Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/1306C5242D0A11F1ACE79FA2DAE4EC9C.roa
File:                     1306C5242D0A11F1ACE79FA2DAE4EC9C.roa (raw, json)
Hash identifier:          Yap6AiBkD3ixZ9mWZ1ZB8OCM/j6jVoGOnv3+2v/DDNI=
Subject key identifier:   AE:85:FA:A5:F5:45:66:82:3C:83:9E:DD:25:37:2B:17:31:38:26:99
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       076A
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/1306C5242D0A11F1ACE79FA2DAE4EC9C.roa
Signing time:             Tue 31 Mar 2026 14:01:12 +0000
ROA not before:           Tue 31 Mar 2026 14:01:06 +0000
ROA not after:            Mon 31 Mar 2036 14:01:06 +0000
asID:                     37645
IP address blocks:        102.202.244.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 18 Apr 2026 02:18:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1898 (0x76a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF, serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Mar 31 14:01:06 2026 GMT
            Not After : Mar 31 14:01:06 2036 GMT
        Subject: CN=69cbd3a8-5976
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:92:11:19:ec:f2:6d:1c:ff:64:d7:38:f3:c0:
                    da:dc:96:db:9a:0b:3b:d6:b2:3f:67:7b:f5:2a:13:
                    05:b4:e2:e6:1d:11:93:22:18:41:71:17:65:4f:97:
                    8f:46:50:7a:90:7c:35:49:61:84:6b:a9:c4:07:2a:
                    03:08:b6:27:21:9c:76:1c:fa:ca:f3:36:5b:79:b8:
                    3c:70:f1:3f:38:80:ff:57:4f:75:16:14:e9:2f:91:
                    8c:bb:b4:7c:77:27:7c:07:0f:08:dc:33:bc:e4:8e:
                    ca:49:34:ba:8a:8e:51:99:7f:01:76:f2:f3:be:04:
                    81:a3:9f:0b:84:1d:8c:7e:a6:26:7f:22:3e:af:4c:
                    12:80:c1:31:36:7c:4e:ee:98:a8:cb:23:85:b2:3f:
                    d0:5a:56:72:ab:d7:5f:05:0b:71:6a:71:0d:1e:a8:
                    7a:cf:29:10:ed:86:d0:b8:dd:67:88:50:d8:86:ed:
                    87:9a:d1:54:83:db:f9:61:79:08:c0:3f:7d:7c:ab:
                    9d:2c:c3:fe:d0:0e:c3:09:82:7c:06:08:d5:29:6a:
                    13:99:54:70:d0:3c:c7:a5:88:3a:35:78:9c:b3:be:
                    46:62:d6:cf:57:8b:24:32:2d:af:da:1c:76:5f:e7:
                    c3:5b:a0:7f:ab:56:d2:1a:9e:7d:3e:9b:e1:bd:29:
                    73:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:85:FA:A5:F5:45:66:82:3C:83:9E:DD:25:37:2B:17:31:38:26:99
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/1306C5242D0A11F1ACE79FA2DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.202.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:48:cd:7d:88:8d:31:ae:cf:0d:6e:f2:4c:f2:be:77:2e:39:
         78:e8:15:4e:c6:20:30:af:e5:95:95:86:69:4f:2e:a6:1b:e8:
         9d:19:30:e7:f8:21:0a:72:e8:eb:9c:28:dd:c5:9a:8d:47:59:
         ab:6c:23:3a:84:a3:71:6a:c2:93:81:1a:39:ba:ae:31:64:e4:
         45:56:35:29:7b:a2:65:11:f2:2b:54:b3:b4:c2:c3:30:90:b6:
         88:1e:e8:6b:39:53:ce:6d:8f:90:08:b2:46:94:35:ec:6a:a7:
         38:fb:4d:11:9f:24:cc:d8:74:c4:b3:fd:e5:14:c7:d3:76:bf:
         68:cf:8a:10:4e:75:6d:03:97:6f:59:fd:98:51:7c:db:be:a4:
         82:2d:15:87:ce:78:a4:a2:8e:7a:44:26:ba:b2:80:ca:be:36:
         84:fd:76:00:c1:3f:4a:23:e1:1d:43:41:00:6c:b6:c5:b5:22:
         bb:7d:70:38:1d:6e:48:65:84:d3:c9:4b:ab:51:da:aa:1f:ed:
         d2:ba:e2:0a:17:e8:f4:cf:25:de:fd:bc:36:f1:1c:76:fa:e6:
         bb:4e:eb:7f:0e:6f:da:16:0c:1c:2d:d3:c9:4e:38:70:a6:22:
         7a:ea:d6:0d:5e:2b:bc:a9:9d:c0:5a:7e:b2:92:8a:58:bc:f0:
         10:a4:6e:63
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB2owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTFDRUZBRjExMC8GA1UEBRMoODJGMUM2NjExQTNBMTQ2N0RCM0Q3OEE0QTVGRUQ1
MEEwOEE1N0IxMzAeFw0yNjAzMzExNDAxMDZaFw0zNjAzMzExNDAxMDZaMBgxFjAU
BgNVBAMTDTY5Y2JkM2E4LTU5NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDakhEZ7PJtHP9k1zjzwNrcltuaCzvWsj9ne/UqEwW04uYdEZMiGEFxF2VP
l49GUHqQfDVJYYRrqcQHKgMItichnHYc+srzNlt5uDxw8T84gP9XT3UWFOkvkYy7
tHx3J3wHDwjcM7zkjspJNLqKjlGZfwF28vO+BIGjnwuEHYx+piZ/Ij6vTBKAwTE2
fE7umKjLI4WyP9BaVnKr118FC3FqcQ0eqHrPKRDthtC43WeIUNiG7Yea0VSD2/lh
eQjAP318q50sw/7QDsMJgnwGCNUpahOZVHDQPMeliDo1eJyzvkZi1s9XiyQyLa/a
HHZf58NboH+rVtIann0+m+G9KXMdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUroX6
pfVFZoI8g57dJTcrFzE4JpkwHwYDVR0jBBgwFoAUgvHGYRo6FGfbPXikpf7VCgil
exMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4QTAxNENFL2d2SEdZ
Um82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2d2SEdZUm82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4
QTAxNENFLzEzMDZDNTI0MkQwQTExRjFBQ0U3OUZBMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJmyvQwDQYJKoZIhvcNAQEL
BQADggEBAHBIzX2IjTGuzw1u8kzyvncuOXjoFU7GIDCv5ZWVhmlPLqYb6J0ZMOf4
IQpy6OucKN3Fmo1HWatsIzqEo3FqwpOBGjm6rjFk5EVWNSl7omUR8itUs7TCwzCQ
toge6Gs5U85tj5AIskaUNexqpzj7TRGfJMzYdMSz/eUUx9N2v2jPihBOdW0Dl29Z
/ZhRfNu+pIItFYfOeKSijnpEJrqygMq+NoT9dgDBP0oj4R1DQQBstsW1Irt9cDgd
bkhlhNPJS6tR2qof7dK64goX6PTPJd79vDbxHHb65rtO638Ob9oWDBwt08lOOHCm
Inrq1g1eK7ypncBafrKSili88BCkbmM=
-----END CERTIFICATE-----