Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C633D47A752C11F084436394DAE4EC9C.roa
File:                     C633D47A752C11F084436394DAE4EC9C.roa (raw, json)
Hash identifier:          zjCZYm2i5W04snLLBiI3re6BNFgHva9SbUlgUnfFWdo=
Subject key identifier:   CC:60:52:F5:ED:9F:E1:8F:FE:74:49:DE:51:9B:E7:2B:EF:64:DE:AC
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       019125
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C633D47A752C11F084436394DAE4EC9C.roa
Signing time:             Sat 09 Aug 2025 14:26:02 +0000
ROA not before:           Sat 09 Aug 2025 14:25:57 +0000
ROA not after:            Sun 24 Aug 2025 14:25:57 +0000
asID:                     54801
IP address blocks:        154.214.32.0/19 maxlen: 24
                          154.216.128.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Aug 2025 14:25:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102693 (0x19125)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Aug  9 14:25:57 2025 GMT
            Not After : Aug 24 14:25:57 2025 GMT
        Subject: CN=68975a7a-dd3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:73:bb:71:04:cb:d7:e9:f2:94:15:4b:b1:01:
                    af:ac:f3:aa:cd:5b:5a:52:61:ae:29:7f:d5:18:96:
                    2d:0d:ab:e5:0a:f8:1f:67:f3:fd:6f:b8:9c:c3:e9:
                    a7:c0:d7:aa:91:6a:88:f6:1c:9d:18:92:78:ca:c8:
                    4b:73:83:e7:6e:54:d6:f8:58:05:7b:29:00:9b:f8:
                    8d:29:94:7a:86:8f:8e:d5:fc:e5:6e:a4:db:19:57:
                    99:74:b4:a9:3c:c7:ec:e7:86:2e:c8:5b:fa:f3:2d:
                    57:38:09:24:5c:56:08:fa:b3:d8:cd:8c:00:67:88:
                    4e:aa:4e:0f:5b:71:16:ca:32:6f:09:d6:b4:79:1a:
                    b7:13:52:8f:42:c8:62:ea:08:82:31:67:80:51:2e:
                    f0:b4:50:91:fb:df:27:cc:fd:c0:5e:99:14:30:6c:
                    f8:de:5e:78:23:4a:0d:40:f7:78:50:8c:7f:a7:91:
                    f1:08:df:e3:30:c5:a0:c7:a6:54:0f:b6:e3:20:00:
                    aa:27:42:fe:9a:a6:c8:73:44:b1:c7:bf:ac:08:df:
                    ac:70:d8:a5:d8:1d:68:7b:a3:1a:87:89:8a:ba:98:
                    da:11:94:70:7e:9d:f9:af:b9:40:d5:6a:d2:e3:89:
                    b6:c3:e5:eb:2b:69:f6:03:a9:50:ae:82:4e:14:0b:
                    ee:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:60:52:F5:ED:9F:E1:8F:FE:74:49:DE:51:9B:E7:2B:EF:64:DE:AC
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C633D47A752C11F084436394DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.214.32.0/19
                  154.216.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         50:e3:9f:4a:f5:73:4e:99:0a:8a:be:a6:d5:13:60:d8:42:a9:
         54:7c:d2:7b:48:d8:1e:aa:91:ac:3b:d5:d5:58:76:f9:2c:09:
         b4:24:37:c3:c5:c2:5f:87:59:3e:1a:45:79:32:21:2d:13:f2:
         b5:d0:30:0b:60:af:e0:51:e9:5b:96:c3:96:5d:00:8a:26:67:
         41:88:9b:87:33:37:17:f0:a9:dd:2c:14:44:87:f4:5f:ae:9f:
         ff:76:a7:8b:31:19:8f:c3:4a:2b:fc:0f:3d:a7:4e:75:78:50:
         df:5a:df:3a:7b:9b:6f:1e:fb:dd:34:59:96:60:63:25:18:66:
         3a:c8:90:8f:5a:08:04:33:70:35:31:57:ce:82:d3:f5:b5:69:
         3e:ed:0a:ae:da:da:7c:90:86:7d:92:40:b7:02:51:0e:d8:d8:
         c1:99:5e:f7:58:8d:e5:23:64:3f:50:73:64:a5:7b:54:bc:b6:
         d7:7e:25:0d:07:a0:d9:d6:03:53:b0:1e:83:fc:0b:14:fc:fe:
         c6:b0:d6:bb:9a:5f:c9:f3:69:23:7d:3f:38:f4:01:88:25:98:
         8d:9c:fb:75:60:b4:22:ed:08:36:69:70:44:f6:d9:a6:00:07:
         40:49:86:f8:05:7f:59:4f:c9:ee:f3:f6:08:57:a1:a5:81:c2:
         2c:32:8b:c6
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAZElMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwODA5MTQyNTU3WhcNMjUwODI0MTQyNTU3WjAYMRYw
FAYDVQQDEw02ODk3NWE3YS1kZDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv3O7cQTL1+nylBVLsQGvrPOqzVtaUmGuKX/VGJYtDavlCvgfZ/P9b7ic
w+mnwNeqkWqI9hydGJJ4yshLc4PnblTW+FgFeykAm/iNKZR6ho+O1fzlbqTbGVeZ
dLSpPMfs54YuyFv68y1XOAkkXFYI+rPYzYwAZ4hOqk4PW3EWyjJvCda0eRq3E1KP
Qshi6giCMWeAUS7wtFCR+98nzP3AXpkUMGz43l54I0oNQPd4UIx/p5HxCN/jMMWg
x6ZUD7bjIACqJ0L+mqbIc0Sxx7+sCN+scNil2B1oe6Mah4mKupjaEZRwfp35r7lA
1WrS44m2w+XrK2n2A6lQroJOFAvuwQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFMxg
UvXtn+GP/nRJ3lGb5yvvZN6sMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNjMzRDQ3QTc1MkMxMUYwODQ0MzYzOTREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFmtYgAwQGmtiAMA0GCSqG
SIb3DQEBCwUAA4IBAQBQ459K9XNOmQqKvqbVE2DYQqlUfNJ7SNgeqpGsO9XVWHb5
LAm0JDfDxcJfh1k+GkV5MiEtE/K10DALYK/gUelblsOWXQCKJmdBiJuHMzcX8Knd
LBREh/Rfrp//dqeLMRmPw0or/A89p051eFDfWt86e5tvHvvdNFmWYGMlGGY6yJCP
WggEM3A1MVfOgtP1tWk+7Qqu2tp8kIZ9kkC3AlEO2NjBmV73WI3lI2Q/UHNkpXtU
vLbXfiUNB6DZ1gNTsB6D/AsU/P7GsNa7ml/J82kjfT849AGIJZiNnPt1YLQi7Qg2
aXBE9tmmAAdASYb4BX9ZT8nu8/YIV6GlgcIsMovG
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:57:36 2025 by rpki-client