Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/6205CF98945E11F0A9CA76DFDAE4EC9C.roa
File:                     6205CF98945E11F0A9CA76DFDAE4EC9C.roa (raw, json)
Hash identifier:          LTBB5DFwzBz7GZCmwt+3z0UKOPiX3GACqZ6yGZV+Njc=
Subject key identifier:   5B:F6:04:F0:52:7B:88:C4:CD:1C:4C:FA:90:75:9D:63:73:FE:94:2F
Certificate issuer:       /CN=F367496AAF/serialNumber=D04CAD68C5519EA213425D067FA6408F4FE3FCBA
Certificate serial:       09
Authority key identifier: D0:4C:AD:68:C5:51:9E:A2:13:42:5D:06:7F:A6:40:8F:4F:E3:FC:BA
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/6205CF98945E11F0A9CA76DFDAE4EC9C.roa
Signing time:             Thu 18 Sep 2025 07:09:14 +0000
ROA not before:           Thu 18 Sep 2025 07:09:10 +0000
ROA not after:            Tue 18 Sep 2035 07:09:10 +0000
asID:                     328269
IP address blocks:        102.177.72.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.mft
                          rsync://rpki.afrinic.net/repository/afrinic/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 22 Oct 2025 00:06:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367496AAF, serialNumber=D04CAD68C5519EA213425D067FA6408F4FE3FCBA
        Validity
            Not Before: Sep 18 07:09:10 2025 GMT
            Not After : Sep 18 07:09:10 2035 GMT
        Subject: CN=68cbb01a-4b63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ae:e8:3c:9c:e1:f7:29:19:5b:58:7c:87:de:
                    33:2e:a6:5c:85:bd:4a:d8:fd:c9:18:4b:1a:ba:a0:
                    e9:7d:53:9b:7b:88:cb:43:00:c8:93:d0:26:3b:c9:
                    c7:83:85:fb:6e:4a:72:87:da:98:b7:fe:82:de:62:
                    b7:99:c9:8e:ac:a3:f8:31:5d:62:00:ad:3b:b9:63:
                    14:1a:89:ea:46:46:48:28:c6:e8:1f:52:b5:43:d7:
                    82:55:0c:3f:33:02:43:d6:1c:64:48:a6:89:90:b8:
                    67:e8:86:20:74:bd:aa:3b:1f:2f:84:17:eb:9a:e4:
                    9b:d6:ff:de:d6:41:0c:85:9c:61:e5:1f:37:dd:38:
                    62:0d:6c:2a:97:fe:18:81:38:ab:87:c9:1d:8c:84:
                    e8:ae:84:dc:c2:f3:bc:c5:54:72:d2:f8:e3:ef:af:
                    8a:6f:44:9c:3c:96:38:f0:37:ff:09:d9:40:bf:2d:
                    51:51:7b:30:88:cd:7c:5a:b2:01:5c:25:52:95:80:
                    83:86:4e:94:f8:b3:65:66:2e:fe:a6:39:c6:40:96:
                    d9:28:c5:93:64:36:ee:d3:4e:1e:2d:cf:8f:1b:81:
                    66:79:00:c4:f7:35:1c:e6:f7:31:64:33:f7:97:d2:
                    22:23:5f:95:4f:9a:78:8b:63:bb:4d:40:3d:a6:87:
                    26:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:F6:04:F0:52:7B:88:C4:CD:1C:4C:FA:90:75:9D:63:73:FE:94:2F
            X509v3 Authority Key Identifier:
                keyid:D0:4C:AD:68:C5:51:9E:A2:13:42:5D:06:7F:A6:40:8F:4F:E3:FC:BA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/0EytaMVRnqITQl0Gf6ZAj0_j_Lo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367496A/2A8B6E7A938111F09DB8CAC8DAE4EC9C/6205CF98945E11F0A9CA76DFDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d1:3b:4d:62:65:6f:c4:87:d9:14:9d:e6:58:1f:87:3a:e4:32:
         bf:ce:cc:b6:c6:d9:2c:67:3b:b3:0a:04:0f:9a:c5:5e:41:60:
         4f:a1:3d:9d:14:93:4b:78:14:6b:5f:a5:b9:46:65:dd:11:f2:
         8a:32:a3:6e:5d:a4:8b:75:6c:6d:d2:10:f2:b3:25:7f:f3:66:
         98:c1:45:1b:cc:6d:5e:9b:9e:01:d9:88:b0:88:a7:97:2f:f7:
         86:02:2b:83:ac:14:d6:29:b1:b7:28:56:62:b2:77:56:7f:95:
         a3:d7:eb:de:70:a0:cb:c0:63:ad:58:c6:e2:2c:f7:b8:85:c8:
         97:31:b8:f1:06:57:55:67:78:1f:18:aa:b8:6e:35:39:6e:f1:
         5d:b6:6e:20:14:46:29:02:32:e5:71:66:64:83:ee:79:18:08:
         d2:39:36:5e:3c:bf:22:ed:c7:07:ac:c9:d8:73:22:1b:9d:7b:
         66:01:66:a9:67:ad:71:18:99:b5:2f:f0:d0:25:ed:df:2f:be:
         a5:57:c0:87:f2:c1:a0:63:cd:39:92:86:c2:d8:b4:f2:f6:ea:
         a8:9b:18:71:c6:da:fc:44:22:c2:bb:f7:15:1a:56:34:cc:5b:
         26:f4:74:43:1d:9f:ed:d3:24:44:1b:00:11:02:88:71:12:1e:
         5c:94:16:14
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
NDk2QUFGMTEwLwYDVQQFEyhEMDRDQUQ2OEM1NTE5RUEyMTM0MjVEMDY3RkE2NDA4
RjRGRTNGQ0JBMB4XDTI1MDkxODA3MDkxMFoXDTM1MDkxODA3MDkxMFowGDEWMBQG
A1UEAxMNNjhjYmIwMWEtNGI2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCu6Dyc4fcpGVtYfIfeMy6mXIW9Stj9yRhLGrqg6X1Tm3uIy0MAyJPQJjvJ
x4OF+25KcofamLf+gt5it5nJjqyj+DFdYgCtO7ljFBqJ6kZGSCjG6B9StUPXglUM
PzMCQ9YcZEimiZC4Z+iGIHS9qjsfL4QX65rkm9b/3tZBDIWcYeUfN904Yg1sKpf+
GIE4q4fJHYyE6K6E3MLzvMVUctL44++vim9EnDyWOPA3/wnZQL8tUVF7MIjNfFqy
AVwlUpWAg4ZOlPizZWYu/qY5xkCW2SjFk2Q27tNOHi3PjxuBZnkAxPc1HOb3MWQz
95fSIiNflU+aeItju01APaaHJm8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRb9gTw
UnuIxM0cTPqQdZ1jc/6ULzAfBgNVHSMEGDAWgBTQTK1oxVGeohNCXQZ/pkCPT+P8
ujAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzQ5NkEvMkE4QjZFN0E5MzgxMTFGMDlEQjhDQUM4REFFNEVDOUMvMEV5dGFN
VlJucUlUUWwwR2Y2WkFqMF9qX0xvLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMEV5dGFNVlJucUlUUWwwR2Y2WkFqMF9qX0xvLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NzQ5NkEvMkE4QjZFN0E5MzgxMTFGMDlEQjhDQUM4REFF
NEVDOUMvNjIwNUNGOTg5NDVFMTFGMEE5Q0E3NkRGREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmaxSDANBgkqhkiG9w0BAQsF
AAOCAQEA0TtNYmVvxIfZFJ3mWB+HOuQyv87MtsbZLGc7swoED5rFXkFgT6E9nRST
S3gUa1+luUZl3RHyijKjbl2ki3VsbdIQ8rMlf/NmmMFFG8xtXpueAdmIsIinly/3
hgIrg6wU1imxtyhWYrJ3Vn+Vo9fr3nCgy8BjrVjG4iz3uIXIlzG48QZXVWd4Hxiq
uG41OW7xXbZuIBRGKQIy5XFmZIPueRgI0jk2Xjy/Iu3HB6zJ2HMiG517ZgFmqWet
cRiZtS/w0CXt3y++pVfAh/LBoGPNOZKGwti08vbqqJsYccba/EQiwrv3FRpWNMxb
JvR0Qx2f7dMkRBsAEQKIcRIeXJQWFA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:52:28 2025 by rpki-client