Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/8F66F9F2625011F093EF34AEDAE4EC9C.roa
File:                     8F66F9F2625011F093EF34AEDAE4EC9C.roa (raw, json)
Hash identifier:          azeXExxPadQBtZQAbA3QmCVU3GUpPn3GgN81W/kzNws=
Subject key identifier:   85:F6:76:5B:75:05:50:FA:2E:63:6D:BC:C1:4B:CF:02:81:CC:89:8D
Certificate issuer:       /CN=F367DFA4AF/serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
Certificate serial:       0727
Authority key identifier: 97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/8F66F9F2625011F093EF34AEDAE4EC9C.roa
Signing time:             Wed 16 Jul 2025 14:24:19 +0000
ROA not before:           Wed 16 Jul 2025 14:24:15 +0000
ROA not after:            Fri 17 Jul 2026 14:24:15 +0000
asID:                     60171
IP address blocks:        102.177.157.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 24 Jul 2025 00:29:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1831 (0x727)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367DFA4AF, serialNumber=97C90E25212D887CF9E1DE6FDDF551BA812FA139
        Validity
            Not Before: Jul 16 14:24:15 2025 GMT
            Not After : Jul 17 14:24:15 2026 GMT
        Subject: CN=6877b613-b021
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:4a:aa:a3:e6:b8:65:e9:3f:4a:2a:b8:d9:64:
                    f9:fc:73:1d:a3:03:dc:ee:a3:6d:4b:97:d1:fa:1a:
                    df:fd:fb:a8:7b:24:a9:9a:14:87:9c:e6:eb:55:03:
                    6d:f4:56:15:66:e3:d4:c6:5c:00:80:9a:6c:cc:70:
                    0b:f7:f2:c8:e9:e6:9e:68:fb:58:07:ac:d3:27:da:
                    6c:6e:6e:b8:3b:a4:a8:3a:9f:cf:c3:ec:e6:30:7b:
                    c5:ca:b5:e4:e1:db:ff:0d:1c:38:4e:89:81:33:5a:
                    70:59:f5:d2:df:11:23:80:e2:99:f1:93:d1:f4:ca:
                    44:20:5f:57:16:b9:4d:d0:fe:6d:06:e8:c2:b6:3e:
                    8d:d9:e6:a8:7f:ac:e9:16:a8:5a:a6:be:df:37:bd:
                    40:a4:de:ea:2c:87:ce:79:67:f1:c1:ba:b9:07:ba:
                    b6:c2:8a:55:7b:ef:b2:35:d0:f7:ad:a0:d3:15:f1:
                    f5:3b:58:e4:f3:a8:81:92:73:58:cf:41:84:a6:a3:
                    82:57:35:10:33:2a:da:88:8c:27:ae:1c:af:1a:5d:
                    20:a8:b2:53:96:c0:24:eb:3a:08:88:82:66:b5:9a:
                    66:e4:cc:32:1c:48:fb:7e:fc:36:cc:70:7c:c4:f7:
                    f0:c6:c8:69:f9:a5:cf:3f:84:51:34:51:b2:c9:36:
                    07:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:F6:76:5B:75:05:50:FA:2E:63:6D:BC:C1:4B:CF:02:81:CC:89:8D
            X509v3 Authority Key Identifier:
                keyid:97:C9:0E:25:21:2D:88:7C:F9:E1:DE:6F:DD:F5:51:BA:81:2F:A1:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/l8kOJSEtiHz54d5v3fVRuoEvoTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/l8kOJSEtiHz54d5v3fVRuoEvoTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367DFA4/08B8D82093AC11EBB1D2A832F8AEA228/8F66F9F2625011F093EF34AEDAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.177.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:4f:c9:62:8f:28:8c:4e:dd:a4:1f:0b:ae:cb:2b:bc:1d:d2:
         5d:94:a1:d4:46:a9:c4:a5:f0:6a:f2:72:17:38:bd:88:d0:35:
         c3:b5:00:b8:df:d5:3a:63:d4:9e:a5:c7:3e:d8:67:c2:e9:55:
         01:08:7b:d0:7c:25:b9:91:a8:20:6a:d9:05:33:20:b7:5a:97:
         6c:35:5c:38:36:8e:52:45:e0:e2:fe:cc:dc:45:7b:35:06:1c:
         1b:74:fd:1c:64:08:90:41:d6:9b:f4:c3:f9:8f:ff:f1:eb:0b:
         4f:0b:54:5f:14:f8:a5:ce:fe:e5:ac:68:3e:6b:5f:e5:f8:e9:
         f0:56:0d:fb:3d:15:68:51:78:1a:71:a0:5f:80:c4:42:4c:da:
         ff:ec:3c:76:3f:bb:94:62:6f:ba:ad:4a:9f:24:54:fb:4c:47:
         0e:07:0f:c4:4c:7a:b6:40:8e:15:16:83:62:67:c8:1e:ae:f6:
         3f:fb:9c:61:10:89:d0:04:7d:1a:e7:b9:cc:90:83:59:1a:c3:
         85:5d:b6:63:01:93:a2:2e:a5:14:93:20:45:a7:eb:50:17:20:
         b8:41:4f:29:fe:ac:07:42:16:cb:bc:d6:fa:f0:64:88:59:ef:
         cb:f7:cb:74:64:ab:a6:c8:f0:49:61:c1:fd:9d:3f:9c:25:5e:
         d3:b6:f6:14
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBycwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0RGQTRBRjExMC8GA1UEBRMoOTdDOTBFMjUyMTJEODg3Q0Y5RTFERTZGRERGNTUx
QkE4MTJGQTEzOTAeFw0yNTA3MTYxNDI0MTVaFw0yNjA3MTcxNDI0MTVaMBgxFjAU
BgNVBAMTDTY4NzdiNjEzLWIwMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDHSqqj5rhl6T9KKrjZZPn8cx2jA9zuo21Ll9H6Gt/9+6h7JKmaFIec5utV
A230VhVm49TGXACAmmzMcAv38sjp5p5o+1gHrNMn2mxubrg7pKg6n8/D7OYwe8XK
teTh2/8NHDhOiYEzWnBZ9dLfESOA4pnxk9H0ykQgX1cWuU3Q/m0G6MK2Po3Z5qh/
rOkWqFqmvt83vUCk3uosh855Z/HBurkHurbCilV777I10PetoNMV8fU7WOTzqIGS
c1jPQYSmo4JXNRAzKtqIjCeuHK8aXSCoslOWwCTrOgiIgma1mmbkzDIcSPt+/DbM
cHzE9/DGyGn5pc8/hFE0UbLJNgfVAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhfZ2
W3UFUPouY228wUvPAoHMiY0wHwYDVR0jBBgwFoAUl8kOJSEtiHz54d5v3fVRuoEv
oTkwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4QUVBMjI4L2w4a09K
U0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2w4a09KU0V0aUh6NTRkNXYzZlZSdW9Fdm9Uay5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdERkE0LzA4QjhEODIwOTNBQzExRUJCMUQyQTgzMkY4
QUVBMjI4LzhGNjZGOUYyNjI1MDExRjA5M0VGMzRBRURBRTRFQzlDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABmsZ0wDQYJKoZIhvcNAQEL
BQADggEBAExPyWKPKIxO3aQfC67LK7wd0l2UodRGqcSl8Grychc4vYjQNcO1ALjf
1Tpj1J6lxz7YZ8LpVQEIe9B8JbmRqCBq2QUzILdal2w1XDg2jlJF4OL+zNxFezUG
HBt0/RxkCJBB1pv0w/mP//HrC08LVF8U+KXO/uWsaD5rX+X46fBWDfs9FWhReBpx
oF+AxEJM2v/sPHY/u5Rib7qtSp8kVPtMRw4HD8RMerZAjhUWg2JnyB6u9j/7nGEQ
idAEfRrnucyQg1kaw4VdtmMBk6IupRSTIEWn61AXILhBTyn+rAdCFsu81vrwZIhZ
78v3y3Rkq6bI8Elhwf2dP5wlXtO29hQ=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:50:19 2025 by rpki-client