Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/93BDFB3463FA11F1ACB1CCE0CE1D38B0.roa
File:                     93BDFB3463FA11F1ACB1CCE0CE1D38B0.roa (raw, json)
Hash identifier:          fmmkTkTFSuPZFc46BIeku1vPRqMOQfjtlqzTwMfmhXQ=
Subject key identifier:   7F:0C:74:AB:C3:0B:2B:62:1A:F1:DF:F6:1F:0E:AA:EC:66:C5:29:68
Certificate issuer:       /CN=F3696E5FAF/serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
Certificate serial:       063B
Authority key identifier: 53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/93BDFB3463FA11F1ACB1CCE0CE1D38B0.roa
Signing time:             Tue 09 Jun 2026 11:58:50 +0000
ROA not before:           Tue 09 Jun 2026 11:58:45 +0000
ROA not after:            Tue 31 Dec 2030 11:58:45 +0000
asID:                     25818
IP address blocks:        102.177.120.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 15 Jun 2026 00:07:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1595 (0x63b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3696E5FAF, serialNumber=5375CF4CA1643B08C341BDA79D8BE105BDC3C48B
        Validity
            Not Before: Jun  9 11:58:45 2026 GMT
            Not After : Dec 31 11:58:45 2030 GMT
        Subject: CN=6a27fffa-ce73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b4:b6:e5:8d:35:92:d8:2e:17:b9:f2:7b:63:
                    8b:3c:7e:0c:00:7b:ee:5c:5c:22:1b:b6:7d:3d:5a:
                    2a:12:d0:e3:5f:b4:3b:e2:9e:18:37:f9:15:91:39:
                    5b:14:6e:fe:81:3c:58:ff:1e:42:e2:d1:68:a5:17:
                    b4:5e:09:9d:cb:d0:58:70:39:06:d4:17:c8:b4:7d:
                    39:50:0a:98:45:ba:df:61:ef:22:33:0d:dd:b4:39:
                    61:5a:75:85:24:9b:1f:30:14:ff:2d:33:83:28:f8:
                    a5:10:13:1b:39:80:c8:35:30:49:41:ed:40:0a:dd:
                    c6:a0:6b:95:c0:25:4a:9c:36:8c:87:39:9c:50:d8:
                    64:37:38:f2:86:53:ae:7e:2a:ae:87:83:a6:e4:ad:
                    ab:60:82:67:2e:78:73:7e:59:1c:48:47:67:18:9f:
                    16:4a:f2:14:a4:78:c4:1b:51:4e:11:87:44:1e:78:
                    2f:f7:ab:af:c5:4e:67:71:8c:9f:01:22:9d:48:37:
                    21:98:59:77:ab:aa:8d:4d:4c:56:3c:fa:bb:12:d8:
                    37:b9:52:cf:f8:e3:c5:e4:58:14:9f:ad:c1:c1:76:
                    8d:34:cb:45:5d:37:4c:68:63:be:04:ea:76:26:86:
                    a2:9a:c2:ab:30:8d:b9:55:42:83:4f:fe:91:0d:e3:
                    bd:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:0C:74:AB:C3:0B:2B:62:1A:F1:DF:F6:1F:0E:AA:EC:66:C5:29:68
            X509v3 Authority Key Identifier:
                keyid:53:75:CF:4C:A1:64:3B:08:C3:41:BD:A7:9D:8B:E1:05:BD:C3:C4:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/U3XPTKFkOwjDQb2nnYvhBb3DxIs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/U3XPTKFkOwjDQb2nnYvhBb3DxIs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3696E5F/3DA3D320189711ED8C936BD2F1222468/93BDFB3463FA11F1ACB1CCE0CE1D38B0.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:2f:88:be:34:3f:14:e5:ba:1e:e2:14:49:db:d0:90:d4:55:
         64:4b:3d:07:ae:3a:4a:b2:ed:cc:f8:b1:1c:82:f1:11:35:39:
         6c:6c:ab:9a:8e:fe:4c:36:a8:c8:d5:c3:fd:63:bf:28:7d:6a:
         b5:6c:94:65:f2:dc:bf:7c:48:ee:30:f6:10:db:93:12:1d:25:
         ef:8a:99:4c:1d:8b:92:79:08:fb:7b:bf:75:9e:63:d4:10:8f:
         44:36:5a:16:c0:a9:0e:c5:32:cf:5a:47:d7:bd:6d:ea:07:a7:
         0f:32:94:23:b9:57:c1:cc:01:0a:de:e8:83:0c:fb:b3:06:0a:
         28:0c:be:28:39:4f:29:68:64:7d:e2:b4:df:60:9a:9e:fa:06:
         48:92:0b:2c:0c:72:cf:54:c8:81:42:eb:87:9c:1f:7f:e1:8b:
         c9:f0:3d:5f:8a:ac:bb:8a:76:53:9a:be:89:16:1e:f1:dd:52:
         1e:e0:6e:9f:b0:a8:2c:56:8e:74:5f:c7:09:c3:5c:e2:33:dd:
         50:4e:01:26:e2:a4:e3:bb:d1:d5:65:e7:7f:ef:95:c8:7d:20:
         dd:0a:3f:94:d0:77:7e:d1:a6:36:37:6d:13:ad:9e:b7:17:31:
         f9:fc:e0:17:02:4d:63:76:7f:d5:d0:b2:67:53:a5:f2:b5:4e:
         e4:37:f2:cb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBjswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTZFNUZBRjExMC8GA1UEBRMoNTM3NUNGNENBMTY0M0IwOEMzNDFCREE3OUQ4QkUx
MDVCREMzQzQ4QjAeFw0yNjA2MDkxMTU4NDVaFw0zMDEyMzExMTU4NDVaMBgxFjAU
BgNVBAMTDTZhMjdmZmZhLWNlNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDEtLbljTWS2C4XufJ7Y4s8fgwAe+5cXCIbtn09WioS0ONftDvinhg3+RWR
OVsUbv6BPFj/HkLi0WilF7ReCZ3L0FhwOQbUF8i0fTlQCphFut9h7yIzDd20OWFa
dYUkmx8wFP8tM4Mo+KUQExs5gMg1MElB7UAK3caga5XAJUqcNoyHOZxQ2GQ3OPKG
U65+Kq6Hg6bkratggmcueHN+WRxIR2cYnxZK8hSkeMQbUU4Rh0QeeC/3q6/FTmdx
jJ8BIp1INyGYWXerqo1NTFY8+rsS2De5Us/448XkWBSfrcHBdo00y0VdN0xoY74E
6nYmhqKawqswjblVQoNP/pEN473NAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUfwx0
q8MLK2Ia8d/2Hw6q7GbFKWgwHwYDVR0jBBgwFoAUU3XPTKFkOwjDQb2nnYvhBb3D
xIswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYxMjIyNDY4L1UzWFBU
S0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL1UzWFBUS0ZrT3dqRFFiMm5uWXZoQmIzRHhJcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjk2RTVGLzNEQTNEMzIwMTg5NzExRUQ4QzkzNkJEMkYx
MjIyNDY4LzkzQkRGQjM0NjNGQTExRjFBQ0IxQ0NFMENFMUQzOEIwLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsXgwDQYJKoZIhvcNAQEL
BQADggEBABAviL40PxTluh7iFEnb0JDUVWRLPQeuOkqy7cz4sRyC8RE1OWxsq5qO
/kw2qMjVw/1jvyh9arVslGXy3L98SO4w9hDbkxIdJe+KmUwdi5J5CPt7v3WeY9QQ
j0Q2WhbAqQ7FMs9aR9e9beoHpw8ylCO5V8HMAQre6IMM+7MGCigMvig5TyloZH3i
tN9gmp76BkiSCywMcs9UyIFC64ecH3/hi8nwPV+KrLuKdlOavokWHvHdUh7gbp+w
qCxWjnRfxwnDXOIz3VBOASbipOO70dVl53/vlch9IN0KP5TQd37RpjY3bROtnrcX
Mfn84BcCTWN2f9XQsmdTpfK1TuQ38ss=
-----END CERTIFICATE-----