Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE755948689411F09AC5CE90DAE4EC9C.roa
File:                     FE755948689411F09AC5CE90DAE4EC9C.roa (raw, json)
Hash identifier:          KZSMCe3ydb/wfvjhxObvoozt4uU0SKbf3yiYudnxX+s=
Subject key identifier:   5B:FB:01:67:39:14:0F:08:76:D7:7D:A5:F9:E6:11:49:DB:95:23:BE
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       016781
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE755948689411F09AC5CE90DAE4EC9C.roa
Signing time:             Thu 24 Jul 2025 13:49:18 +0000
ROA not before:           Thu 24 Jul 2025 13:49:14 +0000
ROA not after:            Thu 28 Aug 2025 13:49:14 +0000
asID:                     214238
IP address blocks:        45.192.59.0/24 maxlen: 24
                          45.192.63.0/24 maxlen: 24
                          45.195.161.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 11 Aug 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 92033 (0x16781)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jul 24 13:49:14 2025 GMT
            Not After : Aug 28 13:49:14 2025 GMT
        Subject: CN=688239de-a67d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:33:ff:b8:b6:0a:03:dd:d0:ee:be:ce:19:d3:
                    3d:b3:c1:53:d2:ab:09:38:df:88:41:19:2c:ab:1e:
                    86:bd:79:e8:78:fd:1b:59:db:fe:77:b3:4e:ed:0b:
                    18:f5:ce:c5:6e:80:24:16:3d:b9:0b:1d:ee:78:7b:
                    7f:6b:c1:6d:35:84:8c:fe:3a:d9:68:c8:db:fa:f3:
                    07:c9:c8:ad:00:bb:80:5b:98:17:ec:e8:ca:a0:2b:
                    0c:de:79:a4:30:e2:ad:af:f6:59:8e:48:c6:b8:98:
                    40:40:50:90:a6:3d:36:b6:a7:30:96:36:85:5a:dc:
                    ff:14:b0:4a:44:4f:ae:04:7b:22:68:1b:1f:04:0a:
                    3e:0f:eb:e9:c1:00:1d:1d:1e:4c:a9:8a:11:c6:17:
                    ba:98:2d:fc:67:aa:bb:a6:19:22:b6:6f:87:05:06:
                    7c:63:34:70:79:c2:e1:97:79:f8:eb:4d:79:f8:c6:
                    61:7b:73:9d:e0:e0:79:c0:92:e9:e0:47:5b:95:df:
                    41:eb:af:cc:18:c8:76:f1:e9:34:a9:1a:c0:49:a7:
                    68:4e:e8:98:80:f6:ef:e2:42:2b:dd:a6:3c:66:f2:
                    23:f1:87:21:4d:e1:78:28:88:bb:0a:84:29:14:5f:
                    c0:a0:98:5b:d3:5d:bd:ea:24:39:ae:61:33:16:0d:
                    ba:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:FB:01:67:39:14:0F:08:76:D7:7D:A5:F9:E6:11:49:DB:95:23:BE
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE755948689411F09AC5CE90DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.192.59.0/24
                  45.192.63.0/24
                  45.195.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:8e:82:63:db:0e:ea:21:56:a7:3e:cf:91:ec:3b:f5:4d:8f:
         fa:d4:43:2d:9e:4d:06:f4:34:9b:4b:61:8d:20:9e:0e:a6:e7:
         7a:9d:d2:c8:da:7d:1f:64:31:9c:a6:4d:05:fa:af:95:95:ab:
         23:b7:eb:12:cd:59:da:a0:d1:f2:00:c0:15:18:15:01:25:bd:
         72:dc:d0:70:33:7f:4e:8f:e7:49:86:f2:a4:48:c7:7f:df:a3:
         63:7c:91:d0:5b:57:59:38:b1:e0:62:e6:9c:fe:27:31:e7:3e:
         23:62:35:4b:bb:f4:b3:84:87:86:b3:6e:d8:85:d5:f2:af:b7:
         1c:3c:fd:13:9b:a4:72:77:30:dd:a7:45:8d:d1:7e:29:68:c0:
         1f:43:3a:c9:e7:38:4b:6f:d2:26:d1:74:13:6b:7a:a8:60:67:
         0c:37:ee:4c:55:ba:00:41:d8:21:31:b3:24:ee:56:1e:9f:80:
         2f:6c:5b:0c:93:df:cb:60:b0:4e:00:22:43:1f:9e:b0:8f:1b:
         f9:bf:9e:6f:97:10:d3:d7:f5:1e:9d:59:2a:29:fa:ed:1c:fc:
         ea:1c:75:87:7c:3e:3f:a3:04:84:9e:aa:42:4b:c8:8c:6a:64:
         36:ba:69:31:48:3f:d2:e5:5c:6f:06:dc:b2:c1:20:b4:69:8f:
         1c:9e:52:f5
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAWeBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzI0MTM0OTE0WhcNMjUwODI4MTM0OTE0WjAYMRYw
FAYDVQQDEw02ODgyMzlkZS1hNjdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnjP/uLYKA93Q7r7OGdM9s8FT0qsJON+IQRksqx6GvXnoeP0bWdv+d7NO
7QsY9c7FboAkFj25Cx3ueHt/a8FtNYSM/jrZaMjb+vMHycitALuAW5gX7OjKoCsM
3nmkMOKtr/ZZjkjGuJhAQFCQpj02tqcwljaFWtz/FLBKRE+uBHsiaBsfBAo+D+vp
wQAdHR5MqYoRxhe6mC38Z6q7phkitm+HBQZ8YzRwecLhl3n46015+MZhe3Od4OB5
wJLp4Edbld9B66/MGMh28ek0qRrASadoTuiYgPbv4kIr3aY8ZvIj8YchTeF4KIi7
CoQpFF/AoJhb01296iQ5rmEzFg26EQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFFv7
AWc5FA8Idtd9pfnmEUnblSO+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRTc1NTk0ODY4OTQxMUYwOUFDNUNFOTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALcA7AwQALcA/AwQALcOhMA0G
CSqGSIb3DQEBCwUAA4IBAQCOjoJj2w7qIVanPs+R7Dv1TY/61EMtnk0G9DSbS2GN
IJ4Opud6ndLI2n0fZDGcpk0F+q+Vlasjt+sSzVnaoNHyAMAVGBUBJb1y3NBwM39O
j+dJhvKkSMd/36NjfJHQW1dZOLHgYuac/icx5z4jYjVLu/SzhIeGs27YhdXyr7cc
PP0Tm6RydzDdp0WN0X4paMAfQzrJ5zhLb9Im0XQTa3qoYGcMN+5MVboAQdghMbMk
7lYen4AvbFsMk9/LYLBOACJDH56wjxv5v55vlxDT1/UenVkqKfrtHPzqHHWHfD4/
owSEnqpCS8iMamQ2umkxSD/S5VxvBtyywSC0aY8cnlL1
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:42:15 2025 by rpki-client