db:d0:64:2d:4a:26:a7:8f:b1:a3:00:fa:fd:01:93:f3:7b:19:
         7b:2d:0b:db:d3:9a:fa:78:d9:12:f3:32:e3:4f:42:4e:62:2c:
         28:96:f1:d9:73:b1:40:5b:9c:4e:73:fb:f6:cd:a5:6f:17:10:
         56:49:58:36:f6:bf:2f:8e:19:a8:0d:d5:8a:90:f5:c6:24:41:
         72:e3:8b:41:3f:84:64:1d:23:6c:6e:4c:27:e0:20:3d:58:e7:
         3e:25:6d:12:50:b5:64:c8:4f:cc:54:ee:39:a5:a1:60:3b:92:
         51:c6:32:ad
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAY9GMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzIzMTYxMjI5WhcNMjUxMDA0MTYxMjI5WjAYMRYw
FAYDVQQDEw02ODgxMDlmNS0xZmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzFvQMWEYkWDNzZJOqP2jgII18P2ApAgs5lsWet4cVWzE+/gBwtPmDu0a
fNxhgT7y0VmvyMDirWHEUzvP/f41jPUlw0qfjVtBVSBOo3x9AtNguJ3mVzNjG5ou
0/AwnDMt8BHFmSUYN2el+Z1WtG+aTxHeBUeW6M5dCjg7piqm5+qTCX+jThNYHTi3
0DgsNb936CVSRX+a6CKfh0LCiTRG913oC+hmIKTkvW6VPYuNSm+P7gV9d3UuGGD7
Bb4B0EeheV2QkJyHgY5tg+ITCW2aiWZ5Zk9e1LM+0+a7P+WpUB+lq3ecX2nj6qLU
VGSyq/UhYdyNoXDWjkHWG1A/Eik1VQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFADP
1Osng0j1R+LS9BEt29nZRqr0MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EOTNBNkZBQzY3REYxMUYwQjA5RkM0RUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACaXVcDBAKaXVgDBACa
XV4DBACaXXswDQYJKoZIhvcNAQELBQADggEBAJiMuiDtEGpl/2TZj/e1AdxK5NWm
Y8lOvCkB/v1l+eBBYRFkrXt8J3CqawwsN+ktaNIj7srOmReSgeB0vyt50/ACRZCC
bRfNc6G56h2LQL+0tsHE0SfxKQiim1EpySoKmmqo49dxomf1sWv6rp38bUn2dUHh
gkDstFA87BElSwVpQC5Y2HkWsDR01FZuFk+eddvQZC1KJqePsaMA+v0Bk/N7GXst
C9vTmvp42RLzMuNPQk5iLCiW8dlzsUBbnE5z+/bNpW8XEFZJWDb2vy+OGagN1YqQ
9cYkQXLji0E/hGQdI2xuTCfgID1Y5z4lbRJQtWTIT8xU7jmloWA7klHGMq0=
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:16:13 2025 by rpki-client