Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3D790A43F1311F19080A5D3CE1D38B0.roa
File:                     A3D790A43F1311F19080A5D3CE1D38B0.roa (raw, json)
Hash identifier:          qrOldxHi2uk5z5FVYDk7y1+Lz7t28nYMEZe+TkooaYU=
Subject key identifier:   8B:D1:8E:81:8E:20:C3:A6:BA:20:B0:BF:EB:A1:34:06:4F:D1:3A:8B
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       01AEB3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3D790A43F1311F19080A5D3CE1D38B0.roa
Signing time:             Thu 23 Apr 2026 12:55:01 +0000
ROA not before:           Thu 23 Apr 2026 12:54:55 +0000
ROA not after:            Thu 28 May 2026 12:54:55 +0000
asID:                     274882
IP address blocks:        45.198.162.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 15 May 2026 00:26:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 110259 (0x1aeb3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 23 12:54:55 2026 GMT
            Not After : May 28 12:54:55 2026 GMT
        Subject: CN=69ea16a5-f4b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:36:c2:46:f0:53:17:68:61:08:d9:af:67:6c:
                    3b:a6:75:d4:be:a3:d4:c4:9f:8f:55:35:d7:07:bf:
                    8e:03:0a:07:48:7d:c1:e5:7a:55:7d:1f:05:62:39:
                    e8:cd:b5:9f:aa:97:43:58:f2:43:fa:f8:ac:00:4a:
                    cf:f5:65:f8:77:84:b9:2e:51:ac:ce:32:4c:ca:82:
                    e4:87:8c:93:9b:86:cc:4c:6d:88:84:42:1e:83:19:
                    f6:fd:6a:c8:20:14:f7:0e:ff:f9:24:a5:b7:bd:62:
                    7f:76:17:2c:5f:14:43:da:20:bd:c1:ab:91:66:f0:
                    eb:b0:c8:58:ff:9b:f3:89:a3:9e:ed:4b:42:09:ed:
                    5a:87:70:4d:6e:bf:94:e7:e0:54:22:c8:e1:2e:e8:
                    d2:0f:28:ba:17:2b:34:bf:40:db:d8:6d:5c:6d:b2:
                    de:46:85:2d:e2:0b:bd:62:9d:00:51:f0:8e:38:dc:
                    6e:e9:31:6e:2d:33:a7:6b:e1:17:ba:22:d1:74:61:
                    12:36:3f:d7:1d:f1:a3:fc:99:1c:a4:6b:cd:de:25:
                    9b:01:50:41:a9:19:7d:01:ae:7d:e4:2a:38:6d:e8:
                    94:9a:3e:58:c1:a5:d6:5b:57:a7:9b:95:bc:36:9b:
                    86:97:2a:d4:11:d0:d1:54:ec:08:a7:ea:9b:50:51:
                    d4:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:D1:8E:81:8E:20:C3:A6:BA:20:B0:BF:EB:A1:34:06:4F:D1:3A:8B
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3D790A43F1311F19080A5D3CE1D38B0.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.198.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:6f:a0:6c:ee:b2:e7:81:d2:a1:33:34:db:f6:aa:06:a8:65:
         c5:e2:6e:0d:5e:44:48:33:b7:85:c2:df:82:28:5e:29:4c:16:
         17:0d:b7:d6:ac:9e:66:c8:59:b7:35:66:6e:1e:98:74:35:c4:
         0d:0e:3b:7a:e3:8f:b3:70:70:07:d2:c7:35:99:4d:90:bd:f0:
         49:bf:e6:d6:ad:2b:55:b2:39:3e:fd:98:b8:75:c9:d6:e2:c3:
         56:4b:9a:ce:99:27:4b:ec:8e:25:b5:6c:2f:99:20:20:33:42:
         bb:80:05:96:03:7c:e4:86:8d:3b:97:9c:51:6d:87:29:dd:ab:
         8b:82:18:98:eb:1f:90:19:98:b3:32:ff:ea:94:57:69:80:3a:
         32:1e:9c:a1:30:d8:31:df:d3:95:f5:30:a8:ce:8b:25:1d:b5:
         96:5d:dd:f3:a0:29:8f:97:ef:af:25:77:42:9b:fc:52:0c:62:
         c8:98:40:20:ea:cc:3a:01:f4:1c:06:fe:65:cf:ec:30:a7:79:
         45:e8:26:c2:d1:d8:95:d3:be:2c:47:a2:f6:84:7e:b5:cf:06:
         07:ae:a4:a3:67:f7:7b:0b:39:5b:55:fd:b0:be:71:f7:5d:fb:
         a6:9b:95:ba:91:e6:36:32:e7:7c:18:e4:02:ec:34:5c:3e:c5:
         72:03:7b:28
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAa6zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjYwNDIzMTI1NDU1WhcNMjYwNTI4MTI1NDU1WjAYMRYw
FAYDVQQDEw02OWVhMTZhNS1mNGI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0DbCRvBTF2hhCNmvZ2w7pnXUvqPUxJ+PVTXXB7+OAwoHSH3B5XpVfR8F
YjnozbWfqpdDWPJD+visAErP9WX4d4S5LlGszjJMyoLkh4yTm4bMTG2IhEIegxn2
/WrIIBT3Dv/5JKW3vWJ/dhcsXxRD2iC9wauRZvDrsMhY/5vziaOe7UtCCe1ah3BN
br+U5+BUIsjhLujSDyi6Fys0v0Db2G1cbbLeRoUt4gu9Yp0AUfCOONxu6TFuLTOn
a+EXuiLRdGESNj/XHfGj/JkcpGvN3iWbAVBBqRl9Aa595Co4beiUmj5YwaXWW1en
m5W8NpuGlyrUEdDRVOwIp+qbUFHUDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIvR
joGOIMOmuiCwv+uhNAZP0TqLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BM0Q3OTBBNDNGMTMxMUYxOTA4MEE1RDNDRTFEMzhCMC5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcaiMA0GCSqGSIb3DQEBCwUA
A4IBAQCQb6Bs7rLngdKhMzTb9qoGqGXF4m4NXkRIM7eFwt+CKF4pTBYXDbfWrJ5m
yFm3NWZuHph0NcQNDjt644+zcHAH0sc1mU2QvfBJv+bWrStVsjk+/Zi4dcnW4sNW
S5rOmSdL7I4ltWwvmSAgM0K7gAWWA3zkho07l5xRbYcp3auLghiY6x+QGZizMv/q
lFdpgDoyHpyhMNgx39OV9TCozoslHbWWXd3zoCmPl++vJXdCm/xSDGLImEAg6sw6
AfQcBv5lz+wwp3lF6CbC0diV074sR6L2hH61zwYHrqSjZ/d7CzlbVf2wvnH3Xfum
m5W6keY2Mud8GOQC7DRcPsVyA3so
-----END CERTIFICATE-----