Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/49D5A066630711F0BD6047E1DAE4EC9C.roa
File:                     49D5A066630711F0BD6047E1DAE4EC9C.roa (raw, json)
Hash identifier:          9hJDFj18RCi+f5AYIxBcKZs6ksMqKfG78JVWW3Z/Fzs=
Subject key identifier:   B7:A0:78:C6:6A:32:91:27:64:14:10:B0:3E:82:68:D3:A4:36:5F:E1
Certificate issuer:       /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial:       018E22
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/49D5A066630711F0BD6047E1DAE4EC9C.roa
Signing time:             Thu 17 Jul 2025 12:12:21 +0000
ROA not before:           Thu 17 Jul 2025 12:12:15 +0000
ROA not after:            Wed 27 Aug 2025 12:12:15 +0000
asID:                     8796
IP address blocks:        154.219.96.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 23 Jul 2025 00:06:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 101922 (0x18e22)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
        Validity
            Not Before: Jul 17 12:12:15 2025 GMT
            Not After : Aug 27 12:12:15 2025 GMT
        Subject: CN=6878e8a5-9424
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:0c:fc:9d:cb:4f:c1:2c:cd:71:e0:f1:fb:8a:
                    96:9b:85:ea:61:8c:e5:cc:d8:8f:f6:46:fc:d0:a7:
                    97:77:05:41:22:b8:33:ce:3b:fc:5d:b8:a7:2f:dd:
                    a1:48:06:e0:69:81:94:c4:7f:03:25:ed:ac:4e:d6:
                    bf:6f:05:e3:d0:68:db:81:ca:fe:a4:16:8a:9a:40:
                    f8:64:26:8b:87:d2:b1:cb:da:e3:4a:7c:e4:bd:81:
                    ae:6d:81:7e:5c:a8:a9:1e:35:50:a2:93:d1:a4:87:
                    6f:e9:9e:f6:d3:3e:f5:d4:f8:42:59:0e:cf:6b:a0:
                    23:8a:99:6a:ec:90:99:06:74:e1:7c:d8:41:58:62:
                    1b:85:cd:bc:59:61:6e:c5:37:05:67:17:b9:d7:af:
                    11:48:60:9a:40:05:72:a9:17:13:21:3c:a3:1d:fa:
                    bd:b9:76:f4:a0:2a:cf:2e:16:1b:d8:73:19:9c:1c:
                    88:1c:af:35:8c:8f:57:4e:43:ab:22:3f:2f:50:3d:
                    28:e4:59:03:2d:49:ff:91:15:e2:d7:51:70:5d:64:
                    91:75:1f:07:ac:ca:1d:7c:b9:47:f1:01:92:7f:cb:
                    23:df:79:46:fe:f2:6a:5a:e2:90:c1:00:58:fe:15:
                    10:19:e8:a0:40:82:3a:48:35:1b:85:bb:5c:37:80:
                    45:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:A0:78:C6:6A:32:91:27:64:14:10:B0:3E:82:68:D3:A4:36:5F:E1
            X509v3 Authority Key Identifier:
                keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/49D5A066630711F0BD6047E1DAE4EC9C.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.219.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         d1:19:8d:88:4c:d5:cc:ae:de:dc:4e:99:7c:28:c5:5a:bb:54:
         dc:80:fb:ce:75:44:19:c1:2f:e2:9f:f4:91:a3:c4:b6:c7:6f:
         99:48:f8:81:ba:c9:ef:49:64:c9:f3:84:a6:42:37:74:63:d7:
         dd:7f:92:ae:4b:1b:f5:ad:45:b5:77:89:63:2e:02:60:79:1d:
         43:c5:02:8d:f5:63:f2:f1:28:66:bb:96:76:af:da:39:f2:d3:
         f4:6b:3b:3a:4b:6a:55:af:1d:50:2d:0d:f7:29:cd:b5:d1:2e:
         83:6e:15:b1:ae:00:01:bc:a3:5a:0c:bb:b9:d8:60:f6:89:4b:
         15:11:e0:85:59:69:ea:06:88:be:ef:fd:b8:e3:d8:44:a3:81:
         d4:19:17:c5:38:fd:e2:be:2e:b0:a3:fd:57:40:e0:a6:87:9b:
         12:a6:ea:87:08:07:63:9c:8e:de:90:1e:6e:c9:16:e9:9f:1d:
         14:a0:d1:81:1d:6c:6d:6e:27:a2:3b:21:a1:55:b2:3c:ac:ef:
         b4:fc:4c:68:79:0b:f0:d1:a7:0b:dd:74:7a:82:09:7c:40:f7:
         55:85:2b:68:9d:8b:22:c0:ab:b4:0e:a9:dd:46:ca:23:11:db:
         eb:83:d9:78:b0:e4:fa:e7:92:83:b7:d7:4f:e2:37:a5:60:f6:
         7b:7a:c8:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAY4iMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzE3MTIxMjE1WhcNMjUwODI3MTIxMjE1WjAYMRYw
FAYDVQQDEw02ODc4ZThhNS05NDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Qz8nctPwSzNceDx+4qWm4XqYYzlzNiP9kb80KeXdwVBIrgzzjv8Xbin
L92hSAbgaYGUxH8DJe2sTta/bwXj0Gjbgcr+pBaKmkD4ZCaLh9Kxy9rjSnzkvYGu
bYF+XKipHjVQopPRpIdv6Z720z711PhCWQ7Pa6Ajiplq7JCZBnThfNhBWGIbhc28
WWFuxTcFZxe5168RSGCaQAVyqRcTITyjHfq9uXb0oCrPLhYb2HMZnByIHK81jI9X
TkOrIj8vUD0o5FkDLUn/kRXi11FwXWSRdR8HrModfLlH8QGSf8sj33lG/vJqWuKQ
wQBY/hUQGeigQII6SDUbhbtcN4BF0wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFLeg
eMZqMpEnZBQQsD6CaNOkNl/hMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80OUQ1QTA2NjYzMDcxMUYwQkQ2MDQ3RTFEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQDRGY2ITNXMrt7cTpl8KMVau1TcgPvOdUQZwS/in/SRo8S2x2+ZSPiB
usnvSWTJ84SmQjd0Y9fdf5KuSxv1rUW1d4ljLgJgeR1DxQKN9WPy8Shmu5Z2r9o5
8tP0azs6S2pVrx1QLQ33Kc210S6DbhWxrgABvKNaDLu52GD2iUsVEeCFWWnqBoi+
7/2449hEo4HUGRfFOP3ivi6wo/1XQOCmh5sSpuqHCAdjnI7ekB5uyRbpnx0UoNGB
HWxtbieiOyGhVbI8rO+0/ExoeQvw0acL3XR6ggl8QPdVhStonYsiwKu0DqndRsoj
Edvrg9l4sOT655KDt9dP4jelYPZ7esjE
-----END CERTIFICATE-----