Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/593FBF387AC111F0921B9DF0DAE4EC9C.roa
File:                     593FBF387AC111F0921B9DF0DAE4EC9C.roa (raw, json)
Hash identifier:          SBOduL3uVoJxCUESYaD2JMrV2xCdCfxJc3w7PS8x0lU=
Subject key identifier:   27:53:6E:B1:F4:45:26:86:73:4D:91:11:61:12:D5:05:B7:87:16:36
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       016B67
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/593FBF387AC111F0921B9DF0DAE4EC9C.roa
Signing time:             Sat 16 Aug 2025 16:52:10 +0000
ROA not before:           Sat 16 Aug 2025 16:52:05 +0000
ROA not after:            Sat 27 Sep 2025 16:52:05 +0000
asID:                     138415
IP address blocks:        156.234.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 25 Aug 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 93031 (0x16b67)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Aug 16 16:52:05 2025 GMT
            Not After : Sep 27 16:52:05 2025 GMT
        Subject: CN=68a0b73a-4a00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:7d:68:ec:5e:b8:58:c7:30:e8:09:a2:68:e4:
                    b0:79:8d:62:2a:ef:31:94:17:15:f5:11:50:ba:1b:
                    ba:d6:05:ba:78:10:70:91:8e:f9:7a:fa:4a:5d:35:
                    e9:6a:6e:c4:65:cd:de:2a:4b:88:64:66:5e:03:8a:
                    52:fc:9e:3c:41:ee:27:ce:92:48:26:a6:39:89:c4:
                    e7:bf:a7:08:a9:69:38:86:2c:3c:14:87:1e:56:3c:
                    10:fe:7c:e9:cc:8e:a6:76:50:76:e1:68:66:9e:b9:
                    70:f7:8b:cf:4b:50:b4:36:a6:e8:d4:7a:e0:c7:5f:
                    61:93:59:e4:e0:5b:81:c6:78:4c:96:57:18:aa:ef:
                    2d:f4:c9:6c:40:b2:56:19:a2:83:46:26:21:a8:2f:
                    e0:82:53:56:81:3d:b5:ae:69:74:a0:a1:3a:02:0a:
                    60:a5:cf:a0:1c:12:d8:71:9f:e2:fc:c2:42:e5:81:
                    72:9f:5c:b8:e9:8e:94:c0:a5:0c:66:41:f2:8d:66:
                    50:0a:8a:36:f2:8f:68:c8:60:a9:6d:24:ae:24:97:
                    fe:e6:77:8d:cd:d3:3c:f0:43:eb:e0:21:4f:08:1c:
                    72:f1:2a:1d:a3:e9:e7:c9:fa:e5:06:9e:ec:7b:70:
                    5c:30:4b:a0:5e:15:ae:7c:90:85:2a:1f:2d:c8:1d:
                    2f:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:53:6E:B1:F4:45:26:86:73:4D:91:11:61:12:D5:05:B7:87:16:36
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/593FBF387AC111F0921B9DF0DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.234.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5f:42:ad:5c:61:33:5e:47:33:e0:33:6e:7f:42:2f:ae:77:fe:
         21:bb:89:c6:e8:d7:0a:8f:b1:a4:15:78:85:44:ec:d2:85:30:
         c8:2c:da:c7:33:b5:a6:9b:30:3a:00:be:a7:82:7c:5a:43:30:
         ea:ff:5a:9c:5c:ff:41:a4:03:e7:ee:5e:39:fe:f5:5f:06:1f:
         ae:d1:b6:85:03:1d:80:57:c0:4f:82:0e:c4:3d:da:a2:65:bf:
         f1:e1:30:ef:b6:3e:96:f0:2a:e3:00:ab:05:4a:fc:45:1a:94:
         db:78:e9:b1:05:c3:f4:1a:00:4e:f4:dd:01:ef:b6:34:34:d7:
         4d:4f:ea:10:9f:2c:c2:21:1a:2d:0e:8b:b5:00:0a:5a:94:6a:
         e7:3c:fb:97:78:cd:f4:22:6b:b3:33:04:d8:5a:e9:70:cf:da:
         64:c0:ba:f7:47:80:aa:51:fb:16:80:9b:c3:29:a8:d4:b9:c4:
         40:62:a7:b7:b0:e3:ac:93:a1:46:46:3c:a9:b1:f9:50:68:c5:
         f7:cb:f5:78:d6:8d:26:0e:86:df:df:7f:4a:ae:62:2d:92:3b:
         c0:a8:6b:91:11:11:c6:6b:21:85:6f:82:23:ef:1c:8c:65:55:
         0e:50:66:d7:ec:cd:bd:91:b9:b2:05:f9:a1:9a:34:d8:03:c5:
         43:f1:67:ac
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAWtnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODE2MTY1MjA1WhcNMjUwOTI3MTY1MjA1WjAYMRYw
FAYDVQQDEw02OGEwYjczYS00YTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA231o7F64WMcw6AmiaOSweY1iKu8xlBcV9RFQuhu61gW6eBBwkY75evpK
XTXpam7EZc3eKkuIZGZeA4pS/J48Qe4nzpJIJqY5icTnv6cIqWk4hiw8FIceVjwQ
/nzpzI6mdlB24Whmnrlw94vPS1C0Nqbo1Hrgx19hk1nk4FuBxnhMllcYqu8t9Mls
QLJWGaKDRiYhqC/gglNWgT21rml0oKE6Agpgpc+gHBLYcZ/i/MJC5YFyn1y46Y6U
wKUMZkHyjWZQCoo28o9oyGCpbSSuJJf+5neNzdM88EPr4CFPCBxy8Sodo+nnyfrl
Bp7se3BcMEugXhWufJCFKh8tyB0vGQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFCdT
brH0RSaGc02REWES1QW3hxY2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81OTNGQkYzODdBQzExMUYwOTIxQjlERjBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOowDQYJKoZIhvcNAQELBQAD
ggEBAF9CrVxhM15HM+Azbn9CL653/iG7icbo1wqPsaQVeIVE7NKFMMgs2scztaab
MDoAvqeCfFpDMOr/Wpxc/0GkA+fuXjn+9V8GH67RtoUDHYBXwE+CDsQ92qJlv/Hh
MO+2PpbwKuMAqwVK/EUalNt46bEFw/QaAE703QHvtjQ0101P6hCfLMIhGi0Oi7UA
ClqUauc8+5d4zfQia7MzBNha6XDP2mTAuvdHgKpR+xaAm8MpqNS5xEBip7ew46yT
oUZGPKmx+VBoxffL9XjWjSYOht/ff0quYi2SO8Coa5EREcZrIYVvgiPvHIxlVQ5Q
Ztfszb2RubIF+aGaNNgDxUPxZ6w=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:57:16 2025 by rpki-client