Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/340FC1E8244111F1856F52B2DAE4EC9C.roa
File:                     340FC1E8244111F1856F52B2DAE4EC9C.roa (raw, json)
Hash identifier:          tMIa7JNAo4WCIdGGZ7o7JmfEwz+dOB8dt+kEFbbY/nk=
Subject key identifier:   DE:87:2B:45:A7:6A:FF:AF:E8:BD:F9:B2:6D:E3:BF:1F:42:DC:59:29
Certificate issuer:       /CN=F363BA19AF/serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
Certificate serial:       10BC
Authority key identifier: 6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/340FC1E8244111F1856F52B2DAE4EC9C.roa
Signing time:             Fri 20 Mar 2026 09:43:09 +0000
ROA not before:           Fri 20 Mar 2026 09:43:04 +0000
ROA not after:            Wed 31 Mar 2027 09:43:04 +0000
asID:                     6079
IP address blocks:        102.135.14.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 28 Mar 2026 00:07:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4284 (0x10bc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363BA19AF, serialNumber=6AEA24B099C32B22E4E48BB9F26CF578BEF6BFF3
        Validity
            Not Before: Mar 20 09:43:04 2026 GMT
            Not After : Mar 31 09:43:04 2027 GMT
        Subject: CN=69bd16ad-60b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ea:d2:cd:99:5e:d3:3e:8b:2d:bf:ed:85:f2:
                    0f:68:8e:bb:70:b7:9d:a3:db:a9:02:a3:4b:b3:36:
                    83:b1:c8:fe:f9:3d:ad:34:f4:19:aa:29:f0:ee:70:
                    c4:b1:6c:f7:f7:56:e0:6e:3c:60:3f:9b:0c:5e:80:
                    5b:16:91:bb:3d:95:a4:23:ad:34:fc:01:b3:06:28:
                    88:90:96:c2:10:65:75:e2:ee:5c:83:7e:71:70:c2:
                    42:7d:b1:bb:05:2c:e7:f4:4e:e8:b8:06:92:5a:86:
                    4c:94:50:fa:4f:08:25:87:1f:c8:9d:1d:ec:b9:ea:
                    f8:de:80:b1:da:da:4c:f9:43:df:8e:30:f5:2a:f1:
                    54:df:89:ba:da:2f:9d:da:83:06:e0:a0:d4:8a:18:
                    ce:04:65:32:21:5b:0d:c3:0e:cb:b4:c7:0a:e0:3a:
                    3c:82:17:64:a4:82:8b:30:f9:80:4e:85:f7:a3:67:
                    cd:33:41:7d:d6:44:50:43:91:5d:07:eb:99:31:23:
                    29:2e:7d:d8:71:e1:1e:c6:e7:24:da:da:67:a9:b8:
                    ab:e7:4e:13:cf:de:8d:1a:f4:28:22:7a:9d:98:75:
                    16:41:5a:c2:5c:16:a2:77:16:e3:4a:35:b0:60:98:
                    07:a7:e0:68:df:d7:d7:ff:68:d2:26:bd:81:a4:89:
                    08:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:87:2B:45:A7:6A:FF:AF:E8:BD:F9:B2:6D:E3:BF:1F:42:DC:59:29
            X509v3 Authority Key Identifier:
                keyid:6A:EA:24:B0:99:C3:2B:22:E4:E4:8B:B9:F2:6C:F5:78:BE:F6:BF:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/auoksJnDKyLk5Iu58mz1eL72v_M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/auoksJnDKyLk5Iu58mz1eL72v_M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363BA19/0E7F1DF6962A11EC8671E6E05A40D577/340FC1E8244111F1856F52B2DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.135.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:f7:1a:07:6d:52:ac:4d:cb:ae:be:49:2a:59:10:92:3d:a2:
         69:1a:84:4a:59:e8:02:78:af:d8:e7:31:40:e8:8a:0e:8b:21:
         dd:1d:d0:ee:2f:53:97:95:98:77:c3:dd:90:f1:b1:72:76:45:
         83:5e:fe:21:37:ee:6c:3c:f8:18:d8:f6:71:2c:db:00:04:a4:
         7e:11:41:dc:f2:b7:7c:7c:c8:e9:55:02:9a:a7:ef:d4:bb:78:
         49:33:20:ac:de:ee:cd:6e:f6:e5:ed:9d:82:99:82:2c:4f:a2:
         1c:29:fb:35:55:a1:2a:bc:13:33:b1:0c:62:25:d3:f4:f6:00:
         1a:08:ba:8c:73:7d:62:c4:ee:63:83:89:7a:d7:ac:f2:c1:c8:
         15:80:07:58:1e:73:fc:b4:b9:43:90:e3:71:57:fc:c1:a1:bc:
         9f:a0:a3:f7:c1:8f:a8:54:7b:cc:26:af:2a:da:24:2f:42:06:
         24:ec:85:14:25:bb:7a:e6:7a:6e:ad:95:10:f5:6a:0d:0d:6b:
         4d:22:62:d5:91:a1:57:f8:ce:cf:b5:8c:28:54:be:71:6c:ec:
         ae:2c:ba:40:5d:0e:d1:67:47:d4:a8:bd:38:31:de:7a:dd:fc:
         38:76:eb:da:ac:34:f0:8f:f0:f9:d6:f7:65:98:46:ac:4a:fc:
         ce:c2:11:82
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICELwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
M0JBMTlBRjExMC8GA1UEBRMoNkFFQTI0QjA5OUMzMkIyMkU0RTQ4QkI5RjI2Q0Y1
NzhCRUY2QkZGMzAeFw0yNjAzMjAwOTQzMDRaFw0yNzAzMzEwOTQzMDRaMBgxFjAU
BgNVBAMTDTY5YmQxNmFkLTYwYjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDA6tLNmV7TPostv+2F8g9ojrtwt52j26kCo0uzNoOxyP75Pa009BmqKfDu
cMSxbPf3VuBuPGA/mwxegFsWkbs9laQjrTT8AbMGKIiQlsIQZXXi7lyDfnFwwkJ9
sbsFLOf0Tui4BpJahkyUUPpPCCWHH8idHey56vjegLHa2kz5Q9+OMPUq8VTfibra
L53agwbgoNSKGM4EZTIhWw3DDsu0xwrgOjyCF2Skgosw+YBOhfejZ80zQX3WRFBD
kV0H65kxIykufdhx4R7G5yTa2mepuKvnThPP3o0a9Cgiep2YdRZBWsJcFqJ3FuNK
NbBgmAen4Gjf19f/aNImvYGkiQj9AgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU3ocr
Radq/6/ovfmybeO/H0LcWSkwHwYDVR0jBBgwFoAUauoksJnDKyLk5Iu58mz1eL72
v/MwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVBNDBENTc3L2F1b2tz
Sm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2F1b2tzSm5ES3lMazVJdTU4bXoxZUw3MnZfTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjNCQTE5LzBFN0YxREY2OTYyQTExRUM4NjcxRTZFMDVB
NDBENTc3LzM0MEZDMUU4MjQ0MTExRjE4NTZGNTJCMkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmhw4wDQYJKoZIhvcNAQEL
BQADggEBAI33GgdtUqxNy66+SSpZEJI9omkahEpZ6AJ4r9jnMUDoig6LId0d0O4v
U5eVmHfD3ZDxsXJ2RYNe/iE37mw8+BjY9nEs2wAEpH4RQdzyt3x8yOlVApqn79S7
eEkzIKze7s1u9uXtnYKZgixPohwp+zVVoSq8EzOxDGIl0/T2ABoIuoxzfWLE7mOD
iXrXrPLByBWAB1gec/y0uUOQ43FX/MGhvJ+go/fBj6hUe8wmryraJC9CBiTshRQl
u3rmem6tlRD1ag0Na00iYtWRoVf4zs+1jChUvnFs7K4sukBdDtFnR9SovTgx3nrd
/Dh269qsNPCP8PnW92WYRqxK/M7CEYI=
-----END CERTIFICATE-----