Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CA7797478FE11F0868CE380DAE4EC9C.roa
File:                     9CA7797478FE11F0868CE380DAE4EC9C.roa (raw, json)
Hash identifier:          STEIP6GoBSDQLgNICy3QWoUG6/XFVPovme70ahaogk4=
Subject key identifier:   77:2C:19:0B:B7:39:E1:57:0E:62:75:06:8F:82:9E:F0:3E:97:1B:B1
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       0191A6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CA7797478FE11F0868CE380DAE4EC9C.roa
Signing time:             Thu 14 Aug 2025 11:05:40 +0000
ROA not before:           Thu 14 Aug 2025 11:05:35 +0000
ROA not after:            Sun 07 Sep 2025 11:05:35 +0000
asID:                     54252
IP address blocks:        154.201.53.0/24 maxlen: 24
                          154.201.54.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Aug 2025 00:06:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102822 (0x191a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug 14 11:05:35 2025 GMT
            Not After : Sep  7 11:05:35 2025 GMT
        Subject: CN=689dc304-4ca6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ce:cc:3e:73:e9:55:e8:a5:9f:8d:4c:13:90:
                    d2:2d:41:50:3c:19:3b:67:06:a1:22:e4:ab:e1:1a:
                    bc:fb:e7:dc:35:41:a6:e4:84:4c:63:df:3b:65:03:
                    69:cd:51:fe:8c:bf:a0:b3:ea:c5:2f:08:ab:89:84:
                    6b:d0:b5:d3:d5:00:32:5f:06:30:80:c8:71:dc:e5:
                    ee:2e:ce:8d:7f:2b:43:ac:f9:b0:53:be:a4:b3:57:
                    27:69:e3:e8:01:2b:ca:80:a7:f3:99:a9:53:de:bc:
                    3f:f6:15:ca:0c:3f:8f:d2:47:4f:63:46:86:df:38:
                    9d:97:72:e6:3a:ad:76:c3:47:88:0a:d0:be:d7:cb:
                    cb:de:f7:fe:ad:75:95:70:d9:fc:30:67:c8:c9:fb:
                    90:3a:e6:4e:d9:36:b3:a5:cf:14:ec:39:d9:0f:9c:
                    44:62:33:1e:4f:7a:fa:24:75:b5:e3:58:a4:35:28:
                    ab:7d:73:7e:80:a5:ad:61:38:22:ce:6c:5a:af:3d:
                    41:c4:1a:7c:37:f0:f2:9f:f9:7c:81:e2:87:c5:e7:
                    f4:ab:06:b8:7d:c8:db:f8:ab:97:67:e0:d7:17:12:
                    0c:00:db:17:9e:cb:02:4b:bd:fa:56:58:1d:42:34:
                    0f:8c:86:d1:00:7b:fe:a8:a4:32:c2:07:5c:76:39:
                    47:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:2C:19:0B:B7:39:E1:57:0E:62:75:06:8F:82:9E:F0:3E:97:1B:B1
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9CA7797478FE11F0868CE380DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.201.53.0-154.201.55.255

    Signature Algorithm: sha256WithRSAEncryption
         9f:98:4a:4e:f5:50:66:82:8d:0f:e0:37:af:fe:c3:62:a3:06:
         fd:55:63:58:23:92:7e:d9:f6:a4:e1:bd:e9:59:5d:53:84:3b:
         a1:00:ea:0b:c9:af:93:1f:d0:54:c8:f5:81:17:56:27:b5:36:
         76:dd:b0:b0:b4:1b:af:fd:d1:2f:37:8a:f2:b3:e8:fc:0c:9e:
         8e:ce:c3:70:c7:cb:10:8b:eb:a6:64:d6:45:bf:79:cd:f6:21:
         7a:a0:37:f5:bb:57:c5:1a:50:1e:47:f8:24:48:97:05:dc:f5:
         88:99:ed:32:21:c1:a2:f3:a2:60:91:29:03:aa:e5:bb:eb:90:
         21:0e:68:c3:e1:2e:92:34:1d:4f:f1:2e:1b:d3:4d:75:25:4a:
         a7:da:3a:55:0d:ae:8a:5a:82:0d:c6:35:81:49:5b:f9:e7:4f:
         b5:9b:3d:e4:e7:21:3a:95:e8:3f:32:a4:7d:6a:b0:1e:dd:e9:
         cc:31:80:2f:28:96:d4:02:8b:bf:82:89:e8:48:0a:3e:93:5d:
         dc:c4:a5:5c:35:52:6f:a6:56:83:6a:d8:15:93:b0:22:df:0c:
         e7:6c:7e:16:5d:14:b2:07:78:45:b6:55:6b:6c:62:94:4e:30:
         07:8b:c1:ff:3b:a2:f4:69:71:14:01:85:40:29:67:2c:6c:56:
         0a:c1:65:c9
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIDAZGmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODE0MTEwNTM1WhcNMjUwOTA3MTEwNTM1WjAYMRYw
FAYDVQQDEw02ODlkYzMwNC00Y2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxs7MPnPpVeiln41ME5DSLUFQPBk7ZwahIuSr4Rq8++fcNUGm5IRMY987
ZQNpzVH+jL+gs+rFLwiriYRr0LXT1QAyXwYwgMhx3OXuLs6NfytDrPmwU76ks1cn
aePoASvKgKfzmalT3rw/9hXKDD+P0kdPY0aG3zidl3LmOq12w0eICtC+18vL3vf+
rXWVcNn8MGfIyfuQOuZO2Tazpc8U7DnZD5xEYjMeT3r6JHW141ikNSirfXN+gKWt
YTgizmxarz1BxBp8N/Dyn/l8geKHxef0qwa4fcjb+KuXZ+DXFxIMANsXnssCS736
VlgdQjQPjIbRAHv+qKQywgdcdjlH4wIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFHcs
GQu3OeFXDmJ1Bo+CnvA+lxuxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85Q0E3Nzk3NDc4RkUxMUYwODY4Q0UzODBEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACayTUDBAOayTAwDQYJ
KoZIhvcNAQELBQADggEBAJ+YSk71UGaCjQ/gN6/+w2KjBv1VY1gjkn7Z9qThvelZ
XVOEO6EA6gvJr5Mf0FTI9YEXVie1NnbdsLC0G6/90S83ivKz6PwMno7Ow3DHyxCL
66Zk1kW/ec32IXqgN/W7V8UaUB5H+CRIlwXc9YiZ7TIhwaLzomCRKQOq5bvrkCEO
aMPhLpI0HU/xLhvTTXUlSqfaOlUNropagg3GNYFJW/nnT7WbPeTnITqV6D8ypH1q
sB7d6cwxgC8oltQCi7+CiehICj6TXdzEpVw1Um+mVoNq2BWTsCLfDOdsfhZdFLIH
eEW2VWtsYpROMAeLwf87ovRpcRQBhUApZyxsVgrBZck=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:57:02 2025 by rpki-client