Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/3AE05628237811F1966164A0DAE4EC9C.roa
File:                     3AE05628237811F1966164A0DAE4EC9C.roa (raw, json)
Hash identifier:          24Q/iN3IITD01IOkQTNwboLkZsMjqiYfwPg+zgtpD/4=
Subject key identifier:   64:53:A7:62:68:2E:31:92:0B:86:77:F7:4B:16:43:72:23:57:8E:AD
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       0914
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/3AE05628237811F1966164A0DAE4EC9C.roa
Signing time:             Thu 19 Mar 2026 09:44:32 +0000
ROA not before:           Thu 19 Mar 2026 09:44:27 +0000
ROA not after:            Tue 28 Apr 2026 09:44:27 +0000
asID:                     211826
IP address blocks:        102.177.177.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 28 Mar 2026 00:07:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2324 (0x914)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
        Validity
            Not Before: Mar 19 09:44:27 2026 GMT
            Not After : Apr 28 09:44:27 2026 GMT
        Subject: CN=69bbc580-b8af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:c1:3f:09:d6:b3:69:87:02:eb:60:35:68:f3:
                    bf:f1:6b:1a:76:80:3a:04:0d:e5:04:09:60:04:8a:
                    e7:ba:41:5c:63:43:cb:5c:57:20:92:45:9c:12:c9:
                    f2:42:f2:08:f2:7d:ff:a6:da:35:9a:b0:3a:d7:53:
                    9d:0c:25:b2:6d:bb:42:1f:48:11:d2:2f:40:de:26:
                    73:5f:8c:47:fa:6d:a9:c8:4a:81:f4:78:75:d7:7e:
                    32:af:29:7c:e8:70:41:d2:07:d5:7f:67:1b:3e:56:
                    8e:90:88:b4:3b:04:ef:a3:88:7e:6d:fd:26:7b:67:
                    ce:39:f8:32:00:36:55:bf:fd:eb:9e:83:d0:37:85:
                    37:be:0a:34:5d:9b:f1:77:e3:b7:0b:6a:59:62:fd:
                    74:da:8f:10:db:61:b0:9a:de:8b:b3:0e:d0:f1:41:
                    93:1b:a2:3a:01:d3:20:fe:b2:04:53:38:bc:82:35:
                    f7:99:2f:a6:80:96:4c:b2:ea:46:fb:b3:60:bc:e1:
                    f6:dc:2c:32:52:e1:14:f3:72:b2:11:4b:f1:c3:54:
                    2f:b1:bc:70:77:d4:bb:7f:5a:7a:09:33:b7:33:15:
                    a0:a2:a6:e8:9a:a7:ad:ed:e7:57:09:75:d0:6d:a7:
                    7d:c7:d3:11:d3:da:15:cb:2d:83:3f:46:d2:57:3e:
                    53:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:53:A7:62:68:2E:31:92:0B:86:77:F7:4B:16:43:72:23:57:8E:AD
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/3AE05628237811F1966164A0DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:36:e5:d9:d5:09:e9:30:05:96:7b:38:ad:7d:d6:58:09:cc:
         4c:01:9f:d4:6e:6a:7e:d5:dd:d3:60:91:55:c8:20:5d:98:8b:
         5b:0a:ca:73:52:55:4b:df:5a:3b:da:67:f8:10:f4:e8:99:b8:
         fe:84:be:f0:23:bb:34:2b:b1:2e:79:3f:81:00:03:d1:cc:5d:
         25:64:d4:33:b1:51:66:33:3d:5d:29:3e:56:f8:78:2a:75:61:
         24:4f:4e:99:26:f3:c0:0a:fa:9e:d6:6f:12:42:f6:5c:e3:e6:
         bd:4d:ec:9d:d0:11:a1:95:cf:60:ac:df:b6:ad:86:ca:cc:86:
         93:cb:23:95:53:20:34:d7:92:7f:0e:5b:10:ce:9c:e1:82:a0:
         bd:12:69:e8:4c:fe:f2:66:eb:44:13:46:78:b6:f4:30:bd:b1:
         0a:6a:0b:d6:0d:80:bb:61:27:ac:33:f2:9d:6c:04:1e:29:c9:
         9f:f0:c8:23:00:7c:ac:ed:07:e6:b4:f1:80:99:e4:f4:2e:24:
         47:10:7a:d6:b4:2d:87:91:92:50:8b:0d:e0:1f:b7:2c:25:ed:
         4e:0a:47:82:b4:3e:3b:9b:a3:b4:5c:a1:12:68:f2:2a:80:e7:
         81:80:4e:94:83:b5:04:1b:d3:1b:d9:d0:65:5d:03:4d:dc:35:
         a9:25:7b:9b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCRQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNjAzMTkwOTQ0MjdaFw0yNjA0MjgwOTQ0MjdaMBgxFjAU
BgNVBAMTDTY5YmJjNTgwLWI4YWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDiwT8J1rNphwLrYDVo87/xaxp2gDoEDeUECWAEiue6QVxjQ8tcVyCSRZwS
yfJC8gjyff+m2jWasDrXU50MJbJtu0IfSBHSL0DeJnNfjEf6banISoH0eHXXfjKv
KXzocEHSB9V/Zxs+Vo6QiLQ7BO+jiH5t/SZ7Z845+DIANlW//eueg9A3hTe+CjRd
m/F347cLalli/XTajxDbYbCa3ouzDtDxQZMbojoB0yD+sgRTOLyCNfeZL6aAlkyy
6kb7s2C84fbcLDJS4RTzcrIRS/HDVC+xvHB31Lt/WnoJM7czFaCipuiap63t51cJ
ddBtp33H0xHT2hXLLYM/RtJXPlNDAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUZFOn
YmguMZILhnf3SxZDciNXjq0wHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzNBRTA1NjI4MjM3ODExRjE5NjYxNjRBMERBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsbEwDQYJKoZIhvcNAQEL
BQADggEBAA425dnVCekwBZZ7OK191lgJzEwBn9Ruan7V3dNgkVXIIF2Yi1sKynNS
VUvfWjvaZ/gQ9OiZuP6EvvAjuzQrsS55P4EAA9HMXSVk1DOxUWYzPV0pPlb4eCp1
YSRPTpkm88AK+p7WbxJC9lzj5r1N7J3QEaGVz2Cs37athsrMhpPLI5VTIDTXkn8O
WxDOnOGCoL0SaehM/vJm60QTRni29DC9sQpqC9YNgLthJ6wz8p1sBB4pyZ/wyCMA
fKztB+a08YCZ5PQuJEcQeta0LYeRklCLDeAftywl7U4KR4K0Pjubo7RcoRJo8iqA
54GATpSDtQQb0xvZ0GVdA03cNakle5s=
-----END CERTIFICATE-----