Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2101FE92960F11F0A9132BCBDAE4EC9C.roa
File:                     2101FE92960F11F0A9132BCBDAE4EC9C.roa (raw, json)
Hash identifier:          wCtcULlD6reDqkoT2UlePwJI7whJhre4zS8U1uSqZ54=
Subject key identifier:   D1:8A:AE:0B:88:B9:A7:38:89:F4:1D:4C:23:5C:6E:59:3E:92:AB:C7
Certificate issuer:       /CN=F3682B65AF/serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
Certificate serial:       1C11
Authority key identifier: 09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2101FE92960F11F0A9132BCBDAE4EC9C.roa
Signing time:             Sat 20 Sep 2025 10:46:57 +0000
ROA not before:           Sat 20 Sep 2025 10:46:53 +0000
ROA not after:            Mon 20 Sep 2027 10:46:53 +0000
asID:                     834
IP address blocks:        154.16.141.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 21 Oct 2025 00:06:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7185 (0x1c11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3682B65AF, serialNumber=0940E638283336DE5C8C5A40A4C23B34F3F9CA53
        Validity
            Not Before: Sep 20 10:46:53 2025 GMT
            Not After : Sep 20 10:46:53 2027 GMT
        Subject: CN=68ce8621-a4ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b0:f9:50:cd:82:50:be:e2:aa:8c:30:0d:c2:
                    31:3a:4c:fe:1a:c1:a2:9f:c3:40:9c:64:45:c1:9f:
                    18:0e:60:a4:73:59:5c:a7:45:e4:56:1f:db:51:f4:
                    28:05:f7:11:8b:13:18:75:67:47:f2:5c:23:ab:61:
                    17:a3:97:86:59:54:0f:47:b9:b7:e6:66:da:ef:bf:
                    7f:ac:73:87:00:d5:47:7f:40:93:3d:d3:66:35:d6:
                    7d:88:39:9f:48:7d:34:92:7c:2b:48:5f:0b:d1:03:
                    51:67:bd:1c:d8:8a:21:13:88:c2:ac:b0:e7:dd:74:
                    22:47:be:e2:89:ac:8f:9d:b4:66:36:d2:df:ed:a5:
                    b2:a1:ed:68:b4:b7:74:1d:fb:ba:a0:5c:3b:d7:ed:
                    d2:06:46:36:0b:27:3b:49:08:a4:20:91:63:12:e2:
                    a8:25:6d:3b:52:09:61:ae:29:fc:46:78:77:e3:8a:
                    72:55:32:de:9c:8c:8b:6b:4f:f7:9f:8a:34:be:db:
                    c9:65:de:18:6a:a4:d7:65:54:74:3b:ed:f3:08:c1:
                    17:36:03:0a:93:5c:1e:61:c3:69:a0:5b:9b:79:2b:
                    47:22:0a:7a:61:28:7b:45:e2:e7:4a:4a:61:bb:18:
                    6b:c5:e8:f8:3f:5d:bd:82:65:60:ad:18:85:37:50:
                    c4:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:8A:AE:0B:88:B9:A7:38:89:F4:1D:4C:23:5C:6E:59:3E:92:AB:C7
            X509v3 Authority Key Identifier:
                keyid:09:40:E6:38:28:33:36:DE:5C:8C:5A:40:A4:C2:3B:34:F3:F9:CA:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/CUDmOCgzNt5cjFpApMI7NPP5ylM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/CUDmOCgzNt5cjFpApMI7NPP5ylM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3682B65/4E851E34DB5511E885B29951F8AEA228/2101FE92960F11F0A9132BCBDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.16.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:97:78:f6:f4:a1:23:dc:cf:7e:06:f7:1b:22:26:32:2e:4c:
         81:ca:bc:26:86:98:c1:8e:99:8d:8b:c5:d8:94:ce:f5:51:5a:
         e5:79:e5:f2:30:08:78:f9:33:89:0d:04:e5:1c:75:0e:93:93:
         a3:f1:d5:8d:28:41:bc:bb:08:e4:20:1c:ce:4e:d0:d5:94:ec:
         a8:b3:f5:9d:1d:7c:e4:44:78:9a:43:3c:72:2b:98:cc:8f:9d:
         02:93:e9:9f:34:b4:97:11:c0:96:02:96:64:c9:73:77:61:eb:
         b8:1a:3d:6d:99:60:76:4e:99:1b:72:4f:98:44:24:8a:73:29:
         c3:95:d7:17:a9:d0:62:f5:e0:32:c8:a3:64:3e:6e:56:ee:e6:
         a2:5f:f7:ee:17:ab:a3:c4:43:bf:7c:e5:fe:9c:ce:2e:08:58:
         87:18:07:95:17:6c:b8:5a:05:13:83:aa:99:35:71:b4:f9:51:
         ee:52:2f:08:e0:76:db:87:26:94:87:e8:4e:83:34:ea:53:9d:
         33:10:5b:e1:56:4d:c7:45:f4:45:14:04:4a:91:86:03:0a:c8:
         ec:c0:9c:75:82:9e:90:b0:56:2e:58:2a:8c:ea:32:f9:ca:37:
         73:7d:c4:19:45:be:60:43:9c:94:40:4a:bc:4f:31:1a:49:bb:
         b4:cf:fc:d5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICHBEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
ODJCNjVBRjExMC8GA1UEBRMoMDk0MEU2MzgyODMzMzZERTVDOEM1QTQwQTRDMjNC
MzRGM0Y5Q0E1MzAeFw0yNTA5MjAxMDQ2NTNaFw0yNzA5MjAxMDQ2NTNaMBgxFjAU
BgNVBAMTDTY4Y2U4NjIxLWE0ZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+sPlQzYJQvuKqjDANwjE6TP4awaKfw0CcZEXBnxgOYKRzWVynReRWH9tR
9CgF9xGLExh1Z0fyXCOrYRejl4ZZVA9HubfmZtrvv3+sc4cA1Ud/QJM902Y11n2I
OZ9IfTSSfCtIXwvRA1FnvRzYiiETiMKssOfddCJHvuKJrI+dtGY20t/tpbKh7Wi0
t3Qd+7qgXDvX7dIGRjYLJztJCKQgkWMS4qglbTtSCWGuKfxGeHfjinJVMt6cjItr
T/efijS+28ll3hhqpNdlVHQ77fMIwRc2AwqTXB5hw2mgW5t5K0ciCnphKHtF4udK
SmG7GGvF6Pg/Xb2CZWCtGIU3UMQTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU0Yqu
C4i5pziJ9B1MI1xuWT6Sq8cwHwYDVR0jBBgwFoAUCUDmOCgzNt5cjFpApMI7NPP5
ylMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4QUVBMjI4L0NVRG1P
Q2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0NVRG1PQ2d6TnQ1Y2pGcEFwTUk3TlBQNXlsTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjgyQjY1LzRFODUxRTM0REI1NTExRTg4NUIyOTk1MUY4
QUVBMjI4LzIxMDFGRTkyOTYwRjExRjBBOTEzMkJDQkRBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACaEI0wDQYJKoZIhvcNAQEL
BQADggEBAGOXePb0oSPcz34G9xsiJjIuTIHKvCaGmMGOmY2LxdiUzvVRWuV55fIw
CHj5M4kNBOUcdQ6Tk6Px1Y0oQby7COQgHM5O0NWU7Kiz9Z0dfOREeJpDPHIrmMyP
nQKT6Z80tJcRwJYClmTJc3dh67gaPW2ZYHZOmRtyT5hEJIpzKcOV1xep0GL14DLI
o2Q+blbu5qJf9+4Xq6PEQ7985f6czi4IWIcYB5UXbLhaBRODqpk1cbT5Ue5SLwjg
dtuHJpSH6E6DNOpTnTMQW+FWTcdF9EUUBEqRhgMKyOzAnHWCnpCwVi5YKozqMvnK
N3N9xBlFvmBDnJRASrxPMRpJu7TP/NU=
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:43:27 2025 by rpki-client