Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/901DEFCA2D1811F1A30C24F5DAE4EC9C.roa
File:                     901DEFCA2D1811F1A30C24F5DAE4EC9C.roa (raw, json)
Hash identifier:          idx082MQgEGFii3PMe5uhvENRLBGqI2MvkDj/0s+aOo=
Subject key identifier:   F0:78:3B:C9:EA:E2:B1:E6:15:20:35:10:8F:29:FF:EF:62:7B:50:E7
Certificate issuer:       /CN=F36A1CEFAF/serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
Certificate serial:       0770
Authority key identifier: 82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/901DEFCA2D1811F1A30C24F5DAE4EC9C.roa
Signing time:             Tue 31 Mar 2026 15:44:55 +0000
ROA not before:           Tue 31 Mar 2026 15:44:50 +0000
ROA not after:            Mon 31 Mar 2036 15:44:50 +0000
asID:                     37645
IP address blocks:        102.221.108.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 19 Apr 2026 00:07:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1904 (0x770)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A1CEFAF, serialNumber=82F1C6611A3A1467DB3D78A4A5FED50A08A57B13
        Validity
            Not Before: Mar 31 15:44:50 2026 GMT
            Not After : Mar 31 15:44:50 2036 GMT
        Subject: CN=69cbebf7-ebea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:e6:9c:2e:2e:7e:16:f1:6f:59:b9:86:e0:37:
                    8a:81:16:13:ec:e5:23:60:98:23:ff:14:43:7e:8d:
                    3a:7c:8a:c5:30:92:a4:f1:ef:c7:ef:ad:bc:ba:e8:
                    60:ef:45:7b:8e:af:e9:53:e3:e3:ea:66:e1:f7:e9:
                    a4:ae:93:da:6d:54:4c:b8:bf:2f:d3:ef:cd:21:7a:
                    b2:49:c8:93:a2:ee:26:64:dc:87:39:27:4f:f4:52:
                    15:cf:c2:29:1c:59:85:20:10:fe:67:02:3d:9f:d7:
                    c5:88:57:f4:b3:82:93:74:19:2c:43:fb:0b:9c:f6:
                    b7:c5:94:62:40:5d:ce:51:2c:e4:65:54:ff:be:5f:
                    e0:bd:21:f9:28:6c:9d:c4:59:38:a3:c4:3f:1d:ab:
                    57:d9:77:48:54:46:ae:f5:82:a3:69:87:50:eb:fc:
                    41:da:73:45:e6:eb:e1:1e:27:c8:0c:bb:c4:f5:59:
                    ab:22:00:d8:6e:c5:0f:5a:4d:00:3d:76:89:5d:47:
                    c6:02:dd:6d:de:fc:e3:b5:53:56:89:d6:7a:8f:f9:
                    c4:c0:9a:0e:89:fc:1e:77:2e:42:df:a3:af:0b:42:
                    08:02:9f:40:05:eb:9d:43:cf:f6:5d:6a:3e:30:62:
                    d3:fc:73:3a:d9:17:ea:f3:5f:48:8e:e9:8d:cf:45:
                    19:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:78:3B:C9:EA:E2:B1:E6:15:20:35:10:8F:29:FF:EF:62:7B:50:E7
            X509v3 Authority Key Identifier:
                keyid:82:F1:C6:61:1A:3A:14:67:DB:3D:78:A4:A5:FE:D5:0A:08:A5:7B:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/gvHGYRo6FGfbPXikpf7VCgilexM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gvHGYRo6FGfbPXikpf7VCgilexM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A1CEF/7F388DE4F13811EB917FD717D8A014CE/901DEFCA2D1811F1A30C24F5DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.221.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:0d:2e:fd:05:b9:55:c9:5b:cc:6d:40:c3:ee:8b:45:54:1e:
         0b:1d:49:bd:fb:e7:e6:e8:1b:e8:8e:71:f5:c5:ca:47:2c:53:
         d2:a3:7f:a1:40:99:d6:6c:4e:19:9d:90:95:08:d0:c0:0d:18:
         e3:ea:3b:b9:10:77:a5:f4:a9:90:ee:be:e3:f9:71:9c:3b:82:
         97:b7:04:38:d2:dc:96:0a:f1:b0:60:40:91:c4:de:06:c0:39:
         10:fc:da:79:12:83:14:69:59:82:f6:9e:11:3e:40:3e:8e:c4:
         93:fc:85:ca:7c:9c:46:77:76:3f:e8:a7:34:98:8d:a3:2d:70:
         42:1f:d6:3a:82:4c:ff:c0:ee:2b:1a:25:aa:4f:f5:41:e9:e4:
         cb:f7:6e:ba:43:ca:f3:fd:cc:51:89:1c:07:d5:dd:6d:79:86:
         54:0c:da:c8:fd:df:c3:b3:04:b7:c0:9a:f1:9b:42:30:5c:63:
         32:f6:48:a7:ca:5f:8b:7e:ee:1d:06:d1:c3:90:cb:19:3c:d2:
         f7:26:db:43:14:2a:72:33:62:bf:2b:c8:60:4c:48:b1:3e:ef:
         41:4a:39:45:48:26:fb:4a:25:26:a4:39:73:c4:f1:e3:9e:4f:
         ae:dc:a5:b5:eb:c5:27:78:8e:83:41:d6:0f:b2:7c:2f:d0:98:
         f1:96:22:49
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICB3AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
QTFDRUZBRjExMC8GA1UEBRMoODJGMUM2NjExQTNBMTQ2N0RCM0Q3OEE0QTVGRUQ1
MEEwOEE1N0IxMzAeFw0yNjAzMzExNTQ0NTBaFw0zNjAzMzExNTQ0NTBaMBgxFjAU
BgNVBAMTDTY5Y2JlYmY3LWViZWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQD15pwuLn4W8W9ZuYbgN4qBFhPs5SNgmCP/FEN+jTp8isUwkqTx78fvrby6
6GDvRXuOr+lT4+PqZuH36aSuk9ptVEy4vy/T780herJJyJOi7iZk3Ic5J0/0UhXP
wikcWYUgEP5nAj2f18WIV/SzgpN0GSxD+wuc9rfFlGJAXc5RLORlVP++X+C9Ifko
bJ3EWTijxD8dq1fZd0hURq71gqNph1Dr/EHac0Xm6+EeJ8gMu8T1WasiANhuxQ9a
TQA9doldR8YC3W3e/OO1U1aJ1nqP+cTAmg6J/B53LkLfo68LQggCn0AF651Dz/Zd
aj4wYtP8czrZF+rzX0iO6Y3PRRkrAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU8Hg7
yeriseYVIDUQjyn/72J7UOcwHwYDVR0jBBgwFoAUgvHGYRo6FGfbPXikpf7VCgil
exMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4QTAxNENFL2d2SEdZ
Um82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2d2SEdZUm82RkdmYlBYaWtwZjdWQ2dpbGV4TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNkExQ0VGLzdGMzg4REU0RjEzODExRUI5MTdGRDcxN0Q4
QTAxNENFLzkwMURFRkNBMkQxODExRjFBMzBDMjRGNURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJm3WwwDQYJKoZIhvcNAQEL
BQADggEBABwNLv0FuVXJW8xtQMPui0VUHgsdSb375+boG+iOcfXFykcsU9Kjf6FA
mdZsThmdkJUI0MANGOPqO7kQd6X0qZDuvuP5cZw7gpe3BDjS3JYK8bBgQJHE3gbA
ORD82nkSgxRpWYL2nhE+QD6OxJP8hcp8nEZ3dj/opzSYjaMtcEIf1jqCTP/A7isa
JapP9UHp5Mv3brpDyvP9zFGJHAfV3W15hlQM2sj938OzBLfAmvGbQjBcYzL2SKfK
X4t+7h0G0cOQyxk80vcm20MUKnIzYr8ryGBMSLE+70FKOUVIJvtKJSakOXPE8eOe
T67cpbXrxSd4joNB1g+yfC/QmPGWIkk=
-----END CERTIFICATE-----