Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/90897BF47CDE11F08D6163C6DAE4EC9C.roa
File:                     90897BF47CDE11F08D6163C6DAE4EC9C.roa (raw, json)
Hash identifier:          MjfY19GQJ/vZseASVDdLPn+1qZyWBfK5Mo5b7RLu9EM=
Subject key identifier:   EC:C5:3D:09:CF:62:46:6B:00:20:47:DC:F6:14:6B:D4:A6:4A:25:9C
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       01923A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/90897BF47CDE11F08D6163C6DAE4EC9C.roa
Signing time:             Tue 19 Aug 2025 09:26:20 +0000
ROA not before:           Tue 19 Aug 2025 09:26:15 +0000
ROA not after:            Fri 19 Sep 2025 09:26:15 +0000
asID:                     401783
IP address blocks:        154.82.181.0/24 maxlen: 24
                          154.92.210.0/24 maxlen: 24
                          154.92.211.0/24 maxlen: 24
                          154.92.212.0/24 maxlen: 24
                          154.92.213.0/24 maxlen: 24
                          154.92.214.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Aug 2025 00:06:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102970 (0x1923a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug 19 09:26:15 2025 GMT
            Not After : Sep 19 09:26:15 2025 GMT
        Subject: CN=68a4433c-52f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:47:0f:6c:07:0e:0a:4b:ab:b5:da:49:76:e4:
                    35:0a:5e:6b:6b:9d:60:41:78:15:ea:3d:aa:ea:6f:
                    c9:e8:c8:59:40:1d:de:d9:03:8c:f0:28:2f:d5:54:
                    8b:04:5b:b3:83:04:f0:1a:37:9c:9b:a8:34:d0:85:
                    15:ff:af:d9:82:54:ad:68:65:50:33:a1:b0:ce:9b:
                    e5:28:7e:bd:c8:5f:8d:57:56:2c:aa:14:21:57:6f:
                    10:59:44:8b:3f:c4:d9:69:4f:c3:ba:a8:5a:84:80:
                    c1:6e:ef:92:0b:28:08:97:2f:a0:20:ce:bf:db:66:
                    5b:4f:2a:59:56:38:cc:35:c5:c6:e7:9c:e8:b3:ba:
                    23:b3:46:6f:31:6f:76:1d:99:0e:02:97:41:78:3d:
                    41:dc:17:af:b7:9b:23:d2:b0:1c:0f:70:ad:1c:3a:
                    b1:19:7b:fb:99:ab:fc:7b:9e:96:d5:f2:4f:dc:21:
                    03:87:45:e8:61:d3:48:df:fd:90:c9:63:6c:37:ca:
                    3b:6e:20:6f:38:19:a1:21:66:72:df:24:74:ef:b6:
                    85:b9:47:02:25:2f:b6:13:dd:32:3b:7b:26:94:b8:
                    83:8c:32:80:c9:1d:fd:b4:b9:e9:9a:67:e3:b4:85:
                    55:12:41:01:f2:74:25:52:23:2b:a9:9f:28:45:1c:
                    38:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:C5:3D:09:CF:62:46:6B:00:20:47:DC:F6:14:6B:D4:A6:4A:25:9C
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/90897BF47CDE11F08D6163C6DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.82.181.0/24
                  154.92.210.0-154.92.214.255

    Signature Algorithm: sha256WithRSAEncryption
         bb:32:28:07:9e:8c:d6:21:5f:9e:0e:e5:b8:d6:2a:ac:aa:0e:
         b9:a9:4e:85:f7:88:1f:2c:ef:e5:95:c3:30:db:8a:68:f0:e7:
         6a:52:b9:85:74:7e:24:82:7a:30:3a:95:cc:ce:e9:38:d2:41:
         a3:dd:fe:5b:fa:54:b3:b4:c1:86:0a:41:c4:b1:c4:9d:6d:12:
         3c:62:cc:90:c5:49:2a:32:eb:03:dc:30:2a:42:04:73:f1:c6:
         a5:e5:46:36:78:8b:71:31:2a:11:c6:c9:34:8b:bf:85:5b:75:
         96:04:e3:a2:4a:7c:3e:00:b3:1f:e9:50:ed:24:36:57:d9:f5:
         45:c2:30:c3:e9:dc:4f:31:be:5e:ab:d3:e9:53:9c:05:05:3c:
         0b:93:62:cc:52:bd:48:09:c2:a3:f3:a9:67:d7:09:26:37:ff:
         81:9c:a3:96:f6:91:7c:68:f7:44:71:88:34:d7:16:5f:73:b6:
         3d:78:16:6b:11:af:fb:e7:a7:24:12:64:a3:5b:d2:f3:42:6b:
         d2:b9:6c:b2:ed:e4:ab:67:98:f5:12:4d:e5:93:9c:d7:de:41:
         60:b0:61:0f:34:b7:6b:08:90:65:45:76:d6:62:ad:e5:a6:7b:
         04:92:ac:d2:02:db:44:5f:35:4a:37:b0:7c:e0:88:a0:82:09:
         6c:9f:68:d6
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIDAZI6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE5MDkyNjE1WhcNMjUwOTE5MDkyNjE1WjAYMRYw
FAYDVQQDEw02OGE0NDMzYy01MmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUcPbAcOCkurtdpJduQ1Cl5ra51gQXgV6j2q6m/J6MhZQB3e2QOM8Cgv
1VSLBFuzgwTwGjecm6g00IUV/6/ZglStaGVQM6GwzpvlKH69yF+NV1YsqhQhV28Q
WUSLP8TZaU/DuqhahIDBbu+SCygIly+gIM6/22ZbTypZVjjMNcXG55zos7ojs0Zv
MW92HZkOApdBeD1B3Bevt5sj0rAcD3CtHDqxGXv7mav8e56W1fJP3CEDh0XoYdNI
3/2QyWNsN8o7biBvOBmhIWZy3yR077aFuUcCJS+2E90yO3smlLiDjDKAyR39tLnp
mmfjtIVVEkEB8nQlUiMrqZ8oRRw4+wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFOzF
PQnPYkZrACBH3PYUa9SmSiWcMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MDg5N0JGNDdDREUxMUYwOEQ2MTYzQzZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAmlK1MAwDBAGaXNIDBACa
XNYwDQYJKoZIhvcNAQELBQADggEBALsyKAeejNYhX54O5bjWKqyqDrmpToX3iB8s
7+WVwzDbimjw52pSuYV0fiSCejA6lczO6TjSQaPd/lv6VLO0wYYKQcSxxJ1tEjxi
zJDFSSoy6wPcMCpCBHPxxqXlRjZ4i3ExKhHGyTSLv4VbdZYE46JKfD4Asx/pUO0k
NlfZ9UXCMMPp3E8xvl6r0+lTnAUFPAuTYsxSvUgJwqPzqWfXCSY3/4Gco5b2kXxo
90RxiDTXFl9ztj14FmsRr/vnpyQSZKNb0vNCa9K5bLLt5KtnmPUSTeWTnNfeQWCw
YQ80t2sIkGVFdtZireWmewSSrNIC20RfNUo3sHzgiKCCCWyfaNY=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:57:14 2025 by rpki-client