Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/1F6044E263CB11F18B094EC7CE1D38B0.roa
File:                     1F6044E263CB11F18B094EC7CE1D38B0.roa (raw, json)
Hash identifier:          jA+jqGSdT4Jt9X0XI+H2ye6u3WTekunF2PsW/Ou42EI=
Subject key identifier:   37:E2:CB:1F:82:8D:52:4A:B2:50:19:BF:A0:BA:F2:D0:15:67:A7:DF
Certificate issuer:       /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial:       0607
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/1F6044E263CB11F18B094EC7CE1D38B0.roa
Signing time:             Tue 09 Jun 2026 06:19:08 +0000
ROA not before:           Tue 09 Jun 2026 06:19:03 +0000
ROA not after:            Tue 31 Dec 2030 06:19:03 +0000
asID:                     25818
IP address blocks:        102.177.125.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 15 Jun 2026 00:07:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1543 (0x607)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3696E5FAF, serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
        Validity
            Not Before: Jun  9 06:19:03 2026 GMT
            Not After : Dec 31 06:19:03 2030 GMT
        Subject: CN=6a27b05c-821f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:db:87:f9:d7:b7:7a:54:bf:14:e3:f3:5d:f2:
                    90:53:8b:7d:85:cb:f6:89:8e:e4:bc:c2:97:b9:11:
                    4a:3d:83:bb:bf:15:e3:ca:47:2e:bf:d5:41:77:fe:
                    4f:6a:ba:0b:40:bf:d7:f4:c5:c7:57:a4:fe:3d:a4:
                    8c:12:ba:de:eb:a0:c6:36:85:e4:b4:4c:20:e4:b3:
                    60:ac:5a:f2:a7:f9:5f:3c:4c:28:89:8b:61:60:21:
                    cd:7f:2b:c7:21:3d:53:d0:b2:a0:5a:4f:da:3f:b2:
                    83:b4:98:cc:e8:7b:ea:81:71:79:7a:e8:92:8a:8f:
                    f9:38:b2:d3:d1:0b:47:d8:08:a0:e7:cc:45:8f:4f:
                    54:ba:52:72:64:9c:17:6f:65:d9:6c:74:f9:02:2f:
                    14:e7:c2:4b:6d:30:d2:9e:c4:e7:ff:cb:3b:4f:37:
                    49:0a:0b:bf:ca:48:8c:59:fc:1b:50:23:f8:89:8d:
                    f9:b8:5d:b3:ee:8d:c9:d9:81:73:c7:d2:d9:40:6b:
                    43:44:88:1f:6f:68:78:fb:10:58:af:b9:e8:54:cc:
                    39:43:03:70:e8:9e:7b:0a:c3:2c:1d:ee:30:60:65:
                    ae:04:63:de:c4:df:55:d4:cd:c9:ba:cd:34:0e:76:
                    ec:5e:25:e5:63:ba:66:9c:cf:bc:98:c2:8e:b7:b5:
                    eb:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:E2:CB:1F:82:8D:52:4A:B2:50:19:BF:A0:BA:F2:D0:15:67:A7:DF
            X509v3 Authority Key Identifier:
                keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/1F6044E263CB11F18B094EC7CE1D38B0.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:c3:52:41:e6:16:df:21:85:65:c5:d3:66:22:88:ff:ee:0a:
         c6:e9:ba:9b:55:64:98:17:7e:53:cb:ca:eb:9b:cb:1a:d1:25:
         8e:dc:08:e4:f7:9e:53:28:63:40:a6:aa:39:21:32:78:58:5a:
         8b:61:5b:42:93:3b:9d:9f:ec:d3:77:87:df:a9:03:1c:54:f8:
         08:3d:f1:5e:2e:96:37:65:0f:cb:05:62:4d:cc:0c:b2:f2:e6:
         a3:fe:d2:16:6a:bf:a0:f1:a9:77:14:e0:ed:d8:a8:92:48:a3:
         72:7f:8d:5d:4b:23:7b:f3:4e:de:61:52:1b:f1:94:3f:3e:f2:
         11:a4:db:af:b1:ed:f5:38:6e:e5:2c:67:31:d1:05:6a:74:7a:
         4e:24:0d:82:a9:63:39:0b:fc:49:a1:50:54:d3:e0:a3:89:72:
         aa:f4:80:db:e5:e8:da:9d:ca:16:4a:4a:7e:fa:48:4b:eb:8b:
         33:28:83:98:eb:19:8e:5c:70:b8:9e:22:bb:ff:75:9f:43:f3:
         e7:62:59:60:21:ed:7b:f8:44:40:7d:8d:17:34:e1:5e:12:01:
         27:00:89:cb:79:cd:e3:4d:50:2a:a3:0f:0a:ce:34:0e:b5:85:
         69:c5:4b:75:dd:7b:af:ee:8e:34:e3:5e:76:59:17:eb:40:34:
         24:c5:d9:a9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBgcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yNjA2MDkwNjE5MDNaFw0zMDEyMzEwNjE5MDNaMBgxFjAU
BgNVBAMTDTZhMjdiMDVjLTgyMWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQ24f517d6VL8U4/Nd8pBTi32Fy/aJjuS8wpe5EUo9g7u/FePKRy6/1UF3
/k9qugtAv9f0xcdXpP49pIwSut7roMY2heS0TCDks2CsWvKn+V88TCiJi2FgIc1/
K8chPVPQsqBaT9o/soO0mMzoe+qBcXl66JKKj/k4stPRC0fYCKDnzEWPT1S6UnJk
nBdvZdlsdPkCLxTnwkttMNKexOf/yztPN0kKC7/KSIxZ/BtQI/iJjfm4XbPujcnZ
gXPH0tlAa0NEiB9vaHj7EFivuehUzDlDA3DonnsKwywd7jBgZa4EY97E31XUzcm6
zTQOduxeJeVjumacz7yYwo63tetlAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUN+LL
H4KNUkqyUBm/oLry0BVnp98wHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4LzFGNjA0NEUyNjNDQjExRjE4QjA5NEVDN0NFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsX0wDQYJKoZIhvcNAQEL
BQADggEBAALDUkHmFt8hhWXF02YiiP/uCsbpuptVZJgXflPLyuubyxrRJY7cCOT3
nlMoY0CmqjkhMnhYWothW0KTO52f7NN3h9+pAxxU+Ag98V4uljdlD8sFYk3MDLLy
5qP+0hZqv6DxqXcU4O3YqJJIo3J/jV1LI3vzTt5hUhvxlD8+8hGk26+x7fU4buUs
ZzHRBWp0ek4kDYKpYzkL/EmhUFTT4KOJcqr0gNvl6NqdyhZKSn76SEvrizMog5jr
GY5ccLieIrv/dZ9D8+diWWAh7Xv4REB9jRc04V4SAScAict5zeNNUCqjDwrONA61
hWnFS3Xde6/ujjTjXnZZF+tANCTF2ak=
-----END CERTIFICATE-----