Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/5598B34AA8D311F09951D4DFDAE4EC9C.roa
File:                     5598B34AA8D311F09951D4DFDAE4EC9C.roa (raw, json)
Hash identifier:          ekkmLGUII3HkbjQJ5DqbrnE5zNaEvepsyMeJezGqRJY=
Subject key identifier:   73:16:48:04:EF:E8:65:F6:29:4E:7C:C9:0E:7D:29:D6:C2:AC:E2:CC
Certificate issuer:       /CN=F361F0D8AF/serialNumber=C83989863267D1364BC73F75E37CD6D2B7FEC987
Certificate serial:       0C
Authority key identifier: C8:39:89:86:32:67:D1:36:4B:C7:3F:75:E3:7C:D6:D2:B7:FE:C9:87
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/yDmJhjJn0TZLxz9143zW0rf-yYc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/5598B34AA8D311F09951D4DFDAE4EC9C.roa
Signing time:             Tue 14 Oct 2025 07:56:48 +0000
ROA not before:           Tue 14 Oct 2025 07:56:41 +0000
ROA not after:            Mon 07 Oct 2030 07:56:41 +0000
asID:                     396982
IP address blocks:        102.204.125.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/yDmJhjJn0TZLxz9143zW0rf-yYc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/yDmJhjJn0TZLxz9143zW0rf-yYc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/yDmJhjJn0TZLxz9143zW0rf-yYc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 22 Oct 2025 00:06:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12 (0xc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F361F0D8AF, serialNumber=C83989863267D1364BC73F75E37CD6D2B7FEC987
        Validity
            Not Before: Oct 14 07:56:41 2025 GMT
            Not After : Oct  7 07:56:41 2030 GMT
        Subject: CN=68ee0240-82e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:79:29:f6:c9:e3:73:22:66:36:8e:e7:2c:d7:
                    d4:c6:3e:0d:2d:26:3d:0a:66:81:5b:17:a8:7f:11:
                    c0:6c:c5:35:fe:df:24:9c:4f:9a:22:5f:9d:1d:ce:
                    89:31:c3:03:f9:1a:be:ad:34:19:08:ee:71:a5:cf:
                    91:54:66:6a:7e:a6:57:b7:c1:64:9a:89:3f:45:a0:
                    48:d9:7b:9f:4d:d1:c3:8d:12:c2:ea:9c:3e:7b:1a:
                    cb:af:4c:64:8d:69:d1:92:d1:c4:f1:0d:a6:6b:b3:
                    1b:e7:42:c3:dc:1b:9f:d8:cc:c1:bc:a0:62:5e:a8:
                    a4:67:53:dc:52:3a:75:64:e1:ee:f7:07:08:70:f4:
                    c5:29:03:22:d4:63:ad:d2:2c:bc:fa:37:4b:25:9d:
                    51:c3:d6:8e:a5:38:2d:db:ad:04:8f:0a:ef:a5:59:
                    6e:a8:d5:c8:f0:d5:5f:28:39:90:2a:29:74:6a:5f:
                    4f:08:7f:2a:11:36:cd:b4:49:77:f0:7c:57:e4:f1:
                    e9:30:87:e0:b4:7f:f9:6c:93:7e:45:3f:fb:09:5d:
                    bc:33:a6:20:8d:04:f9:93:c5:74:59:6d:12:28:b7:
                    cc:89:d3:5d:d8:37:3b:5c:1b:bf:5f:aa:32:e1:8a:
                    82:d9:46:97:af:a8:25:f8:b4:7a:31:f2:6d:62:0c:
                    34:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:16:48:04:EF:E8:65:F6:29:4E:7C:C9:0E:7D:29:D6:C2:AC:E2:CC
            X509v3 Authority Key Identifier:
                keyid:C8:39:89:86:32:67:D1:36:4B:C7:3F:75:E3:7C:D6:D2:B7:FE:C9:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/yDmJhjJn0TZLxz9143zW0rf-yYc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/yDmJhjJn0TZLxz9143zW0rf-yYc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361F0D8/DFB88F80A3BC11F0AC8272E5DAE4EC9C/5598B34AA8D311F09951D4DFDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.204.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:d0:e9:43:4d:5d:c5:c6:d8:06:3e:5b:68:d2:d7:8a:15:1c:
         16:ab:a1:09:36:db:16:d9:45:89:25:e4:42:6b:f4:75:f2:77:
         5a:13:c6:05:14:7a:74:39:9b:ce:81:fc:ee:b5:8e:fc:87:86:
         d3:37:de:69:cd:83:3a:b5:4a:a1:c8:f5:06:c7:a3:50:42:73:
         87:f3:2f:39:db:71:d4:0d:32:87:d1:76:c3:75:2e:7e:8b:1d:
         d1:77:69:9b:6f:35:59:93:e4:89:8a:26:31:67:9b:3f:60:a1:
         2a:6a:da:c6:22:87:97:e0:e4:f4:fc:0c:ea:2a:72:65:22:72:
         e6:fb:fe:23:38:e3:29:e4:ca:34:66:4e:0e:6c:6e:a4:a3:eb:
         0c:ed:22:96:8f:a4:42:ca:8d:32:0e:22:7b:69:43:c7:3b:43:
         57:4e:d3:1f:9e:38:49:0f:a5:9e:ee:53:f3:10:16:85:b2:38:
         d0:c4:d5:30:11:41:6a:74:74:e0:3e:cf:03:a8:eb:66:05:d0:
         5a:95:c7:38:23:00:2b:d2:fa:66:24:a1:75:2a:9c:d9:8c:72:
         e1:bb:58:d8:68:7a:52:23:61:c8:bd:1a:b5:0c:ad:f3:b2:68:
         d5:2a:0f:61:ff:70:f1:5e:46:ee:14:e1:84:a9:78:5c:ee:ad:
         1f:ca:1c:bd
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
RjBEOEFGMTEwLwYDVQQFEyhDODM5ODk4NjMyNjdEMTM2NEJDNzNGNzVFMzdDRDZE
MkI3RkVDOTg3MB4XDTI1MTAxNDA3NTY0MVoXDTMwMTAwNzA3NTY0MVowGDEWMBQG
A1UEAxMNNjhlZTAyNDAtODJlNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl5KfbJ43MiZjaO5yzX1MY+DS0mPQpmgVsXqH8RwGzFNf7fJJxPmiJfnR3O
iTHDA/kavq00GQjucaXPkVRman6mV7fBZJqJP0WgSNl7n03Rw40SwuqcPnsay69M
ZI1p0ZLRxPENpmuzG+dCw9wbn9jMwbygYl6opGdT3FI6dWTh7vcHCHD0xSkDItRj
rdIsvPo3SyWdUcPWjqU4LdutBI8K76VZbqjVyPDVXyg5kCopdGpfTwh/KhE2zbRJ
d/B8V+Tx6TCH4LR/+WyTfkU/+wldvDOmII0E+ZPFdFltEii3zInTXdg3O1wbv1+q
MuGKgtlGl6+oJfi0ejHybWIMNIUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRzFkgE
7+hl9ilOfMkOfSnWwqzizDAfBgNVHSMEGDAWgBTIOYmGMmfRNkvHP3XjfNbSt/7J
hzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MUYwRDgvREZCODhGODBBM0JDMTFGMEFDODI3MkU1REFFNEVDOUMveURtSmhq
Sm4wVFpMeHo5MTQzelcwcmYteVljLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveURtSmhqSm4wVFpMeHo5MTQzelcwcmYteVljLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MUYwRDgvREZCODhGODBBM0JDMTFGMEFDODI3MkU1REFF
NEVDOUMvNTU5OEIzNEFBOEQzMTFGMDk5NTFENERGREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGbMfTANBgkqhkiG9w0BAQsF
AAOCAQEAINDpQ01dxcbYBj5baNLXihUcFquhCTbbFtlFiSXkQmv0dfJ3WhPGBRR6
dDmbzoH87rWO/IeG0zfeac2DOrVKocj1BsejUEJzh/MvOdtx1A0yh9F2w3Uufosd
0Xdpm281WZPkiYomMWebP2ChKmraxiKHl+Dk9PwM6ipyZSJy5vv+IzjjKeTKNGZO
DmxupKPrDO0ilo+kQsqNMg4ie2lDxztDV07TH544SQ+lnu5T8xAWhbI40MTVMBFB
anR04D7PA6jrZgXQWpXHOCMAK9L6ZiShdSqc2Yxy4btY2Gh6UiNhyL0atQyt87Jo
1SoPYf9w8V5G7hThhKl4XO6tH8ocvQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:52:26 2025 by rpki-client