Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86E6AC0A67B911F082585C79DAE4EC9C.roa
File:                     86E6AC0A67B911F082585C79DAE4EC9C.roa (raw, json)
Hash identifier:          7vcsxbXDp5J4bGjofnZw1VUbZCOQmHhlM8T8x35Jp2o=
Subject key identifier:   73:B5:D2:6E:E4:FF:E8:DB:64:A4:96:B5:EA:5A:D7:56:35:D8:AA:91
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       0166E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86E6AC0A67B911F082585C79DAE4EC9C.roa
Signing time:             Wed 23 Jul 2025 11:38:18 +0000
ROA not before:           Wed 23 Jul 2025 11:38:13 +0000
ROA not after:            Fri 29 Aug 2025 11:38:13 +0000
asID:                     398704
IP address blocks:        156.245.192.0/24 maxlen: 24
                          156.245.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 10 Aug 2025 00:26:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 91877 (0x166e5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jul 23 11:38:13 2025 GMT
            Not After : Aug 29 11:38:13 2025 GMT
        Subject: CN=6880c9aa-4579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:10:be:17:8d:88:73:e5:5d:2f:b1:aa:e0:cc:
                    0e:0c:d0:80:33:7e:61:6d:f3:01:34:aa:88:4b:13:
                    bb:80:79:8c:94:7e:a5:b3:90:7d:08:d3:a6:9b:ba:
                    b3:46:9b:f9:9e:db:5e:50:3f:23:1f:37:0a:4d:01:
                    e8:6e:87:fc:b5:c8:1c:b4:be:63:ed:00:b4:63:df:
                    51:3a:5d:61:7b:d8:55:59:3c:23:50:92:d8:ce:4e:
                    c2:58:fa:e0:5b:ca:71:a1:9d:d3:d0:7c:a3:58:ca:
                    9a:8f:4b:eb:ea:da:98:67:95:2d:fe:26:2c:21:8d:
                    51:d6:66:74:61:ac:81:71:f7:16:e7:c9:5d:5c:e6:
                    9b:42:55:07:a6:d6:b4:20:85:b6:95:09:f7:70:0d:
                    d8:7d:27:26:2a:c5:93:d5:6a:bc:07:c0:b6:46:8f:
                    1d:5b:5f:eb:96:ca:65:c2:18:12:96:da:61:ae:a9:
                    c3:e8:0c:83:71:72:51:3b:14:eb:3b:57:0f:a5:ff:
                    f5:3a:fa:77:84:a9:de:c2:98:74:79:f1:66:ee:61:
                    a3:37:4d:a0:b6:9e:7a:63:c7:2d:16:ac:5e:6f:8e:
                    be:ca:03:f7:bc:00:bc:44:10:67:8b:86:1c:b9:2b:
                    2f:48:e2:e2:46:a5:5b:cf:2a:59:67:95:59:7c:ba:
                    9f:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:B5:D2:6E:E4:FF:E8:DB:64:A4:96:B5:EA:5A:D7:56:35:D8:AA:91
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86E6AC0A67B911F082585C79DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.245.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         47:27:da:2e:e6:a5:e7:72:6e:39:e7:4c:35:5c:b9:8c:54:40:
         c0:f5:5d:a5:04:2a:bd:4b:4d:b2:e1:e2:94:97:ba:b9:36:b9:
         70:41:4f:17:b3:12:a3:a4:0a:d2:bc:4c:1a:e2:4d:fe:d7:7d:
         25:6d:ad:06:d2:78:7b:9a:fc:1a:1e:bb:cd:1a:61:0d:b6:d1:
         f1:23:6d:61:6e:37:ff:a4:12:b9:9c:2b:82:23:0d:af:b9:57:
         1c:ef:5a:d7:a0:cf:c6:ea:67:8a:f0:41:65:de:5d:0d:c0:e9:
         e8:00:ac:a0:46:a6:13:a5:83:f2:7d:ff:e8:e7:b3:e2:97:47:
         2c:27:21:70:f1:65:ab:33:be:44:5a:24:d5:41:dc:44:1e:af:
         0a:6d:29:bf:9a:3d:95:a4:29:44:8a:59:49:4a:b1:4f:69:f9:
         11:1d:3b:59:8d:4d:71:c4:f1:e1:97:b1:d3:b9:8f:63:42:30:
         eb:a4:6a:77:a3:d5:96:33:59:14:4a:8f:31:38:c1:13:c8:aa:
         dc:6c:cc:4a:8b:3b:61:5a:22:bc:f4:bb:c7:7f:2c:8f:68:76:
         4a:3d:e0:28:b6:29:7b:48:bf:cc:d7:48:60:ef:be:ba:e8:59:
         0f:25:60:d4:95:90:78:ad:1b:d4:74:e3:79:56:b2:76:db:5b:
         b1:4b:b5:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWblMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIzMTEzODEzWhcNMjUwODI5MTEzODEzWjAYMRYw
FAYDVQQDEw02ODgwYzlhYS00NTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4RC+F42Ic+VdL7Gq4MwODNCAM35hbfMBNKqISxO7gHmMlH6ls5B9CNOm
m7qzRpv5ntteUD8jHzcKTQHobof8tcgctL5j7QC0Y99ROl1he9hVWTwjUJLYzk7C
WPrgW8pxoZ3T0HyjWMqaj0vr6tqYZ5Ut/iYsIY1R1mZ0YayBcfcW58ldXOabQlUH
pta0IIW2lQn3cA3YfScmKsWT1Wq8B8C2Ro8dW1/rlsplwhgSltphrqnD6AyDcXJR
OxTrO1cPpf/1Ovp3hKnewph0efFm7mGjN02gtp56Y8ctFqxeb46+ygP3vAC8RBBn
i4YcuSsvSOLiRqVbzypZZ5VZfLqfowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHO1
0m7k/+jbZKSWtepa11Y12KqRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NkU2QUMwQTY3QjkxMUYwODI1ODVDNzlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXAMA0GCSqGSIb3DQEBCwUA
A4IBAQBHJ9ou5qXncm4550w1XLmMVEDA9V2lBCq9S02y4eKUl7q5NrlwQU8XsxKj
pArSvEwa4k3+130lba0G0nh7mvwaHrvNGmENttHxI21hbjf/pBK5nCuCIw2vuVcc
71rXoM/G6meK8EFl3l0NwOnoAKygRqYTpYPyff/o57Pil0csJyFw8WWrM75EWiTV
QdxEHq8KbSm/mj2VpClEillJSrFPafkRHTtZjU1xxPHhl7HTuY9jQjDrpGp3o9WW
M1kUSo8xOMETyKrcbMxKizthWiK89LvHfyyPaHZKPeAotil7SL/M10hg77666FkP
JWDUlZB4rRvUdON5VrJ221uxS7VG
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:58:23 2025 by rpki-client