Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/272AE180693C11F08C16AFD4DAE4EC9C.roa
File:                     272AE180693C11F08C16AFD4DAE4EC9C.roa (raw, json)
Hash identifier:          aADmgMiiJuD/9VgDlGlMYLqjRhMlcVPrF8BNAK7cbms=
Subject key identifier:   FD:69:72:12:DD:23:AF:FD:F8:11:EC:66:9A:A5:22:E3:B3:B3:75:7A
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       0167AE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/272AE180693C11F08C16AFD4DAE4EC9C.roa
Signing time:             Fri 25 Jul 2025 09:45:53 +0000
ROA not before:           Fri 25 Jul 2025 09:45:47 +0000
ROA not after:            Sat 30 Aug 2025 09:45:47 +0000
asID:                     152092
IP address blocks:        156.245.128.0/21 maxlen: 24
                          156.245.198.0/23 maxlen: 24
                          156.245.200.0/22 maxlen: 24
                          156.245.209.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 06 Aug 2025 00:26:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 92078 (0x167ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jul 25 09:45:47 2025 GMT
            Not After : Aug 30 09:45:47 2025 GMT
        Subject: CN=68835251-f979
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:86:16:41:ee:c3:72:fd:21:af:2a:83:d1:a6:
                    0f:54:b1:bc:ef:0e:00:20:2b:4d:25:82:f5:0e:19:
                    e0:12:36:ed:f6:f5:ee:45:30:ce:37:03:39:26:01:
                    69:ec:a3:16:ca:aa:c0:65:e0:28:8c:f1:b1:64:1b:
                    e1:af:b8:dc:d6:ff:96:75:03:f1:77:07:c9:d1:2a:
                    89:77:bf:c4:47:bf:2d:53:a7:61:94:18:ff:2a:60:
                    c0:b8:8c:6b:31:00:1b:b1:43:7a:63:81:8d:95:7f:
                    2f:ab:d5:a7:0c:d3:ee:61:84:a2:72:ca:1b:4e:bc:
                    35:0c:eb:4a:ec:bd:e5:1a:a5:9f:63:d4:01:c4:f2:
                    dd:71:0b:b7:8f:d7:97:e4:9b:16:c5:21:f7:a7:61:
                    96:9f:db:1e:7a:9c:73:5c:59:43:c5:2a:f6:c9:b5:
                    a6:1f:f4:1d:26:23:9b:ec:3a:95:be:8a:13:30:98:
                    6a:28:d1:63:75:03:cb:4c:73:ec:ec:58:7d:bc:b3:
                    af:89:00:3a:65:92:38:36:9d:e8:67:40:48:80:f4:
                    68:1d:c4:99:21:1e:ac:6e:ef:83:fd:da:25:d9:fd:
                    36:fc:18:59:9a:99:7f:06:2a:a6:ed:70:b2:86:a9:
                    df:46:12:12:cf:2b:e1:8e:b8:98:e6:80:d9:c8:8e:
                    9c:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:69:72:12:DD:23:AF:FD:F8:11:EC:66:9A:A5:22:E3:B3:B3:75:7A
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/272AE180693C11F08C16AFD4DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.245.128.0/21
                  156.245.198.0-156.245.203.255
                  156.245.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:ac:fc:28:69:af:43:b5:86:43:cb:b8:cf:08:de:4a:14:7d:
         5a:39:d4:57:23:d2:37:28:55:74:1c:08:57:d7:e9:bf:9a:08:
         90:e1:9c:a6:44:0d:ed:13:d1:f0:d3:58:62:58:26:ee:4d:bc:
         c8:02:e2:03:ea:56:9c:4e:fd:0f:28:29:6b:61:b4:2f:24:18:
         f1:96:dd:ed:b9:57:87:b9:4c:a7:ed:bc:eb:f0:87:0d:25:a5:
         4c:59:8c:59:62:04:39:19:d6:38:23:e4:80:a9:e3:2f:df:f1:
         35:15:8f:b9:0a:d1:d6:e5:b0:12:3d:10:00:67:fb:36:a7:e1:
         98:92:a3:cc:f0:91:01:2b:bd:73:49:6c:a1:72:b8:dd:ac:c0:
         6e:93:dc:76:15:73:cd:c3:c8:a5:35:c0:9e:06:64:e7:1e:b9:
         8e:f7:20:21:d7:12:4a:53:88:de:d4:6a:52:d3:00:55:47:29:
         1f:24:d6:b6:61:06:1c:a6:67:6b:8f:4a:2b:ed:07:57:37:49:
         17:8b:f4:20:6e:33:ca:28:0c:38:7d:c4:aa:21:a2:29:42:55:
         61:91:b4:46:e4:52:ba:1f:70:76:eb:81:82:d0:1c:86:d8:3c:
         0b:5d:06:90:f7:ea:4f:a8:20:ae:51:cc:fc:46:f4:a1:4b:38:
         9f:48:b1:b1
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAWeuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzI1MDk0NTQ3WhcNMjUwODMwMDk0NTQ3WjAYMRYw
FAYDVQQDEw02ODgzNTI1MS1mOTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA34YWQe7Dcv0hryqD0aYPVLG87w4AICtNJYL1DhngEjbt9vXuRTDONwM5
JgFp7KMWyqrAZeAojPGxZBvhr7jc1v+WdQPxdwfJ0SqJd7/ER78tU6dhlBj/KmDA
uIxrMQAbsUN6Y4GNlX8vq9WnDNPuYYSicsobTrw1DOtK7L3lGqWfY9QBxPLdcQu3
j9eX5JsWxSH3p2GWn9seepxzXFlDxSr2ybWmH/QdJiOb7DqVvooTMJhqKNFjdQPL
THPs7Fh9vLOviQA6ZZI4Np3oZ0BIgPRoHcSZIR6sbu+D/dol2f02/BhZmpl/Biqm
7XCyhqnfRhISzyvhjriY5oDZyI6cxQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFP1p
chLdI6/9+BHsZpqlIuOzs3V6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNzJBRTE4MDY5M0MxMUYwOEMxNkFGRDREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDnPWAMAwDBAGc9cYDBAKc9cgD
BACc9dEwDQYJKoZIhvcNAQELBQADggEBAIms/Chpr0O1hkPLuM8I3koUfVo51Fcj
0jcoVXQcCFfX6b+aCJDhnKZEDe0T0fDTWGJYJu5NvMgC4gPqVpxO/Q8oKWthtC8k
GPGW3e25V4e5TKftvOvwhw0lpUxZjFliBDkZ1jgj5ICp4y/f8TUVj7kK0dblsBI9
EABn+zan4ZiSo8zwkQErvXNJbKFyuN2swG6T3HYVc83DyKU1wJ4GZOceuY73ICHX
EkpTiN7UalLTAFVHKR8k1rZhBhymZ2uPSivtB1c3SReL9CBuM8ooDDh9xKohoilC
VWGRtEbkUrofcHbrgYLQHIbYPAtdBpD36k+oIK5RzPxG9KFLOJ9IsbE=
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:18:55 2025 by rpki-client